Hi,
I'm currently setting up a local LAMP server to test various apps.
Starting from the out-of-the-box configuration of Apache, I test it, and it's OK: http://localhost shows Apache's default page OK in Firefox.
Now I edit /etc/httpd/conf/httpd.conf and replace 'UserDir disabled' by 'UserDir public_html'.
I restart Apache.
Then, as a normal user (kikinovak):
$ cd $ mkdir public_html
I edit a basic index.html file, then put it into this directory.
I open Firefox at http://localhost/~kikinovak/
... and I get the following error message:
Forbidden
You don't have permission to access /~kikinovak/ on this server. Apache/2.2.3 (CentOS) Server at localhost Port 80
Q: what did I do wrong? (I've done this successfully on Slackware and Debian before)
Any suggestions?
Niki
Hi Niki,
On Sun, 2007-06-10 at 12:17 +0200, Niki Kovacs wrote:
I open Firefox at http://localhost/~kikinovak/
... and I get the following error message:
Forbidden
You don't have permission to access /~kikinovak/ on this server. Apache/2.2.3 (CentOS) Server at localhost Port 80
Q: what did I do wrong? (I've done this successfully on Slackware and Debian before)
Probably two things:
* Apache needs directory access permissions (x) on each path component in /home/kikinovak/public_html. They are probably missing on /home/kikinovak:
chmod +x /home/kikinovak
I'll let you think about the security implications ;).
* If you are using SELinux, you need to make sure the right context is set for /home/kikinovak/public_html. You can see the current context with "ls -Z", e.g.:
--- $ ls -dZ public_html drwxrwxr-x daniel daniel user_u:object_r:user_home_t public_html ---
You can set the proper context (httpd_sys_content_t or httpd_user_content_t) with chcon:
--- chcon -R -t httpd_sys_content_t public_html ---
or restorecon (since this directory should already be in the predefined contexts):
/sbin/restorecon -R public_html
-- Daniel
Probably two things:
- Apache needs directory access permissions (x) on each path component
in /home/kikinovak/public_html. They are probably missing on /home/kikinovak:
chmod +x /home/kikinovak
Another way could be using ACL on the filesystem and allow Apache's user r-x permission on users' directory. setfacl -m u:apache:r-x /home/user
I'll let you think about the security implications ;).
Always think about it.
Daniel de Kok a écrit :
- Apache needs directory access permissions (x) on each path component
in /home/kikinovak/public_html. They are probably missing on /home/kikinovak:
chmod +x /home/kikinovak
Thanks! That did the trick!
- If you are using SELinux, <snip>
No, I deactivated it.
Cheers,
Niki
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
On 6/11/07, Daniel de Kok danieldk@pobox.com wrote:
Baaaaad :/.
Sounds like Daniel's scolding a sheep or something there....
-
Cleber P. de Souza -
Daniel de Kok -
Jim Perrin -
Niki Kovacs