I'm attempting to install Hobbit and at the point of web access via Apache.
The error_log states:
(13)Permission denied: access to /hobbit denied
I've tried a number of things and am still getting this:
1) /hobbit is located in /home/hobbit/server/www
2) Made sure all files are in the apache group
3) I've even chcon the files to httpd_sys_content_t
Does CentOs 4.3 have SELinux enabled as shipped? (I'm not producing any files in /var/log/audit) (How do you tell if it's active?)
Frank M. Ramaekers Jr. mailto:FRamaekers@AILife.com
Systems Programmer; MCP, MCP+I, MCSE & RHCE
American Income Life Insurance Company
Phone: (254) 761-6649 Fax: (254) 741-5777
Murphy's Second Law: Everything takes longer than you think.
---------------------------------------- This message contains information which is privileged and confidential and is solely for the use of the intended recipient. If you are not the intended recipient, be aware that any review, disclosure, copying, distribution, or use of the contents of this message is strictly prohibited. If you have received this in error, please destroy it immediately and notify us at PrivacyAct@ailife.com.
On Wed, 2006-04-19 at 08:24 -0500, Frank M. Ramaekers wrote:
I’m attempting to install Hobbit and at the point of web access via Apache.
The error_log states:
(13)Permission denied: access to /hobbit denied
I’ve tried a number of things and am still getting this:
/hobbit is located in /home/hobbit/server/wwwMade sure all files are in the apache groupI’ve even chcon the files to httpd_sys_content_tDoes CentOs 4.3 have SELinux enabled as shipped? (I’m not producing any files in /var/log/audit) (How do you tell if it’s active?)
edit the file:
/etc/sysconfig/selinux and set per the instructions there. If changes are needed, reboot the machine.
The directory (and all others up the path to /) need to have:
rwxr-xr-x permissions ... and the files inside the directory need:
rw-r--r--
cgi files need rwxr-xr-x
If the owner and group of the files and/or the directory are the apache user and group ...then the last 3 can be --- for all the above permissions.
so...
rw-r-----
and rwxr-x---
etc.
On 4/19/06, Frank M. Ramaekers FRamaekers@ailife.com wrote:
/hobbit is located in /home/hobbit/server/www
Does apache have access to this location through normal permissions? Is your alias for /hobbit set up correctly?
I've even chcon the files to httpd_sys_content_t
This has to be done on more than just the files. It has to follow the whole path. Under default selinux rules, apache cannot access / so it can't get to /home to even begin looking.
Does CentOs 4.3 have SELinux enabled as shipped? (I'm not producing any files in /var/log/audit) (How do you tell if it's active?)
Yes, selinux is enabled by default on RHEL4 and CentOS4, unless you disable it during install. To tell if it's active use the command 'getsebool'. It'll tell you if it's enabled and what type of policy it's using (enforcing or permissive). Messages only log to /var/log/audit if auditd is running, otherwise it logs in /var/log/messages. Check there for AVC messages.
This message contains information which is privileged and confidential and is solely for the use of the intended recipient. If you are not the intended recipient, be aware that any review, disclosure, copying, distribution, or use of the contents of this message is strictly prohibited. If you have received this in error, please destroy it immediately and notify us at PrivacyAct@ailife.com."
Privileged you say? On a mailing list huh... I think not. These things are cute, but have no actual value. </mini-rant>
-- Any sufficiently advanced technology is indistinguishable from magic. -Arthur C. Clarke
-
Frank M. Ramaekers -
Jim Perrin -
Johnny Hughes