Unable to access webserver folder
SELinux restricting access to a folder which in turn prevents my apache config access the document root.
- I have SELinux turned on. === No Problem with the following: === /etc/httpd/conf/httpd.conf: <VirtualHost *:80> ServerAdmin root@www.clare.com DocumentRoot /var/www/html/clare.dev ServerName www.clare.com ErrorLog logs/www.clare.com-error_log CustomLog logs/www.clare.com-access_log common </VirtualHost> I can access the site. === Problem arises when: === I change the folder to a higher level: DocumentRoot to /claresite [error] [client 127.0.0.1] client denied by server configuration: /claresite/ Here are my return results: root@linux1 logs/ # ls -Z /claresite/ -rw-r--r-- root root root:object_r:httpd_sys_content_t index.html root@linux1 logs/ # ls -Z /var/www/html/clare.dev/ -rw-r--r-- root root root:object_r:httpd_sys_content_t index.html I'm new to SELinux and I can't find out why this is happening? Can anyone share some ideas on why this is occurring? TIA |
Quote:
|
SELinux restricts access to files and folders by their labels; what do you get for the output of this:
Code:
ls -lZd /var/www/html/claire.dev /clairesite Since the error refers to the server configuration, it seems more likely that you are missing a <Document> or <Location> tag entry for the document or folder that you're reading from in Apache's httpd.conf file (or an included configuration file for the site). |
- Thanks guys, ok its not a SELinux problem after all. I've checked the audit.log and there was no entry.
- I made a test to see if the Virtual Host's DocumentRoot can see a folder higher than the general DocumentRoot which was '/var/www/html'. ---- I changed the /claresite to a symbolic link to /var/www/html/clare.dev instead. So I believe that even the SELinux labels are preserved when accessing this folder. Result: still wasn't able to access the index.html file inside. Still haven't solved it; but I'm still intrigued. |
Quote:
|
If your linux system is unable to access webserver then do following:
Step 1. Configure Apache to Allow Access Authorization. Step 2. Identify the Folder/Directory to Protect. Step 3. Add Access Files to the Folder. Step 4. Add Additional Users. Step 5. Test the Password Function. |
All times are GMT -5. The time now is 02:41 AM. |