LinuxQuestions.org
Visit the LQ Articles and Editorials section
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices



Reply
 
Search this Thread
Old 04-18-2007, 11:01 AM   #1
djjoshuad
Member
 
Registered: Apr 2007
Location: Corinth, TX
Distribution: CentOS, RHEL, SLES, ubuntu
Posts: 44

Rep: Reputation: 15
Apache 2.2.3 on CentOS 5 - VirtualHost permissions problem


Hello,

Let me start by saying that I'm not new at all to Linux or Apache. I've been administering and coding for *nix professionally for over 10 years. I used Apache a lot at the 1.x version, and a couple of years ago I adjusted to the 2.0.x way of doing things. I recently loaded a server with CentOS 5 (A RHEL5 clone) and with it came apache 2.2.3. I fired it up and verified that the default server worked. I quickly tossed in the standard set of directives to add a couple of VirtualHosts (I've got at least 30 running on a CentOS 4 server with apache 2.0.52). I tried to verify that the new Virtuals worked... and they didn't. Much to my surprise, neither did the default server that was working just moments before. All of these servers now gave a 403 error, saying that I did not have permission to access / on that server.

This error is fairly generic; it could point to filesystem permissions or some other access control issue. I decided to start digging. Through some research on google (and this site ), I found out that as of 2.2, there must be a VirtualHost defined that is identical to the default server. After I set that up, the default server was once again working properly... but still no luck on the other VirtualHosts. I still got the same 403 error... which still wasn't very descriptive.

After several hours of googling and trying many different configurations with the <Files> and <Directory> directives, I believe I have it narrowed down to some very odd filesystem permissions issue. Basically, any virtual servers that exist within /var/www work beautifully. Any that exist elsewhere do not. Every directory that I tried to use, I gave permissions identical to /var/www - 0755 root:root. Possibly by coincidence, /var/www is configured as the "apache" user's home directory (by default). I think this may be a coincidence, because I tried running the server as the "nobody" user and the symptoms were identical. The "nobody" user has a home directory of simply /, so my logic told me that if the issue were truly related to the home directory, "nobody" would have been able to serve VirtualHosts from anywhere on the filesystem.

Here's a breakdown of my current configuration:
Code:
(default)
DocumentRoot /var/www/html

(Virt1)
DocumentRoot /var/www/html
ServerName `hostname`

(Virt2)
DocumentRoot /var/www/html2
ServerName virtual.example.com
With this configuration, the default server and the VirtualHost work as expected. I have no <Directory> or <Files> directives in there to make it work, it just happens as expected, out of the box. httpd -S returns an OK status, with expected output.

Here's an example of what does *not* work. The changes are very subtle.

Code:
(default)
DocumentRoot /var/www/html

(Virt1)
DocumentRoot /var/www/html
ServerName `hostname`

(Virt2)
DocumentRoot /var/www2/html  <-- changed
ServerName virtual.example.com
Of course, the directory I'm pointing it at in this example does exist. I simply copied /var/www to /var/www2, retaining all permissions and copying all contents and subdirectories. As far as the OS is concerned, these two directories are pretty much identical.

Interestingly, I tried to symlink test.php to /home/blah/test.php from within the working default server. "Options FollowSymLinks" does exist for this server, and the permissions on /home/blah are identical to those of /var/www. The apache documentation also says that following symbolic links, when enabled, bypasses the <Directory> directive for access control.

example:
Code:
/var/www/html/test1.php   <-- existing php script, produces expected output
/var/www/html/test2.php   <-- linked to test1.php, produces expected output
/home/blah/test3.php      <-- existing php script, identical to test1.php
/var/www/html/test4.php   <-- linked to test3.php, produces a 403 error
basically, as long as the file exists within /var/www, everything is a-ok. Symlinks, actual documents, everything works. If I try to serve a virtualhost from another directory, or if I try to link to a file in another directory, I get a 403 error.

Sorry for the long-winded post... but I tried to provide as much information as I could. Most likely, someone here will recognize the problem and provide a 30-second, 1-line fix and I will look somewhat silly... but hey, that's why I'm here

Thanks in advance,
-J

Last edited by djjoshuad; 04-18-2007 at 04:16 PM.
 
Old 04-18-2007, 03:49 PM   #2
djjoshuad
Member
 
Registered: Apr 2007
Location: Corinth, TX
Distribution: CentOS, RHEL, SLES, ubuntu
Posts: 44

Original Poster
Rep: Reputation: 15
I should clarify that the default "It Works!" type page will show up for the Virtual Hosts. It's just that any files I put in the DocumentRoot generate a 403.

oh, and /bump
 
Old 04-19-2007, 01:54 PM   #3
djjoshuad
Member
 
Registered: Apr 2007
Location: Corinth, TX
Distribution: CentOS, RHEL, SLES, ubuntu
Posts: 44

Original Poster
Rep: Reputation: 15
nevermind.... stupid selinux
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Apache VirtualHost Redirect Problem... SiLiCoN Linux - Networking 5 05-03-2005 09:41 AM
Apache 2 VirtualHost woes, permissions problem, just can't work it out. utow Linux - Software 2 04-19-2005 02:48 PM
Apache - Problem when configure VirtualHost b:z Linux - Networking 17 04-07-2005 03:44 AM
VirtualHost Apache 2 Problem Chris_K1 Linux - Networking 0 01-25-2005 11:00 AM
Apache: Virtualhost configuration problem deepika Linux - Software 3 08-12-2003 11:13 AM


All times are GMT -5. The time now is 04:50 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration