How gain access to DocumentRoot contents of Apache-httpd through a Web browser which is set to point to the Home folder of the User?

Varuna Seneviratna varunaseneviratna at gmail.com
Thu Apr 14 10:29:13 UTC 2011 

On 14 April 2011 15:42, Bryn M. Reeves <bmr at redhat.com> wrote:
> On 04/14/2011 11:06 AM, Bryn M. Reeves wrote:
>> On 04/14/2011 10:39 AM, Varuna Seneviratna wrote:
>>> When I try to Access the DocumentRoot which is /home/<User
>>> Name>/public_html by typing http://localhost I get a 403 Forbidden
>>> Page.What should I do gain Access to DocumentRoot Contents?
>>
>> If you're getting a 403 then something is denying the web server access to those
>> paths. If you have set the directory permissions correctly (iirc you need other
>> execute on the home directory (search permission) and other read/execute on the
>> public_html directory and its subdirectories) the you may need to set up SELinux
>> contexts for the directory if you have it enabled on your system.
>>
>> I normally do this by using a reference from /var/www/html since it is installed
>> with the correct context for httpd content:
>>
>> chcon -R --reference=/var/www/html public_html/
>
> Heh, thought I might be out of date here.. I think that the correct context for
> home directory web content is now httpd_user_content_t (although I think
> httpd_sys_content_t still works - an SELinux expert can probably explain exactly
> why that's wrong or a bad idea but it certainly means there's no separation
> between user and system content so the policy can't distinguish them ;).
>
> More info in this bug:
>
> https://bugzilla.redhat.com/show_bug.cgi?id=509943
>
> Regards,
> Bryn.
>
Dear Bryn
              I have been addressing this isuue for about two days and
has also posted on FedoraForum.org. The Thread is
http://forums.fedoraforum.org/showthread.php?t=260382.This thread was
not initially started by me.I have posted by the UserName Vefoda.On
that thread acording to the advice given by
jpollard(http://forums.fedoraforum.org/showpost.php?p=1461100&postcount=9)
I have carried out the following

1. enable the UserDir entry: "UserDir enable"

2. uncommment the next UserDIR line (and/or modify it for your
choice): "UserDir public_html

3.Set the SELinux boolean control "httpd_enable_homedirs" to "on" to
allow apache to access the users "public_html" (or whatever you called
it).

3a. restart apache

4. Let the user create their "public_html" directory in their home
directory, then use "chcon -t httpd_user_content_t public_html" to set
the security label.

5. Let the user set permission bits (chmod +rx public_html) on the directory.

This will grant READ ONLY access to files (and php scripts).

The URL for access is "//<host>/~<username>/".

Before Doing the above I was not able to even start httpd.But now it
starts and the problem now is I am getting a Forbidden page?From what
I gather I think is that httpd is able to access
/home/varuna/public_html/ But the Web Browser is not able to access
the Home Directory contents, public_html contents to be exact

Your Advice Please!

Regards
Varuna

More information about the users mailing list