Problem with apache virtual host in new fedora 12 installation
Daniel J Walsh
dwalsh at redhat.com
Thu Mar 11 13:19:56 UTC 2010
On 03/10/2010 07:39 PM, Steven Stern wrote:
> On 03/10/2010 06:30 PM, Richard Cahilig wrote:
>
>> Yes. The user apache able to access /home/user. I even tried to changed
>> the owership to user apache and group apache but I still have error 403.
>>
>> On Thu, Mar 11, 2010 at 8:08 AM, Steven Stern
>> <subscribed-lists at sterndata.com<mailto:subscribed-lists at sterndata.com>>
>> wrote:
>>
>> On 03/10/2010 05:25 PM, Richard Cahilig wrote:
>> > Its stange because I don't have any .htacces file. What I have
>> inside my
>> > web directory is a single index.html file and its permission is
>> 777. The
>> > user home directory is already world executable by default.
>> >
>> >
>> > On Thu, Mar 11, 2010 at 7:15 AM, Craig White
>> <craigwhite at azapple.com<mailto:craigwhite at azapple.com>
>> > <mailto:craigwhite at azapple.com<mailto:craigwhite at azapple.com>>>
>> wrote:
>> >
>> > On Thu, 2010-03-11 at 06:55 +0800, Richard Cahilig wrote:
>> > > Hi,
>> > >
>> > > I have problem with my new apache virtual host setup in my
>> fedora 12
>> > > server. I can't access it in the browser and I am receiving
>> error 403.
>> > > Please see the error below in my error_log.
>> > >
>> > > [Thu Mar 11 14:24:40 2010] [crit] [client 127.0.0.1]
>> > > (13)Permission denied: /home/user/.htaccess
>> pcfg_openfile:
>> > > unable to check htaccess file, ensure it is readable
>> > > [Thu Mar 11 14:24:45 2010] [crit] [client 127.0.0.1]
>> > > (13)Permission denied: /home/user/.htaccess
>> pcfg_openfile:
>> > > unable to check htaccess file, ensure it is readable
>> > > [Thu Mar 11 14:24:48 2010] [crit] [client 127.0.0.1]
>> > > (13)Permission denied: /home/user/.htaccess
>> pcfg_openfile:
>> > > unable to check htaccess file, ensure it is readable
>> > >
>> > > I already disabled se linux and change the ownership of the
>> > > "/home/user/public_html" directory to user "user" and group
>> "user". I
>> > > also change the file permission to 777 but I'm still having
>> error 403.
>> > > Please see my virtual host config below:
>> > >
>> > > NameVirtualHost *:80
>> > > <VirtualHost *:80>
>> > > ServerAdmin root at localhost
>> > > DocumentRoot /home/user/public_html
>> > > ServerName example.com<http://example.com>
>> <http://example.com>
>> > > ServerAlias www.example.com
>> <http://www.example.com> <http://www.example.com>
>> > > ErrorLog /home/user/logs/error_log
>> > > CustomLog /home/user/logs/access_log common
>> > > <Directory /home/user/public_html">
>> > > Options Indexes FollowSymLinks
>> > > AllowOverride None
>> > > Order allow,deny
>> > > Allow from all
>> > > </Directory>
>> > > </VirtualHost>
>> > >
>> > > Please help me. I don't know what seems to be the problem.
>> > ----
>> > seems pretty clear from the error...
>> >
>> > Permission denied: /home/user/.htaccess pcfg_openfile: unable
>> to check
>> > htaccess file, ensure it is readable
>> >
>> > Given your intention to run without any security whatsoever,
>> you might
>> > as well just do...
>> >
>> > chmod 777 /home/user/.htaccess
>> >
>> > I hope that you don't intend to make this accessible to the
>> Internet.
>> >
>> > Craig
>> >
>> >
>>
>> But is the user "apache" able to access /home/user? Probably not.
>> --
>> users mailing list
>> users at lists.fedoraproject.org<mailto:users at lists.fedoraproject.org>
>> To unsubscribe or change subscription options:
>> https://admin.fedoraproject.org/mailman/listinfo/users
>> Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
>>
>>
>>
> I'm a firm believer that, after some time, pounding one's head against
> the wall is pointless.
>
> Why not change the DocumentRoot to /var/www/user and give apache:user
> access to /var/www/user?
>
> mkdir /var/www/user
> chown apache:user /var/www/user
> cd /home/user
> ln -s /var/www/user pubic_html
>
> That way, the files are easily accessible to "user" and the files are
> really in a place that httpd and selinux are happy with.
>
>
>
>
You can also set the file context for it by using semanage fcontext
man httpd_selinux
# semanage fcontext -a -t httpd_sys_content_rw_t '/home/user(/.*)?'
# restorecon -R -v /home/user
This should set up the directory as read/writable by httpd, as far as
SELinux is concerned.
More information about the users
mailing list