LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices


Reply
  Search this Thread
Old 05-29-2014, 09:30 AM   #1
zunnoorainfarooqui
LQ Newbie
 
Registered: Jan 2013
Location: Torino, Italy
Distribution: Gentoo, CentOS
Posts: 14

Rep: Reputation: Disabled
Apache server: permission and symbolic link problem


Hi,

I am using Centos(Linux 2.6.32-431.11.2.el6.x86_64). I am trying to create an Apache2.2.15 web server. Every thing configured very well. My DocumentRoot is the default location i.e.
Code:
/var/www/html
I am able to create symbolic link which works perfectly. for example I can create a link for the configuration directory i.e.

Code:
ln -s /etc/httpd/conf/ /var/www/html/conf
I also made a symbolic link to the home directory but it is not working. When I test my web-server it gave me the following error
Code:
Forbidden

You don't have permission to access /test1/home/ on this server.

Apache/2.2.15 (CentOS) Server at my-PC Port 80
the web-server is running as an abc user(abc is a regular user and has home directory access). The permission of the home directory is

Code:
drwxr-xr-x.   6 abc abc  4096 May 29 14:47 home
The concerning part of httpd.conf is given below
Code:
<Directory "/">
Options Indexes FollowSymLinks Includes ExecCGI
AllowOverride All
Allow from all
</Directory>
<Directory "/var/www/html/">
 Options Indexes FollowSymLinks Includes ExecCGI
 AllowOverride All
 Allow from all
</Directory>
Can any body suggest me how can I create a symbolic link for the home directory or for the /home/abc/Download directory?

Thanks in advance for any kind of assistance

Regards
 
Old 05-29-2014, 10:25 AM   #2
potato_farmer
Member
 
Registered: May 2014
Posts: 55

Rep: Reputation: Disabled
First, do not symlink your conf dir to your /var/www/html dir. Really bad idea.

Second, try not to create symlinks for things you want to serve. Here's a better way:

In apache config:

Alias /download /home/abc/Download
<Directory "/home/abc/Download">
options go in here
</Directory>

Also, if you have SELINUX running, you'll need to modify that directory as a permitted type for apache, or disable SELINUX.
 
Old 05-29-2014, 11:07 AM   #3
zunnoorainfarooqui
LQ Newbie
 
Registered: Jan 2013
Location: Torino, Italy
Distribution: Gentoo, CentOS
Posts: 14

Original Poster
Rep: Reputation: Disabled
Thanks for your kind reply.

Quote:
First, do not symlink your conf dir to your /var/www/html dir. Really bad idea.
I do agree with you, I wrote it just to emphasis that, I am able to create the symbolic link

I already disable the SELINUX

as per your advice I added the lines in the httpd.conf. So now the updated conf file is look like this

Code:
<Directory "/">
Options Indexes FollowSymLinks Includes ExecCGI
AllowOverride All
Allow from all
</Directory>
<Directory "/var/www/html/">
 Options Indexes FollowSymLinks Includes ExecCGI
 AllowOverride All
 Allow from all
</Directory>
Alias /download /home/abc/Download
<Directory "/home/abc/Download">
 Options Indexes FollowSymLinks Includes ExecCGI
 AllowOverride All
 Allow from all
</Directory>
but still I am unable to see the download directory on the server

any suggestion?

regards
 
Old 05-29-2014, 11:10 AM   #4
potato_farmer
Member
 
Registered: May 2014
Posts: 55

Rep: Reputation: Disabled
What happens when you go to /download in a browser?
And what do the logs show?
 
Old 05-29-2014, 11:34 AM   #5
zunnoorainfarooqui
LQ Newbie
 
Registered: Jan 2013
Location: Torino, Italy
Distribution: Gentoo, CentOS
Posts: 14

Original Poster
Rep: Reputation: Disabled
I can not see the download folder in the browser

here is the last line of the /var/log/httpd/error_log file

Code:
[Thu May 29 18:27:49 2014] [error] [client ##########] File does not exist: /var/www/html/favicon.ico
 
Old 05-29-2014, 12:46 PM   #6
bathory
LQ Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 12,827

Rep: Reputation: 1866Reputation: 1866Reputation: 1866Reputation: 1866Reputation: 1866Reputation: 1866Reputation: 1866Reputation: 1866Reputation: 1866Reputation: 1866Reputation: 1866
Quote:
<Directory "/">
Options Indexes FollowSymLinks Includes ExecCGI
AllowOverride All
Allow from all
</Directory>
You must not allow webserver to access the / directory for security reasons.

Regarding the Alias, clear you browser cache and visit /download. Post what is shown on your browser and the error you get in error_log.


Regards
 
Old 05-30-2014, 06:27 AM   #7
zunnoorainfarooqui
LQ Newbie
 
Registered: Jan 2013
Location: Torino, Italy
Distribution: Gentoo, CentOS
Posts: 14

Original Poster
Rep: Reputation: Disabled
Thanks for your kind reply.

In order to avoid all the mess I reconfigured everything with the new user "test"

My DocumentRoot is pointed to "/var/www/html" and in addition to that, I want to add a webserver directory(which is located under /home/test/ directory) through Alias.

here is my /etc/httpd/conf/httpd.conf file
Code:
DocumentRoot "/var/www/html"
<Directory "/var/www/html">
   Options Indexes FollowSymLinks
   AllowOverride None
    Order allow,deny
    Allow from all
</Directory>
Alias /webserver /home/test/webserver
<Directory "/home/test/webserver">
   Options Indexes FollowSymLinks
   AllowOverride None
    Order allow,deny
    Allow from all
</Directory>
Here is the content of my DocumentRoot /var/www/html/ directory
Code:
drwxr-xr-x 2 test test 4096 May 30 12:27 documents
drwxr-xr-x 2 test test 4096 May 30 11:50 pictures
drwxrwxr-x 2 test test 4096 May 30 12:18 video
-rwxr-xr-x 1 test test   21 May 30 11:52 worksheet.txt
Here is the permission setting of home direcoty
Code:
drwxr-xr-x.   6 test    test     4096 May 30 11:54 home
Here is the permission setting of test direcoty
Code:
drwxr-xr-x   5 test test  4096 May 30 13:02 test
Here is the permission setting of webserver direcoty
Code:
drwxr-xr-x 4 test test 4096 May 30 11:56 webserver
Here is the content and permission setting under the webserver direcoty
Code:
-rwxr-xr-x 1 test test   30 May 30 11:56 calender.txt
drwxr-xr-x 2 test test 4096 May 30 11:55 images
drwxr-xr-x 2 test test 4096 May 30 11:56 resutls
When I visit the webpage I see the following content
Code:
                                                              Index of /

   [ICO] Name Last modified Size Description
     ________________________________________________________________________________________________________________________________________________________

   [DIR] documents/ 30-May-2014 12:27 -
   [DIR] pictures/ 30-May-2014 11:50 -
   [DIR] video/ 30-May-2014 12:18 -
   [TXT] worksheet.txt 30-May-2014 11:52 21
     ________________________________________________________________________________________________________________________________________________________


    Apache/2.2.15 (CentOS) Server at localhost Port 80
Here is the content of my /var/log/httpd/error_log file
Code:
[Fri May 30 13:07:19 2014] [notice] Apache/2.2.15 (Unix) DAV/2 configured -- resuming normal operations
Apache server is running by "test" user with SELINUX=disabled

In principle I should see the webserver directory on the webpage but it is not there

Do you have any idea about it

If I create a symbolic link, then I am able to go inside the webserver directory(its mean that, there is no permission issue) but with the Alias I can't go inside the webserver directory

Regards

Last edited by zunnoorainfarooqui; 05-30-2014 at 06:43 AM.
 
Old 05-30-2014, 03:19 PM   #8
bathory
LQ Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 12,827

Rep: Reputation: 1866Reputation: 1866Reputation: 1866Reputation: 1866Reputation: 1866Reputation: 1866Reputation: 1866Reputation: 1866Reputation: 1866Reputation: 1866Reputation: 1866
Quote:
In principle I should see the webserver directory on the webpage but it is not there

Do you have any idea about it

If I create a symbolic link, then I am able to go inside the webserver directory(its mean that, there is no permission issue) but with the Alias I can't go inside the webserver directory
If you use an Alias the URL to it is: http://server/webserver. It is not shown under the directory listing of /var/www/html
If you use a symlink, the URL is the same (http://server/webserver) and you can see the symlink in the directory listing

Regards
 
Old 05-30-2014, 04:43 PM   #9
zunnoorainfarooqui
LQ Newbie
 
Registered: Jan 2013
Location: Torino, Italy
Distribution: Gentoo, CentOS
Posts: 14

Original Poster
Rep: Reputation: Disabled
[Solved] Apache server: permission and symbolic link problem

Code:
If you use an Alias the URL to it is: http://server/webserver. It is not shown under the directory listing of /var/www/html
Thanks a lot. I never knew this fact

Now every thing is working

In addition to that, may I ask some thing apart from the apache server?

Now I am able to acess the server inside my university. but I can not access it from my home

do you have any idea, what could be the probable reason

regards
 
Old 05-31-2014, 03:28 AM   #10
bathory
LQ Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 12,827

Rep: Reputation: 1866Reputation: 1866Reputation: 1866Reputation: 1866Reputation: 1866Reputation: 1866Reputation: 1866Reputation: 1866Reputation: 1866Reputation: 1866Reputation: 1866
Quote:
Now I am able to acess the server inside my university. but I can not access it from my home

do you have any idea, what could be the probable reason
You have to open port 80 on the university firewall and forward it to your box.
 
Old 06-01-2014, 01:11 PM   #11
zunnoorainfarooqui
LQ Newbie
 
Registered: Jan 2013
Location: Torino, Italy
Distribution: Gentoo, CentOS
Posts: 14

Original Poster
Rep: Reputation: Disabled
Quote:
You have to open port 80 on the university firewall and forward it to your box.
But I have a fixed/static IP and I am able to access my PC from my home through SSH or rdesktop.

do you think it is a firewall problem. How can I check that, port 80 is block by the firewall

Thanks in advance
 
Old 06-02-2014, 02:05 AM   #12
bathory
LQ Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 12,827

Rep: Reputation: 1866Reputation: 1866Reputation: 1866Reputation: 1866Reputation: 1866Reputation: 1866Reputation: 1866Reputation: 1866Reputation: 1866Reputation: 1866Reputation: 1866
Quote:
Originally Posted by zunnoorainfarooqui View Post
But I have a fixed/static IP and I am able to access my PC from my home through SSH or rdesktop.

do you think it is a firewall problem. How can I check that, port 80 is block by the firewall

Thanks in advance
To check if port 80 is closed by a firerwall in your box run:
Code:
iptables -nvL|grep 80
If it's open, then it's your university firewall that blocks it.

Regards
 
Old 06-02-2014, 06:51 AM   #13
zunnoorainfarooqui
LQ Newbie
 
Registered: Jan 2013
Location: Torino, Italy
Distribution: Gentoo, CentOS
Posts: 14

Original Poster
Rep: Reputation: Disabled
First of all thanks a lot in order to accomodate all my queries.

Here is the status of my firewall
Code:
sudo iptables -nvL | grep 80
    7   288 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:80
Its mean that, there is no problem on my PC firewall. Its mean that the port is block in the unicersity firewall. Is there any work around to bypass the firewall or any otherway in order to access the webserver

Regards
 
Old 06-02-2014, 07:48 AM   #14
bathory
LQ Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 12,827

Rep: Reputation: 1866Reputation: 1866Reputation: 1866Reputation: 1866Reputation: 1866Reputation: 1866Reputation: 1866Reputation: 1866Reputation: 1866Reputation: 1866Reputation: 1866
Quote:
Originally Posted by zunnoorainfarooqui View Post
Its mean that, there is no problem on my PC firewall. Its mean that the port is block in the unicersity firewall. Is there any work around to bypass the firewall or any otherway in order to access the webserver

Regards
The only thing you can do, is to find a port that is open at your university firewall and configure apache to listen on that port. I guess you cannot mess with the university firewall and use NAT to forward that port to port 80 of your box
 
Old 06-02-2014, 09:16 AM   #15
zunnoorainfarooqui
LQ Newbie
 
Registered: Jan 2013
Location: Torino, Italy
Distribution: Gentoo, CentOS
Posts: 14

Original Poster
Rep: Reputation: Disabled


Anyway, thanks a lot

It was a very informative chat with you

Regards
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
3 symbolic link in apache but 1 is not working packets Linux - Software 2 12-18-2012 06:45 PM
symbolic link problem in apache2 server sensow Linux - Newbie 1 09-27-2012 03:35 AM
Why chmod cannot change symbolic link permission? mikeshn Linux - General 17 03-22-2012 07:08 PM
Permission denied when creating a symbolic link? Ubuntonian Linux - Software 1 12-20-2010 09:48 AM
Help: Symbolic Link Permission Denied rhel5 Linux - Software 0 06-11-2009 01:09 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Server

All times are GMT -5. The time now is 11:42 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration