1 |
On Sat, Sep 29 2012, Michael Hampicke wrote: |
2 |
|
3 |
> Am 29.09.2012 23:59, schrieb Allan Gottlieb: |
4 |
>> On Sat, Sep 29 2012, Allan Gottlieb wrote: |
5 |
>> |
6 |
>>> On my new install USERDIR is not working. |
7 |
>>> |
8 |
>>> When I try http://localhost/~gottlieb, firefox says |
9 |
>>> "you don't have permission to access /~gottlieb" |
10 |
>>> and the apache error log says |
11 |
>>> "client denied by server configuration: /local/allan/gottlieb/public_html" |
12 |
>>> |
13 |
>>> The file permissions are ok since both |
14 |
>>> file:///home/gottlieb/public_html/index.html and |
15 |
>>> file:///home/gottlieb/public_html |
16 |
>>> work fine. |
17 |
>>> |
18 |
>>> So I guess I screwed up the apache install, in particular USERDIR. |
19 |
>>> |
20 |
>>> eix shows userdir (see below) |
21 |
>>> |
22 |
>>> /etc/conf.d/apache2 has it (see below, diffs = with my working install) |
23 |
>>> |
24 |
>>> I have restarted apache, shutdown the machine overnight, reinstalled |
25 |
>>> apache, but still no go. |
26 |
>>> |
27 |
>>> What step did I foolishly miss? |
28 |
>>> |
29 |
>>> thanks, |
30 |
>>> allan |
31 |
>> |
32 |
>> Finally! I have a filesystem mounted on /local for my local files |
33 |
>> including my home directory /local/allan/gottlieb. |
34 |
>> I put in a symlink /home -> /local/allan/gottlieb |
35 |
>> so that programs looking in /home would be happy. |
36 |
>> I had /etc/passwd say /local/allan/gottlieb since it is the real |
37 |
>> directory. |
38 |
>> |
39 |
>> apache doesn't like this. There is probably an option to let it do this |
40 |
>> since it has several options on symlinks |
41 |
>> |
42 |
>> However I simply changed /etc/passwd to say /home/gottlieb and apache |
43 |
>> is happy. |
44 |
>> |
45 |
>> allan |
46 |
>> |
47 |
> |
48 |
> There's an option called FollowSymlinks which you can set per directory |
49 |
> to allow apache to... yeah, follow symlinks :) |
50 |
> |
51 |
> Look for FollowSymlinks on http://httpd.apache.org/docs/2.2/mod/core.html |
52 |
|
53 |
Yes. It was seeing that option that trigger me to believe symlinks |
54 |
could have been the problem. It was easier to eliminate the one from |
55 |
the "official home dir" to the "real home dir" than to understand if the |
56 |
option would help. My lack of confidence was because the place I found |
57 |
the option, it was turned on. |
58 |
|
59 |
# Control access to UserDir directories. The following is an example |
60 |
# for a site where these directories are restricted to read-only. |
61 |
<Directory /home/*/public_html> |
62 |
AllowOverride FileInfo AuthConfig Limit Indexes |
63 |
Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec |
64 |
<Limit GET POST OPTIONS> |
65 |
Order allow,deny |
66 |
Allow from all |
67 |
</Limit> |
68 |
<LimitExcept GET POST OPTIONS> |
69 |
Order deny,allow |
70 |
Deny from all |
71 |
</LimitExcept> |
72 |
</Directory> |
73 |
|
74 |
It looked to me that I was the owner and the follower. But as I said it |
75 |
seemed easier to eliminate the problematic symlink than to figure out |
76 |
where and when to set the option. Perhaps just changing |
77 |
SymLinksIfOwnerMatch to FollowSymlinks would have done it. |
78 |
|
79 |
allan |