Web Servers on Unix and Linux - symbolic link not allowed

This is Interesting: Free IT Magazines  
Home > Archive > Web Servers on Unix and Linux > December 2004 > symbolic link not allowed





You are viewing an archived Text-only version of the thread. To view this thread in it's original format and/or if you want to reply to this thread please [click here]

Author symbolic link not allowed
I95RR

2004-11-29, 5:51 pm

Hopefully someone can answer this for me. I researched the archives
and tried everything, well at least I thought I tried everything
mentioned, but I'm still having the problem. I'm running Fedora Core
3 with Apache 2.0.52. I linked a directory to /var/www/html with the
ln -s /home/bb1.9e-btf/www /var/www/html/bb command. The
/home/bb1.9e-btf/www directory has an index.html file in it. When I
try to access the file using my web browser using
http://servername.domain.com/bb I get the following message:

Forbidden

You don't have permission to access /bb on this server.

Additionally, a 403 Forbidden error was encountered while trying to
use an ErrorDocument to handle the request.
Apache/2.0.52 (Fedora) Server at watchdog.genesishcc.com Port 80

I check the httpd.conf file and it has the following information in
it:

DocumentRoot "/var/www/html"

User apache
Group apache

<Directory />
Options +FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
</Directory>
and
<Directory "/var/www/html">
Options Indexes +FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
</Directory>

The /etc/httpd/logs/error_log file shows:

[Mon Nov 29 15:26:13 2004] [error] [client 10.12.1.492] Symbolic link
not allowed: /var/www/html/bb

Is there anything I am missing, please let me know.

TIA
Juha Laiho

2004-12-01, 8:46 pm

i95dblr@gmail.com (I95RR) said:
>Hopefully someone can answer this for me. I researched the archives
>and tried everything, well at least I thought I tried everything
>mentioned, but I'm still having the problem. I'm running Fedora Core
>3 with Apache 2.0.52. I linked a directory to /var/www/html with the
>ln -s /home/bb1.9e-btf/www /var/www/html/bb command. The
>/home/bb1.9e-btf/www directory has an index.html file in it. When I
>try to access the file using my web browser using
>http://servername.domain.com/bb I get the following message:
>
>Forbidden
>
>You don't have permission to access /bb on this server.

Check that the apache user (or group at least) has at least execute access
to diretories /home/bb1.9e-btf and /home/bb1.9e-btf/www, and read-execute
access to directory /home/bb1.9e-btf/www .

There might also be a configuration directive that controls the usability
of symlinks -- see the documentation.
--
Wolf a.k.a. Juha Laiho Espoo, Finland
(GC 3.0) GIT d- s+: a C++ ULSH++++$ P++@ L+++ E- W+$@ N++ !K w !O !M V
PS(+) PE Y+ PGP(+) t- 5 !X R !tv b+ !DI D G e+ h---- r+++ y++++
"...cancel my subscription to the resurrection!" (Jim Morrison)
TommyTheKid

2004-12-08, 2:33 pm

I had this same problem, and came up with the solution... well the problem is not apache, and its not file permissions.. we all know that

The problem is SELINUX

REFERENCE: http://www.linuxhomenetworking.com/...apachebasic.htm

-----
Security Contexts And Apache

In Fedora Core 3, the concept of security contexts was introduced as part of the Security Enhanced Linux definition (See Appendix 1 for details). You files may have the right permissions, but unless you specifically allow the Apache httpd daemon to access it.

Context related configuration errors will give "403 Forbidden" browser messages, and in some cases you will get the default Fedora Apache page where your expected web page should be.

SE Linux has a "-Z" switch which you can use to examine the context of a file. In the case below, Apache HTML files were placed in the /home/www directory instead of the default /var/www/html directory. The index.html file located there was given the default system_u:object_r: context type for a user's home directory. This needed to be changed to the Apache context type of httpd_sys_content_t with the chcon context changing command.



[root@fc3test www]# ls -Z

-rw-r--r-- www apache system_u:object_r:user_home_t index.html

[root@fc3test www]# chcon -t httpd_sys_content_t index.html

[root@fc3test www]# ls -Z index.html

-rw-r--r-- www apache system_u:object_r:httpd_sys_content_t index.html

[root@fc3test www]#



The chcon command's "-t" switch changes the type, and if needed, the "-R" switch will recursively change contexts in subdirectories too.



---

Just reposting here since this was the first place I found on google

~tommy

PS: EDITED.. the -r -> -R
TommyTheKid

2004-12-09, 1:42 pm

*** MODS ***

Can you please add Fedora Core 3 to the subject of the original post. (then delete this reply)

Thanks in advance,
Tommy
Sponsored Links






Free braindumps | Software forum | Database administration forum

Copyright 2003 - 2008 webservertalk.com