| 1 |
On Sat, Sep 29 2012, Michael Hampicke wrote: |
| 2 |
|
| 3 |
> Am 29.09.2012 23:59, schrieb Allan Gottlieb: |
| 4 |
>> On Sat, Sep 29 2012, Allan Gottlieb wrote: |
| 5 |
>> |
| 6 |
>>> On my new install USERDIR is not working. |
| 7 |
>>> |
| 8 |
>>> When I try http://localhost/~gottlieb, firefox says |
| 9 |
>>> "you don't have permission to access /~gottlieb" |
| 10 |
>>> and the apache error log says |
| 11 |
>>> "client denied by server configuration: /local/allan/gottlieb/public_html" |
| 12 |
>>> |
| 13 |
>>> The file permissions are ok since both |
| 14 |
>>> file:///home/gottlieb/public_html/index.html and |
| 15 |
>>> file:///home/gottlieb/public_html |
| 16 |
>>> work fine. |
| 17 |
>>> |
| 18 |
>>> So I guess I screwed up the apache install, in particular USERDIR. |
| 19 |
>>> |
| 20 |
>>> eix shows userdir (see below) |
| 21 |
>>> |
| 22 |
>>> /etc/conf.d/apache2 has it (see below, diffs = with my working install) |
| 23 |
>>> |
| 24 |
>>> I have restarted apache, shutdown the machine overnight, reinstalled |
| 25 |
>>> apache, but still no go. |
| 26 |
>>> |
| 27 |
>>> What step did I foolishly miss? |
| 28 |
>>> |
| 29 |
>>> thanks, |
| 30 |
>>> allan |
| 31 |
>> |
| 32 |
>> Finally! I have a filesystem mounted on /local for my local files |
| 33 |
>> including my home directory /local/allan/gottlieb. |
| 34 |
>> I put in a symlink /home -> /local/allan/gottlieb |
| 35 |
>> so that programs looking in /home would be happy. |
| 36 |
>> I had /etc/passwd say /local/allan/gottlieb since it is the real |
| 37 |
>> directory. |
| 38 |
>> |
| 39 |
>> apache doesn't like this. There is probably an option to let it do this |
| 40 |
>> since it has several options on symlinks |
| 41 |
>> |
| 42 |
>> However I simply changed /etc/passwd to say /home/gottlieb and apache |
| 43 |
>> is happy. |
| 44 |
>> |
| 45 |
>> allan |
| 46 |
>> |
| 47 |
> |
| 48 |
> There's an option called FollowSymlinks which you can set per directory |
| 49 |
> to allow apache to... yeah, follow symlinks :) |
| 50 |
> |
| 51 |
> Look for FollowSymlinks on http://httpd.apache.org/docs/2.2/mod/core.html |
| 52 |
|
| 53 |
Yes. It was seeing that option that trigger me to believe symlinks |
| 54 |
could have been the problem. It was easier to eliminate the one from |
| 55 |
the "official home dir" to the "real home dir" than to understand if the |
| 56 |
option would help. My lack of confidence was because the place I found |
| 57 |
the option, it was turned on. |
| 58 |
|
| 59 |
# Control access to UserDir directories. The following is an example |
| 60 |
# for a site where these directories are restricted to read-only. |
| 61 |
<Directory /home/*/public_html> |
| 62 |
AllowOverride FileInfo AuthConfig Limit Indexes |
| 63 |
Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec |
| 64 |
<Limit GET POST OPTIONS> |
| 65 |
Order allow,deny |
| 66 |
Allow from all |
| 67 |
</Limit> |
| 68 |
<LimitExcept GET POST OPTIONS> |
| 69 |
Order deny,allow |
| 70 |
Deny from all |
| 71 |
</LimitExcept> |
| 72 |
</Directory> |
| 73 |
|
| 74 |
It looked to me that I was the owner and the follower. But as I said it |
| 75 |
seemed easier to eliminate the problematic symlink than to figure out |
| 76 |
where and when to set the option. Perhaps just changing |
| 77 |
SymLinksIfOwnerMatch to FollowSymlinks would have done it. |
| 78 |
|
| 79 |
allan |
Archives