httpd access problems

Manuel Aróstegui manuel at todo-linux.com
Sun Oct 26 11:19:36 UTC 2008 

El dom, 26-10-2008 a las 05:00 -0400, Gene Heskett escribió:
> Greetings all;
> 
> I note just now that logwatch reports this:
> 
>  --------------------- httpd Begin ------------------------ 
> 
>  
>  Requests with error response codes
>     403 Forbidden
>        /: 1 Time(s)
>        /gene/nitros9/level2/cc3io.dis: 1 Time(s)
>        /gene/nitros9/level2/cc3io_l51.ng: 1 Time(s)
>        /gene/nitros9/level2/cc3io_l51.ng.list: 1 Time(s)
>        /gene/nitros9/level2/cc3io_l51_191l.list: 1 Time(s)
>        /gene/nitros9/level2/cc3io_l52: 1 Time(s)
>        /gene/nitros9/level2/cc3io_l52_191l: 1 Time(s)
>        /gene/nitros9/level2/cc3io_m51.mine: 1 Time(s)
>        /gene/nitros9/level2/cc3io_m51.mine.list: 1 Time(s)
>        /gene/nitros9/level2/cc3io_m52: 1 Time(s)
>        /gene/nitros9/level2/cc3io_m52_191l: 1 Time(s)
>        /gene/nitros9/level2/dbgmouse: 1 Time(s)
>        /gene/nitros9/level2/smouseM51_L51.updt: 1 Time(s)
> 
> Indicating that someone tried to read those files, which they should be able 
> to, but were refused permissions.  The directory 'nitros9' is a softlink 
> from /var/www/html/gene/nitros9 to that directory in /opt, which has these 
> permissions:
> [root at coyote logrotate.d]# ls -l --lcontext /var/www/html/gene
> total 36
> drwxr-xr-x 2 system_u:object_r:httpd_sys_content_t:s0 apache apache 4096 
> 2008-09-28 14:09 emc
> lrwxrwxrwx 1 system_u:object_r:httpd_sys_content_t:s0 apache apache   19 
> 2008-07-20 08:51 Garage-pix -> /usr/pix/Garage-pix
> lrwxrwxrwx 1 system_u:object_r:httpd_sys_content_t:s0 apache apache   12 
> 2008-06-20 11:01 nitros9 -> /opt/nitros9
> drwxr-xr-x 2 system_u:object_r:httpd_sys_content_t:s0 apache apache 4096 
> 2008-10-10 07:56 pix
> drwxr-xr-x 2 system_u:object_r:httpd_sys_content_t:s0 apache apache 4096 
> 2008-04-08 09:48 txpix
> lrwxrwxrwx 1 system_u:object_r:httpd_sys_content_t:s0 root   root     18 
> 2008-10-15 21:49 WorkBench -> /usr/pix/WorkBench
> 
> All the files that are referenced in the 403 no perms are owned by the user I 
> must be in order to make cvs write access work.  And that user is his own 
> group also.

Is /opt readable for the apache user?

Manuel.

-- 
Manuel Arostegui Ramirez.

Electronic Mail is not secure, might not be read every day, and should not
be used for urgent or sensitive issues.

More information about the users mailing list