Linux - Server This forum is for the discussion of Linux Software used in a server related context. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
12-10-2010, 05:05 PM
|
#1
|
LQ Newbie
Registered: Dec 2010
Posts: 2
Rep:
|
(apachectl vs httpd)
I've noticed that pieces of my question have been answered in the forums, but I'm still confused as to what is going on in my case. Let me set up what's going on, forgive me if it's a little long:
I'm trying to get Apache to run in a user's home directory. I changed the conf file so that Apache runs under the user and group "kiosk" and changed the DocumentRoot and Directory from the default to "/home/kiosk". Then I set Apache to start at boot (chkconfig --level 235 httpd on) and rebooted. When I checked, httpd is running as kiosk like it should (ps aux | grep httpd).
However, when I try wget localhost, I get a 403 response back. If as root I call "httpd -k stop" and then "httpd -k start", then everything works exactly as it should (curiously, if I try using "-k restart", it still doesn't work). After this, httpd still shows as running as kiosk and if I check before calling start, it shows no httpd processes running as expected.
This only happens when I use httpd to stop and then start the web server. If I try to restart using apachectl I still get a 403 error. As an interesting aside, after I've used httpd, if I try using "apachectl restart" I get a "(13)Permission denied: Error retrieving pid file run/httpd.pid" error.
This is all on a freshly installed CentOS 5.5 server. Could anyone give me some pointers as to why I'm seeing this very different behaviour from what I thought were just equivalent ways of starting Apache? And then what I could do to get it to start up and run properly on boot?
One last item to mention is this isn't a permissions problem. I set the permissions to 777 to both the home and kiosk directories (and 666 to the web files) just to be sure that's not the problem.
|
|
|
12-10-2010, 07:07 PM
|
#2
|
LQ Muse
Registered: Aug 2005
Location: A2 area Mi.
Posts: 17,663
|
it has been a while but.
one thing you might want to check is the SELinuxTroubleshooter"
having the users home folder set to 777 will cause all kinds of problems.Including the system not allowing the user to even login
cent checks the users $HOME folder to make sure that it is "sane" if not - problems .
Quote:
I changed the conf file so that Apache runs under the user and group "kiosk" and changed the DocumentRoot and Directory from the default to "/home/kiosk".
|
??? so you WANT every and ALL users( running as "kiosk") to be able to change EVERYTHING in the Apache web server , and have FULL control ??
a very FULL description of EXACTLY what it is you want to do would help .
|
|
|
12-11-2010, 02:41 PM
|
#3
|
LQ Newbie
Registered: Dec 2010
Posts: 2
Original Poster
Rep:
|
Above the specific problem of why Apache isn't able to access the home directory on boot (but can when I start it using the binary after boot), as you may have deduced I'm creating a type of kiosk. It boots to locked-down instance of Firefox and displays a predetermined page. The problem is that after every user, I need to be able to clear out the cookies via a restart session button on the page. My thought was to have the kiosk itself run a web server to serve a script that deletes the cookie files. This is why I wanted Apache to run as the kiosk user. The user is restricted to the gimped instance of Firefox and doesn't have any command line access, so I'm okay with Apache being able to do anything that the user kiosk can do (plus it's the only way I can see to allow Apache to delete the cookies sitting in the kiosk user's directory).
As far as the permissions, giving global access was sort of an act of desperation just to eliminate the possibility of some permissions issue I wasn't seeing. Having the permissions set so promiscuously or at something more sane results in the same problem of getting a 403 error back from Apache. However, as I stated, if I stop and start up Apache again using the binary (instead of apachectl) after the system boots up, then try it, Apache is finally able to access all the files within the kiosk user directory as expected.
If you have suggestions on how to go about achieving my goal, I'm open to them.
|
|
|
12-11-2010, 04:55 PM
|
#4
|
LQ Muse
Registered: Aug 2005
Location: A2 area Mi.
Posts: 17,663
|
how did you install apache ,mysql,php,perl,...
using yum ? or from downloads on there web sited
example
Code:
yum groupinstall "Web Server "
--- see [ yum groupinfo "Web Server"] for more info on what that installs ---
or "h??p://www.reverse.net/pub/apache//httpd/httpd-2.2.17.tar.gz"
i normally recommend that people new to the apache server build the first 6 to 12 installs from the source and base packages and not rely on rpm's or deb's
the prebuilt only take 30 min to 1 hour off an install -- once one knows what they are doing and have had practice .
the reason i ask on how you installed it is the ONWERSHIP of the apache server and if the user "apache" was made
and if the folder where Apache is installed is owned by apache
the same goes for MySQL
have you looked at this ?
http://www.howtoforge.com/perfect-se...64-ispconfig-3
and scaned through these
http://www.howtoforge.com/howtos/web-server/apache
also docroot is now the very insecure /home/kiosk and not the secure /var/www/httpd/???
docroot is normaly where you put the CMS - in /var/www/htppd/??? so that only Apache and root are owners
MySQL can also go in /var/www/mysql ( also owned by mysql and root )to keep things all together .
you might want to look into some of apaches "mod"s
like mod_chroot
http://www.howtoforge.com/chrooting-...-on-centos-5.4
|
|
|
12-11-2010, 05:19 PM
|
#5
|
Moderator
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417
|
There could be selinux stuff going on, as you've not mentioned that before, but it sounds like thighs are just generally broken. How are you using this kiosk user account to run httpd? And more importantly then any of that, why aren't you looking at, and telling us, what's in the apache error_log for these 403's?
|
|
|
All times are GMT -5. The time now is 11:29 PM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|