LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices


Reply
  Search this Thread
Old 12-10-2010, 05:05 PM   #1
mogman1
LQ Newbie
 
Registered: Dec 2010
Posts: 2

Rep: Reputation: 0
(apachectl vs httpd)


I've noticed that pieces of my question have been answered in the forums, but I'm still confused as to what is going on in my case. Let me set up what's going on, forgive me if it's a little long:

I'm trying to get Apache to run in a user's home directory. I changed the conf file so that Apache runs under the user and group "kiosk" and changed the DocumentRoot and Directory from the default to "/home/kiosk". Then I set Apache to start at boot (chkconfig --level 235 httpd on) and rebooted. When I checked, httpd is running as kiosk like it should (ps aux | grep httpd).

However, when I try wget localhost, I get a 403 response back. If as root I call "httpd -k stop" and then "httpd -k start", then everything works exactly as it should (curiously, if I try using "-k restart", it still doesn't work). After this, httpd still shows as running as kiosk and if I check before calling start, it shows no httpd processes running as expected.

This only happens when I use httpd to stop and then start the web server. If I try to restart using apachectl I still get a 403 error. As an interesting aside, after I've used httpd, if I try using "apachectl restart" I get a "(13)Permission denied: Error retrieving pid file run/httpd.pid" error.

This is all on a freshly installed CentOS 5.5 server. Could anyone give me some pointers as to why I'm seeing this very different behaviour from what I thought were just equivalent ways of starting Apache? And then what I could do to get it to start up and run properly on boot?

One last item to mention is this isn't a permissions problem. I set the permissions to 777 to both the home and kiosk directories (and 666 to the web files) just to be sure that's not the problem.
 
Old 12-10-2010, 07:07 PM   #2
John VV
LQ Muse
 
Registered: Aug 2005
Location: A2 area Mi.
Posts: 17,663

Rep: Reputation: 2657Reputation: 2657Reputation: 2657Reputation: 2657Reputation: 2657Reputation: 2657Reputation: 2657Reputation: 2657Reputation: 2657Reputation: 2657Reputation: 2657
it has been a while but.

one thing you might want to check is the SELinuxTroubleshooter"
having the users home folder set to 777 will cause all kinds of problems.Including the system not allowing the user to even login
cent checks the users $HOME folder to make sure that it is "sane" if not - problems .

Quote:
I changed the conf file so that Apache runs under the user and group "kiosk" and changed the DocumentRoot and Directory from the default to "/home/kiosk".
??? so you WANT every and ALL users( running as "kiosk") to be able to change EVERYTHING in the Apache web server , and have FULL control ??

a very FULL description of EXACTLY what it is you want to do would help .
 
Old 12-11-2010, 02:41 PM   #3
mogman1
LQ Newbie
 
Registered: Dec 2010
Posts: 2

Original Poster
Rep: Reputation: 0
Above the specific problem of why Apache isn't able to access the home directory on boot (but can when I start it using the binary after boot), as you may have deduced I'm creating a type of kiosk. It boots to locked-down instance of Firefox and displays a predetermined page. The problem is that after every user, I need to be able to clear out the cookies via a restart session button on the page. My thought was to have the kiosk itself run a web server to serve a script that deletes the cookie files. This is why I wanted Apache to run as the kiosk user. The user is restricted to the gimped instance of Firefox and doesn't have any command line access, so I'm okay with Apache being able to do anything that the user kiosk can do (plus it's the only way I can see to allow Apache to delete the cookies sitting in the kiosk user's directory).

As far as the permissions, giving global access was sort of an act of desperation just to eliminate the possibility of some permissions issue I wasn't seeing. Having the permissions set so promiscuously or at something more sane results in the same problem of getting a 403 error back from Apache. However, as I stated, if I stop and start up Apache again using the binary (instead of apachectl) after the system boots up, then try it, Apache is finally able to access all the files within the kiosk user directory as expected.

If you have suggestions on how to go about achieving my goal, I'm open to them.
 
Old 12-11-2010, 04:55 PM   #4
John VV
LQ Muse
 
Registered: Aug 2005
Location: A2 area Mi.
Posts: 17,663

Rep: Reputation: 2657Reputation: 2657Reputation: 2657Reputation: 2657Reputation: 2657Reputation: 2657Reputation: 2657Reputation: 2657Reputation: 2657Reputation: 2657Reputation: 2657
how did you install apache ,mysql,php,perl,...

using yum ? or from downloads on there web sited
example
Code:
yum groupinstall "Web Server "
--- see [ yum groupinfo "Web Server"] for more info on what that installs ---
or "h??p://www.reverse.net/pub/apache//httpd/httpd-2.2.17.tar.gz"

i normally recommend that people new to the apache server build the first 6 to 12 installs from the source and base packages and not rely on rpm's or deb's
the prebuilt only take 30 min to 1 hour off an install -- once one knows what they are doing and have had practice .

the reason i ask on how you installed it is the ONWERSHIP of the apache server and if the user "apache" was made
and if the folder where Apache is installed is owned by apache
the same goes for MySQL

have you looked at this ?
http://www.howtoforge.com/perfect-se...64-ispconfig-3
and scaned through these
http://www.howtoforge.com/howtos/web-server/apache

also docroot is now the very insecure /home/kiosk and not the secure /var/www/httpd/???
docroot is normaly where you put the CMS - in /var/www/htppd/??? so that only Apache and root are owners
MySQL can also go in /var/www/mysql ( also owned by mysql and root )to keep things all together .
you might want to look into some of apaches "mod"s
like mod_chroot
http://www.howtoforge.com/chrooting-...-on-centos-5.4
 
Old 12-11-2010, 05:19 PM   #5
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985
There could be selinux stuff going on, as you've not mentioned that before, but it sounds like thighs are just generally broken. How are you using this kiosk user account to run httpd? And more importantly then any of that, why aren't you looking at, and telling us, what's in the apache error_log for these 403's?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
/usr/local/apache2/bin/apachectl: line 65: 4407 Segmentation fault $HTTPD -k $A onlin85 Linux - Software 2 06-18-2009 07:54 AM
Starting httpd: httpd: Syntax error on line 209 of /etc/httpd/conf/httpd.conf: Syntax sethukpathi Linux - Networking 6 04-12-2008 12:26 PM
Very confusing:httpd or apachectl start? backpacker Linux - Software 2 06-23-2005 08:12 AM
apachectl sopiaz57 Linux - Software 5 04-11-2003 07:11 PM
apachectl verse httpd onlinesnet Linux - Newbie 5 09-19-2001 08:35 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Server

All times are GMT -5. The time now is 11:29 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration