I have an LFS system with the latest Apache. Everything on the system is working properly. I have however noticed a very strange and annoying problem with Apache.
I would like to serve some documents off an XP system. I mounted the XP system on /mnt/xp. There are other things I want access to on the XP system, so the documents to serve on the web are located at /mnt/xp/webdocs.
I created a symlink in my Apache DocumentRoot to point to /mnt/xp/webdocs. (e.g. /home/www/htdocs/docs -> /mnt/xp/webdocs)
Upon trying to access this link (http://www.mysite.com/docs
) I get the following in error_log
[Mon Apr 18 23:52:42 2011] [error] [client 192.168.1.165] Symbolic link not allowed or link target not accessible: /home/www/htdocs/docs
I already have FollowSymLinks set for my entire site in the Directory section. I also have EnableSendfile off to prevent some known problems with kernel caching and file sending from CIFS shares.
The odd part of this is:
1. If I create a symlink to somewhere on the local filesystem (e.g. /home/www/htdocs/link -> /bin) I can see everything in /bin in a listing and access it. This means that FollowSymlinks isn't the problem.
2. If I create a symlink to somewhere outside the CIFS share, and then FROM THAT POINT navigate into the share, it works. (e.g. /home/www/htdocs/link -> /mnt, and then http://www.mysite.com/link/xp/webdocs
). This shows it's not an issue of httpd not being able to access the content. Obviously doing it this way is a HUGE security hole and opens up all sorts of other issues.
3. The problem only occurs if I am trying to access a symlink that points to somewhere inside a CIFS share.
Has anyone observed this behavior/know what's causing it? Is there anything I can do to fix it?
My "temporary" fix was to create a second share on the XP box and mount it directly under /home/www/htdocs/docs. This works, but it's not preferable at all, as in some other projects I'm working on it may not be as predictable where the content will be located on the Windows machine.
As a side note, this used to work fine in Apache 2.0.x...