LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 10-11-2009, 10:20 AM   #1
fmr
Member
 
Registered: Oct 2009
Posts: 31

Rep: Reputation: 0
403 problem: OpenSuse 11 with Apache 2.2


Hi!

I am new to this Forum and new to Linux, and am enjoying the superb performance of this OS.

I have installed all packages needed for a LAMP server and configured the settings for Apache as far as I know how, but I still get a 403 when trying to access ANYTHING on the server, except http://server/manual, which gives me the Apache Manual.

/etc/apache2/httpd.conf :
Code:
Include /etc/apache2/uid.conf
Include /etc/apache2/server-tuning.conf
ErrorLog /var/log/apache2/error_log
Include /etc/apache2/sysconfig.d/loadmodule.conf
Include /etc/apache2/listen.conf
Include /etc/apache2/mod_log_config.conf
Include /etc/apache2/sysconfig.d/global.conf
Include /etc/apache2/mod_status.conf
Include /etc/apache2/mod_info.conf
Include /etc/apache2/mod_usertrack.conf
Include /etc/apache2/mod_autoindex-defaults.conf
TypesConfig /etc/apache2/mime.types
DefaultType text/plain
Include /etc/apache2/mod_mime-defaults.conf
Include /etc/apache2/errors.conf
Include /etc/apache2/ssl-global.conf

<Directory />
    Options None
    Order deny,allow
    Deny from all
    
</Directory>

AccessFileName .htaccess

<Files ~ "^\.ht">
    Order allow,deny
    Deny from all
</Files>

DirectoryIndex index.php index.html index.html.var

Include /etc/apache2/default-server.conf
Include /etc/apache2/sysconfig.d/include.conf
Include /etc/apache2/vhosts.d/*.conf
/etc/apache2/default-server.conf
Code:
DocumentRoot /srv/www/htdocs

<Directory "/srv/www/htdocs">
	Options None
 	AllowOverride None
 	Order allow,deny
	Allow from all
</Directory>

Alias /icons/ "/usr/share/apache2/icons/"

<Directory "/usr/share/apache2/icons">
 Options Indexes MultiViews
 AllowOverride None
 Order allow,deny
 Allow from all
</Directory>

ScriptAlias /cgi-bin/ "/srv/www/cgi-bin/"

<Directory "/srv/www/cgi-bin">
 AllowOverride None
 Options +ExecCGI -Includes
 Order allow,deny
 Allow from all
</Directory>

<IfModule mod_userdir.c>
UserDir public_html
Include /etc/apache2/mod_userdir.conf
</IfModule>

Include /etc/apache2/conf.d/*.conf

Include /etc/apache2/conf.d/apache2-manual?conf
ServerName
ServerAdmin
/etc/sysconfig/apache2 :
Code:
APACHE_CONF_INCLUDE_FILES=""
APACHE_CONF_INCLUDE_DIRS=""
APACHE_MODULES="suexec authz_host actions alias auth_basic authz_groupfile authn_file authz_user authn_dbm autoindex cgi dir env expires include log_config mime negotiation setenvif status asis imagemap ssl php5 authz_default"
APACHE_SERVER_FLAGS="SSL"
APACHE_HTTPD_CONF=""
APACHE_MPM=""
APACHE_SERVERADMIN=""
APACHE_SERVERNAME=""
APACHE_START_TIMEOUT="2"
APACHE_SERVERSIGNATURE="on"
APACHE_LOGLEVEL="warn"
APACHE_ACCESS_LOG="/var/log/apache2/access_log combined"
APACHE_USE_CANONICAL_NAME="off"
APACHE_SERVERTOKENS="OS"
APACHE_EXTENDED_STATUS="off"
APACHE_BUFFERED_LOGS="off"
APACHE_TIMEOUT="300"
 
Old 10-11-2009, 12:59 PM   #2
bathory
LQ Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 11,791

Rep: Reputation: 1590Reputation: 1590Reputation: 1590Reputation: 1590Reputation: 1590Reputation: 1590Reputation: 1590Reputation: 1590Reputation: 1590Reputation: 1590Reputation: 1590
Hi and welcome to LQ

Check the apache error.log to see why you get this error.
Make sure you have an index.html in /srv/www/htdocs and also that this directory has the execute bit on:
Code:
chmod +x /srv/www/htdocs
Regards
 
Old 10-11-2009, 03:30 PM   #3
fmr
Member
 
Registered: Oct 2009
Posts: 31

Original Poster
Rep: Reputation: 0
'index.php' exists, and should work because:
Code:
DirectoryIndex index.php index.html index.html.var
I have set all permissions to 755, but when running
Code:
chmod +x -v /srv/www/htdocs
changes to 775, which means the group went from r-x to rwx ... why?

But still the problem persists. Here are the logs:

error_log
Code:
[Mon Jul 14 10:11:58 2008] [crit] [client 10.0.0.10] (13)Permission denied: /srv/www/.htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable
access_log
Code:
10.0.0.10 - - [14/Jul/2008:10:11:58 +0200] "GET / HTTP/1.1" 403 1033 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.1) Gecko/20090715 Firefox/3.5.1"
There is no .htaccess file, but do I really need it? The permissions ought to work according to httpd.conf and default-server.conf, right?

Regards
 
Old 10-11-2009, 03:50 PM   #4
anomie
Senior Member
 
Registered: Nov 2004
Location: Texas
Distribution: RHEL, Scientific Linux, Debian, Fedora
Posts: 3,935
Blog Entries: 5

Rep: Reputation: Disabled
No, you don't need it (unless you do). It sounds like the file may exist in that location -- check with:
Code:
# file /srv/www/.htaccess
If it's there, delete it.

-------

Failing that, try changing your directive to the following:
Code:
AccessFileName .foomyfoo
Then restart Apache. Now does it work? If not, what messages do you see in the error log?
 
Old 10-11-2009, 06:44 PM   #5
lutusp
Member
 
Registered: Sep 2009
Distribution: Fedora
Posts: 835

Rep: Reputation: 102Reputation: 102
Quote:
Originally Posted by fmr View Post
I have set all permissions to 755, but when running
Code:
chmod +x -v /srv/www/htdocs
changes to 775, which means the group went from r-x to rwx ... why?
Because that's what you told it to do, or didn't undo its prior state? Maybe it would be better to specify which of user, group and others you want the changes to apply to:

Code:
# chmod u+rwx,g+rx-w,o-rwx filename
Or something like that, based on your specific needs. And:

Code:
$ man chmod
 
Old 10-12-2009, 09:29 AM   #6
fmr
Member
 
Registered: Oct 2009
Posts: 31

Original Poster
Rep: Reputation: 0
This:
Code:
cd /srv/www
find -name .htaccess
returns nothing, and
Code:
file /srv/www/htdocs/.htaccess
returns the error "No such file or directory", as I expected.

I removed the AccessFileName directive, and restarted Apache ... no difference.
I changed the directive to:
Code:
AccessFileName .foobar
and restarted ... no difference

The error-log now states:
Code:
[Tue Jul 15 04:08:56 2008] [crit] [client 10.0.0.10] (13)Permission denied: /srv/www/.foobar pcfg_openfile: unable to check htaccess file, ensure it is readable
I then created an empty .foobar file in /srv/www, and did:
Code:
chmod 775 -v /srv/www/.foobar
It changed to rwxrwxr-x as expected.

The exact same error message appears in error_log when trying to load the page.

BTW:
Quote:
fmr: "changes to 775, which means the group went from r-x to rwx ... why?"
lutusp: "Because that's what you told it to do, or didn't undo its prior state?"
I told it to add the eXecute right, not the Write right. The x right was present (r-x or 5), and the w right was added (now rwx or 7), which puzzles me. I have used chmod before, so i did not go and read the manual as you suggested, but that is not important

Last edited by fmr; 10-12-2009 at 09:31 AM. Reason: typo
 
Old 10-12-2009, 10:05 AM   #7
anomie
Senior Member
 
Registered: Nov 2004
Location: Texas
Distribution: RHEL, Scientific Linux, Debian, Fedora
Posts: 3,935
Blog Entries: 5

Rep: Reputation: Disabled
Something definitely seems screwy. OTOH, you have a lot of Includes in place, and we're not sure what those configs are doing.

Next round:
Code:
#AccessFileName .htaccess
#
#<Files ~ "^\.ht">
#    Order allow,deny
#    Deny from all
#</Files>
Restart Apache and try again...

The AccessFileName default will be .htaccess anyway, but I'm curious to see what happens.

-------

I thought of one more thing. Add this to your Directory '/' config:
Code:
<Directory />
    Options None
    AllowOverride None
    Order deny,allow
    Deny from all
    
</Directory>

Last edited by anomie; 10-12-2009 at 10:07 AM. Reason: added something.
 
Old 10-12-2009, 10:40 AM   #8
anomie
Senior Member
 
Registered: Nov 2004
Location: Texas
Distribution: RHEL, Scientific Linux, Debian, Fedora
Posts: 3,935
Blog Entries: 5

Rep: Reputation: Disabled
One more thing: you say requests to http//your.host/manual work. So what is in:
Code:
Include /etc/apache2/conf.d/apache2-manual?conf
?
 
Old 10-12-2009, 01:54 PM   #9
fmr
Member
 
Registered: Oct 2009
Posts: 31

Original Poster
Rep: Reputation: 0
All the include statements came with the Apache installation. I just removed all comments for readability. The only other document containing the <Document> tag is default-server.conf (available in my first post), as far as I know.

Commenting out the <files> part does nothing different, same error_log output. (The comment above that part said that it only prevents people from accessing those files through the website).

Using:
Code:
AllowOverride None
I get:
Code:
[Tue Jul 15 08:36:02 2008] [error] [client 10.0.0.10] (13)Permission denied: access to / denied
which is different.

Looking at apache2-manual.conf:
Code:
AliasMatch ^/manual(?:/(?:de|en|es|fr|ja|ko|ru))?(/.*)?$ "/usr/share/apache2/manual$1"

<Directory "/usr/share/apache2/manual">
    Options Indexes
    AllowOverride None
    Order allow,deny
    Allow from all

    <Files *.html>
        SetHandler type-map
    </Files>

    SetEnvIf Request_URI ^/manual/(de|en|es|fr|ja|ko|ru)/ prefer-language=$1
    RedirectMatch 301 ^/manual(?:/(de|en|es|fr|ja|ko|ru)){2,}(/.*)?$ /manual/$1$2
</Directory>
I understand everything here except Options, AllowOverride and SetHandler.

Bottom line: still not working.
 
Old 10-12-2009, 02:11 PM   #10
anomie
Senior Member
 
Registered: Nov 2004
Location: Texas
Distribution: RHEL, Scientific Linux, Debian, Fedora
Posts: 3,935
Blog Entries: 5

Rep: Reputation: Disabled
Sorry this is taking so long, but frankly the config supplied by your distro is a mess. (Just my grouchy opinion.)

Here's one for you: do you have an index.html file in your DocumentRoot (/srv/www/htdocs)??
 
Old 10-12-2009, 04:51 PM   #11
bathory
LQ Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 11,791

Rep: Reputation: 1590Reputation: 1590Reputation: 1590Reputation: 1590Reputation: 1590Reputation: 1590Reputation: 1590Reputation: 1590Reputation: 1590Reputation: 1590Reputation: 1590
Try:
Code:
chown -R wwwrun:users /srv/www
chmod -R 755 /srv/www
If apache is running under a different user/group use those in the 1st command instead of wwwrun/users.

Quote:
(13)Permission denied: /srv/www/.htaccess pcfg_openfile:
(13)Permission denied: /srv/www/.foobar pcfg_openfile:
Why is it looking for .htaccess (or whatever the AccessfileName is), in /srv/www and not /srv/www/htdocs?
Check those *.conf files to see if there is another definition of DocumentRoot to be /srv/www.
 
Old 10-12-2009, 05:25 PM   #12
anomie
Senior Member
 
Registered: Nov 2004
Location: Texas
Distribution: RHEL, Scientific Linux, Debian, Fedora
Posts: 3,935
Blog Entries: 5

Rep: Reputation: Disabled
Quote:
Originally Posted by bathory
Why is it looking for .htaccess (or whatever the AccessfileName is), in /srv/www and not /srv/www/htdocs?
Check those *.conf files to see if there is another definition of DocumentRoot to be /srv/www.
Aha, good idea. That's very possible. And that scenario even passes an apachectl -t syntax check, unfortunately.

Quote:
Originally Posted by bathory
Try:
Code:
chown -R wwwrun:users /srv/www
Do you really think he should be changing ownership to the user Apache is running as? That seems dangerous. The permissions changes alone should be enough.
 
Old 10-13-2009, 12:45 AM   #13
bathory
LQ Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 11,791

Rep: Reputation: 1590Reputation: 1590Reputation: 1590Reputation: 1590Reputation: 1590Reputation: 1590Reputation: 1590Reputation: 1590Reputation: 1590Reputation: 1590Reputation: 1590
@anomie
Quote:
Do you really think he should be changing ownership to the user Apache is running as? That seems dangerous. The permissions changes alone should be enough.
I don't think it's dangerous, as I guess this is the original DocumentRoot and the OP has changed it to /srv/www/htdocs.

Regards
 
Old 10-15-2009, 12:24 PM   #14
fmr
Member
 
Registered: Oct 2009
Posts: 31

Original Poster
Rep: Reputation: 0
Quote:
Here's one for you: do you have an index.html file in your DocumentRoot (/srv/www/htdocs)??
I have both index.html and index.php in /srv/www/htdocs. Note that index.php is listed before index.html in the DocumentRoot directive.

Quote:
If apache is running under a different user/group use those in the 1st command instead of wwwrun/users.
I presume that apache is running as root. I installed it through yast, and it starts automatically when booting. the entire /srv/www directory and all its subdirectories and files are 775 (rwxrwxr-x).

I cannot find another definitions of DocumentRoot, so I still have the problem.
 
Old 10-15-2009, 01:51 PM   #15
bathory
LQ Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 11,791

Rep: Reputation: 1590Reputation: 1590Reputation: 1590Reputation: 1590Reputation: 1590Reputation: 1590Reputation: 1590Reputation: 1590Reputation: 1590Reputation: 1590Reputation: 1590
apache is not running as root in most cases. It starts with root privileges so it can bind on port 80 and then drops to the user/group defined by the respective directives (User and Group). Reading Suse documentation for apache, it looks like it run as wwwrun/users, so make sure that the whole /srv/www path is owned and readable/executable by that user/group.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Yet another Apache index.html 403 problem jerod23 Linux - Server 9 07-13-2009 01:23 PM
apache related problem (HTTP Error 403 - Forbidden ) spandau Linux - Networking 29 09-01-2005 06:06 PM
APACHE Problem 2 dirs, identical permissions and security contexts, one gives 403? tones Linux - Software 2 03-13-2005 08:45 AM
Apache Webserver 403 Forbidden Errors (User not in apache group?) Mankind75 Mandriva 4 07-08-2004 05:30 AM
I Fixed Apache 403 Forbidden Problem, but how? shosterman Linux - Newbie 2 01-26-2004 10:33 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 10:46 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration