[olug] Apache config

Sam Flint harmonicnm7h at gmail.com
Thu Sep 27 18:08:59 UTC 2012 

I just turned it off, I can't stand it anyways.

Sam

On Thu, Sep 27, 2012 at 12:32 PM, Barry Von Ahsen <barry at vonahsen.com> wrote:
> yeah, you're probably missing the SELinux context then.  errors are logged to /var/log/audit/audit.log and usually tell you the issue (once you learn to parse the line)
>
> do ls -lZ on /var/www/html and on your new custom directory and make sure they match - I think it's httpd_sys_content_t
>
> then you'll need to run semanage and restorecon to make that persistent - see the end of 5.1 - http://wiki.centos.org/HowTos/SELinux#head-0f6390ddacfab39ee973ed8018a32212c2a02199
>
> you may or may not need the httpd_read_user_content boolean too - do 'getsebool -a | grep http' to see the options
>
>
> you can probably see why people tend to turn selinux off, but once you get used to it, it's very helpful
>
>
> -barry
>
>
> On Sep 27, 2012, at 11:17 AM, Sam Flint wrote:
>
>> yeah CENTOS, I modified it slightly, to enable and use a custom
>> directory.  SE is enabled, I just havent disabled it yet, it has been
>> a headache on my laptop in the past\
>>
>> Sam
>>
>> On Thu, Sep 27, 2012 at 11:09 AM, Barry Von Ahsen <barry at vonahsen.com> wrote:
>>> is it a red hat-ish distro?
>>>
>>> what does sestatus say (as root)?
>>>
>>> # sestatus
>>> SELinux status:                 disabled
>>>
>>> here's the chunk of the default CentOS userdir configuration, did you tweak that?
>>>
>>> #
>>> # UserDir: The name of the directory that is appended onto a user's home
>>> # directory if a ~user request is received.
>>> #
>>> # The path to the end user account 'public_html' directory must be
>>> # accessible to the webserver userid.  This usually means that ~userid
>>> # must have permissions of 711, ~userid/public_html must have permissions
>>> # of 755, and documents contained therein must be world-readable.
>>> # Otherwise, the client will only receive a "403 Forbidden" message.
>>> #
>>> # See also: http://httpd.apache.org/docs/misc/FAQ.html#forbidden
>>> #
>>> <IfModule mod_userdir.c>
>>>    #
>>>    # UserDir is disabled by default since it can confirm the presence
>>>    # of a username on the system (depending on home directory
>>>    # permissions).
>>>    #
>>>    UserDir disable
>>>
>>>    #
>>>    # To enable requests to /~user/ to serve the user's public_html
>>>    # directory, remove the "UserDir disable" line above, and uncomment
>>>    # the following line instead:
>>>    #
>>>    #UserDir public_html
>>>
>>> </IfModule>
>>>
>>> -barry
>>>
>>>
>>> On Sep 27, 2012, at 10:59 AM, Sam Flint wrote:
>>>
>>>> Ok, that might be it, probably is, but it needs to be apache owned
>>>> through and through, I am uasing vhosts if that makes any difference,
>>>> along with userdirs.
>>>>
>>>> Sam
>>>>
>>>> On Thu, Sep 27, 2012 at 10:36 AM, Barry Von Ahsen <barry at vonahsen.com> wrote:
>>>>> sure - my first SWAG is that you're serving from a non-standard directory and don't have a <Directory> allow directive (or that plus a missing SElinux context)
>>>>>
>>>>> -barry
>>>>>
>>>>>
>>>>> On Sep 27, 2012, at 10:29 AM, Sam Flint wrote:
>>>>>
>>>>>> I was wondering, would any of you be willing to look at my apache
>>>>>> config file and tell me why i get access denied errors?
>>>>>>
>>>>>> Sam
>>>>>>
>>>>>> --
>>>>>> Sam Flint
>>>>>> flintfam.org/~swflint
>>>>>> _______________________________________________
>>>>>> OLUG mailing list
>>>>>> OLUG at olug.org
>>>>>> https://lists.olug.org/mailman/listinfo/olug
>>>>>
>>>>> _______________________________________________
>>>>> OLUG mailing list
>>>>> OLUG at olug.org
>>>>> https://lists.olug.org/mailman/listinfo/olug
>>>>
>>>>
>>>>
>>>> --
>>>> Sam Flint
>>>> flintfam.org/~swflint
>>>> _______________________________________________
>>>> OLUG mailing list
>>>> OLUG at olug.org
>>>> https://lists.olug.org/mailman/listinfo/olug
>>>
>>> _______________________________________________
>>> OLUG mailing list
>>> OLUG at olug.org
>>> https://lists.olug.org/mailman/listinfo/olug
>>
>>
>>
>> --
>> Sam Flint
>> flintfam.org/~swflint
>> _______________________________________________
>> OLUG mailing list
>> OLUG at olug.org
>> https://lists.olug.org/mailman/listinfo/olug
>
> _______________________________________________
> OLUG mailing list
> OLUG at olug.org
> https://lists.olug.org/mailman/listinfo/olug



-- 
Sam Flint
flintfam.org/~swflint

More information about the OLUG mailing list