LinuxQuestions.org - apache file location

- Linux - Server (https://www.linuxquestions.org/questions/linux-server-73/)

- - apache file location (https://www.linuxquestions.org/questions/linux-server-73/apache-file-location-515569/)

apache file location

Hello.

I have virtual hosts set up with the following on an apache server, running CentOS 4.4.

Code:

# get the server name from the Host: header

UseCanonicalName Off



# this log format can be split per-virtual-host based on the first field

LogFormat "%V %h %l %u %t \"%r\" %s %b" vcommon

CustomLog logs/access_log vcommon



# include the server name in the filenames used to satisfy requests

VirtualDocumentRoot /var/www/html/%0/docs

VirtualScriptAlias  /var/www/html/%0/cgi-bin

This works well, however i want the DocumentRoot to be on a diffrent partition, with the mount point /www
Partition is fine however when i change the code to this:

Code:

# include the server name in the filenames used to satisfy requests

VirtualDocumentRoot /www/%0/docs

VirtualScriptAlias  /www/%0/cgi-bin

there is a problem! The web browser always shows:

Quote:

Forbidden
You don't have permission to access / on this server.
Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.

Can anyone tell me where im going wrong???? - Thanks

Are you sure that not only your user account has access to mounted www? Apache httpd loves to switch uid to nobody, www, apache, daemon or httpd.

That sounds like it could be a likly problem! It was set up when linux was installed on the server, so perhaps only root can. How can i change this?

(i just tried to create a file on it as another user, and it also denied permision).

Well, you can either 'chmod a+rX -R' the directory, so it will be readable to everybody, or 'chown -R ' it, but then you will have to know apache username (it can be found in httpd.conf). If you want, you can read manual for chmod, chown, chgrp and usermod and make a directory that belongs to root, has group apache (or nogroup - you can name it as you wish), that group has httpd pseudo user as member, and permissions are 'a-w o-r g+r'. That way neither making apache misbehave allows modifications nor other means of getting local user rights allow reading the files, which is a bit better from security point of view (surely, applying critical security patches in time is much better anyway).

Ok, have played around with that a little and this is what i have know.

The partition /www cannot be alter by any user other than root:

drwxr-xr-x 7 root root 4096 Jan 2 23:03 www

I like this as there will be lots of uses folder in there, and i odviously dont want them to able to create there own, or delet others! If i place a folder in /www/ and chown it so the user owns it then they can eddit it them selves. However apache still throughs back this error to the web browser:

Quote:

Forbidden

You don't have permission to access / on this server.

Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.

If i chown the whole thing to apache:apache it makes no diffrence! (the apache user is deffinatly apache). If i do: 'chmod a+rX -R /www it makes no diffrence' ... So the permisions at the moment i genuraly like. Everyone can eddit there own file but no one elses, but i still need apache to be able to reed the contents of all the files! HELP!!!!!

- Thanks, so far you have all been very helpful!

OK. Please find and post all sections inside <Directory> tags in httpd.conf and included sites. Maybe it will be so that /var/www/html is governed by any of them (which allows all access), and /www not.

All of them, in order, exactly as they are. (My error pages are still in /var/www/error)

Quote:

<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>

<Directory "/www">

#
# Possible values for the Options directive are "None", "All",
# or any combination of:
# Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
#
# Note that "MultiViews" must be named *explicitly* --- "Options All"
# doesn't give it to you.
#
# The Options directive is both complicated and important. Please see
# http://httpd.apache.org/docs-2.0/mod/core.html#options
# for more information.
#
Options Indexes FollowSymLinks

#
# AllowOverride controls what directives may be placed in .htaccess files.
# It can be "All", "None", or any combination of the keywords:
# Options FileInfo AuthConfig Limit
#
AllowOverride None

#
# Controls who can get stuff from this server.
#
Order allow,deny
Allow from all

</Directory>

#
# Control access to UserDir directories. The following is an example
# for a site where these directories are restricted to read-only.
#
#<Directory /home/*/public_html>
# AllowOverride FileInfo AuthConfig Limit
# Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
# <Limit GET POST OPTIONS>
# Order allow,deny
# Allow from all
# </Limit>
# <LimitExcept GET POST OPTIONS>
# Order deny,allow
# Deny from all
# </LimitExcept>
#</Directory>

<Directory "/var/www/icons">
Options Indexes MultiViews
AllowOverride None
Order allow,deny
Allow from all
</Directory>

<Directory "/var/www/cgi-bin">
AllowOverride None
Options None
Order allow,deny
Allow from all
</Directory>

<Directory "/var/www/error">
AllowOverride None
Options IncludesNoExec
AddOutputFilter Includes html
AddHandler type-map var
Order allow,deny
Allow from all
LanguagePriority en es de fr
ForceLanguagePriority Prefer Fallback
</Directory>

Not sure what help this may be but if i change DocumentRoot "/var/www/html" to DocumentRoot "/www/" when i restart apache i get:

Starting httpd: Syntax error on line 265 of /etc/httpd/conf/httpd.conf:
DocumentRoot must be a directory
[FAILED]

I think the directory thing has to be the problem! Anyone got any thought where ive gone wrong?

Well, post line 265 then... I am not sure it handles httpd.conf correctly while there are errors.

Sorry, missed previous thread notification when looked through subscriptions

At my place of work we use RHeL running apache2 and all of our vhost's root folders need to be in the apache group. Then all the folders inside can be owned by the user.

This is on my actual shared server:

Code:

-bash-3.00$ ls -la | grep analext

drwxr-x---  10 analextc        apache            4096 Nov  2 16:42 analextc

-bash-3.00$

FYI my friends at work already made fun of my username, I didn't do it the damned setup script did!

Line 265: 265DocumentRoot "/www/"
(sorry i ment the stuff in the <directory> tags)....

I tried chwon apache:apache and it makes no diffrence! All very strange.

Er.. I guess 265 is not part of the line? Is this line inside any section? Did you try removing trailing slash?

sorry, the 265 is not in it! tried taking out the / and still no diffrent....
When i try to start the service i get the folowing error:

Starting httpd: Syntax error on line 265 of /etc/httpd/conf/httpd.conf:
DocumentRoot must be a directory
[FAILED]

How can it not be a directory?

Quote:

Originally Posted by just_me_then

Not sure, but have you actually created the 'www' folder in the very root of the server? If not, the error is coming from the directory 'www' not existing in the topmost root of the server at all. I'm betting if you login as root and go to /www it won't be there, until you create the directory.