Linux - SoftwareThis forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
i'm running apache and big brother and after using webmin, i can't view anything in the bb directory. everything else running on apache on my box is fine, but when i go to my bb page it gives me a 403 Forbidden error.
"You don't have permission to access /bb/ on this server.
Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request."
when i check the httpd error log it says symbolic link not allowed. i do have the bb directory symbolically linked, but all my httpd files say to allow symlinks.
check what is the user that httpd runs as. In Redhat it is usually 'apache' (not sure how is in Mandrake - you can find this out in your httpd.conf - directive 'User')
then check permissions of the folder you're trying to access via http - user 'apache' must be able to read/execute it. And not only the current dir, but all it parent dirs too ('execute' is enough for parents - no need of 'read'). For example:
drwxr-xr-x 2 root root 4096 Feb 6 1996 example
you can see the dir is owned by root, but group and others has r-x permissions - so everyone can cd in to 'example' and can read it content.
But if you have it like this:
drwxr-x--- 2 root root 4096 Feb 6 1996 example
drwx------ 2 root root 4096 Feb 6 1996 example
apache will not be able to read contents of this dir.
if you change it to be like this:
drwxr-x--- 2 root apache 4096 Feb 6 1996 example
or make the dir owned by apache:
drwx------ 2 apache somegroup 4096 Feb 6 1996 example
apache will be able to access it.
You can also assign apache to the approrative group and make the dir accessible by group members.
I'm having a similar problem. I am running Fedora Core 3 and I get several error messages when I try to access a page on my website. The page I'm trying to access has content on my Windows XP box. I created a symbolic link to that DIR (this worked very well on RH9). When I boot up I get an error that says "Invalid line in /etc/fstab" I also get the "Symbolic link not allowed:" not allowed when I try to access the page. I can however access the files on my XP machine from my FC3 box so I know the connection between the two PCs are working. I have set the DIRS of /var/www/html/pics (symbolic link) to r-xr-xrwx and the /mnt/pics to r-x-r-x-rwx. The link in my fstab is as follows:
mount -t smbfs //"ip of windows machine"/pics /mnt/pics -o username="username of account on xp",password="usernames password"
I have changed the info in " " to protect the innocent.
I experienced the same issue.
It turned out to be selinux that is the cause.
Selinux be default locks down Apache in order to prevent
both malicious behaviour, and to prevent people from
shooting themselves in the foot security wise.
Have a read up on selinux policy settings as you will need
to either modify the way you have BB setup, modify the
standard selinux policies, or disable selinux
The files you want to peruse are under /etc/selinux.
I was doing some more searching and found an interesting workaround:
>My work around was I did a loopback device--
>mount --bind /var/www/html/htdocs /home/userid
>this worked like a charm.
This was related to an FTP issue. The problem was that when someone FTP'd into the server they were chroot'd into their directory and the symbolic link would of taken them out of their jail. I'm not sure why I cannot follow the link when I su into wwwrun, but the workaround works.