On 12/28/2016 04:16 AM, Robert Moskowitz wrote: > > > On 12/27/2016 08:20 PM, John Fawcett wrote: >> On 12/28/2016 01:43 AM, John Fawcett wrote: >>> On 12/28/2016 01:12 AM, Robert Moskowitz wrote: >>>> On 12/27/2016 07:06 PM, John Fawcett wrote: >>>>> On 12/28/2016 12:34 AM, Robert Moskowitz wrote: >>>>>> On 12/27/2016 05:44 PM, John Fawcett wrote: >>>>>>> That error should be caused by having MultiViews options but >>>>>>> incorrect >>>>>>> permissions (711 instead of 755) on the directory. >>>>>> I just did chmod -R 755 /home/rgm/public_html and no change in >>>>>> behavior. >>>>>> >>>>>> Even tried chmod -R 755 /home/rgm >>>>> Are you actually using MultiViews? If you don't need that option, >>>>> maybe >>>>> the easiest thing is to take it out and see if the error message >>>>> changes. >>>> I am using the default conf file for userdir. >>>> >>>> /etc/httpd/conf.d/userdir.conf >>>> >>>> So I deleted Multiviews and now the error is: >>>> >>>> [Tue Dec 27 19:09:31.013176 2016] [autoindex:error] [pid 2138] >>>> (13)Permission denied: [client 192.168.160.12:55762] AH01275: Can't >>>> open directory for index: /home/rgm/public_html/family/ >>>> >>>> >>>> ____ >>> I know this is not going to help, but that error means that apache does >>> not have access to read the directory /home/rgm/public_html/family/. >>> That doesn't really fit with the rest of the evidence, that you have >>> chmod 755 everything from /home/rgm/public_html downwards and that >>> apache can read specific files from /home/rgm/public_html. >>> John >>> _______________________________________________ >>> CentOS mailing list >>> CentOS at centos.org >>> https://lists.centos.org/mailman/listinfo/centos >> Here is a small test program that you can use to check the permissions. >> >> You can compile it with: >> >> cc -o test test.c > > This is on Centos7-arm, so I will have to install all the build stuff, > and hopefully won't take too long to compile.... > > Tomorrow most likely. > > > >> >> then run it with: >> >> ./test apache /home/rgm/public_html/family/ >> >> where apache is the name of the user that your web server runs under >> (check it with ps -ef | grep http). You should run it as root (or from >> sudo). >> >> John >> >> ------test.c------- >> >> #include <pwd.h> >> #include <stdio.h> >> #include <stdlib.h> >> #include <unistd.h> >> #include <errno.h> >> #include <sys/types.h> >> #include <dirent.h> >> >> int >> main(int argc, char *argv[]) >> { >> struct passwd pwd; >> struct passwd *result; >> char *buf; >> size_t bufsize; >> int s; >> >> if (argc != 3) { >> fprintf(stderr, "Usage: %s username directory\n", argv[0]); >> exit(EXIT_FAILURE); >> } >> >> bufsize = sysconf(_SC_GETPW_R_SIZE_MAX); >> if (bufsize == -1) /* Value was indeterminate */ >> bufsize = 16384; /* Should be more than enough */ >> >> buf = malloc(bufsize); >> if (buf == NULL) { >> perror("malloc"); >> exit(EXIT_FAILURE); >> } >> >> s = getpwnam_r(argv[1], &pwd, buf, bufsize, &result); >> if (result == NULL) { >> if (s == 0) >> printf("Not found\n"); >> else { >> errno = s; >> perror("getpwnam_r"); >> } >> exit(EXIT_FAILURE); >> } >> >> printf("Name: %s; UID: %ld GID: %ld\n", pwd.pw_gecos, (long) >> pwd.pw_uid, (long) pwd.pw_gid); >> >> /* process is running as root, drop privileges */ >> >> if (getuid() == 0) { >> if (setgid(pwd.pw_gid) != 0) { >> perror("setgid: Unable to drop group privileges"); >> exit(EXIT_FAILURE); >> } >> if (setuid(pwd.pw_uid) != 0) { >> perror("setuid: Unable to drop user privileges"); >> exit(EXIT_FAILURE); >> } >> printf("dropped privileges\n"); >> } else { >> errno = ENOTSUP; >> perror("process is not running as root cannot change user\n"); >> exit(EXIT_FAILURE); >> } >> >> /* check privileges really dropped */ >> >> if (setuid(0) != -1) { >> errno = ENOTSUP; >> perror("ERROR: Managed to regain root privileges"); >> exit(EXIT_FAILURE); >> } >> >> /* open directory */ >> >> DIR * d; >> d = opendir(argv[2]); >> printf("Attempting to open directory %s\n",argv[2]); >> if (d == NULL) { >> perror("Error opening directory"); >> exit(EXIT_FAILURE); >> } else { >> printf("Success opening directory %s\n",argv[2]); >> } >> exit(EXIT_SUCCESS); >> } >> >> >> _______________________________________________ >> CentOS mailing list >> CentOS at centos.org >> https://lists.centos.org/mailman/listinfo/centos >> > > _______________________________________________ > CentOS mailing list > CentOS at centos.org > https://lists.centos.org/mailman/listinfo/centos I'm not sure if it is worth installing a build system just for this unless you need it for other stuff. Maybe other lines of investigation will bring up something. John