Boris Epstein
2009-Jul-31 16:17 UTC
[CentOS] Apache not liking directories outside of /var/www
Hi all, It appears that on my nice little CentOS 5.3 machines Apache only allows me to store content in directories which are under /var/www/ For instance, putting content in /var/www/test and defining the following alias: Alias /test /var/www/test then accessing it under http://hostname/test works great. Not copy that same content to /home/test, change the alias to: Alias /test /home/test and you get Error 403. Any idea why that would be? Never had this sort of trouble anywhere, including under CentOS 5.0 and 5.1 Thanks in advance for any and all help. Boris.
Filipe Brandenburger
2009-Jul-31 16:24 UTC
[CentOS] Apache not liking directories outside of /var/www
Hi, On Fri, Jul 31, 2009 at 12:17, Boris Epstein<borepstein at gmail.com> wrote:> Any idea why that would be?It's SELinux. Files exported by Apache must have context httpd_sys_content_t. You can use "ls -Z" to see the context of a certain file. You can use "chcon -R httpd_sys_content_t /home/test" to change the context of all the files in the /home/test directory, however that will not apply to new files created under that directory, in which case you have to add new rules using "semanage fcontext" (see the examples "man semanage" for help on how to do that). In general I would advise you to try to adapt your application so that the files that need to be seen by Apache are under /var/www, if you have that flexibility it will be simpler and have less chance of breaking in the future. HTH, Filipe
jacob at aers.ca
2009-Jul-31 17:20 UTC
[CentOS] Apache not liking directories outside of /var/www
sounds like current default apache security
near the begining you of httpd.conf you will find
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory "/var/www/html">
Options Indexes FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
</Directory>
This effectively blocks you from sharing any directory (even aliased ones)
unless the actual directory (no symlinks or aliases) is under /var/www.
to add in exceptions put this under your alias statement.
Alias /test /home/test
<Directory /home/test>
Order allow,deny
Allow from all
</Directory>
________________________________
From: centos-bounces at centos.org on behalf of Boris Epstein
Sent: Fri 7/31/2009 9:17 AM
To: centos at centos.org
Subject: [CentOS] Apache not liking directories outside of /var/www
Hi all,
It appears that on my nice little CentOS 5.3 machines Apache only
allows me to store content in directories which are under /var/www/
For instance, putting content in /var/www/test and defining the following alias:
Alias /test /var/www/test
then accessing it under http://hostname/test works great.
Not copy that same content to /home/test, change the alias to:
Alias /test /home/test
and you get Error 403.
Any idea why that would be?
Never had this sort of trouble anywhere, including under CentOS 5.0 and 5.1
Thanks in advance for any and all help.
Boris.
_______________________________________________
CentOS mailing list
CentOS at centos.org
http://lists.centos.org/mailman/listinfo/centos
-------------- next part --------------
A non-text attachment was scrubbed...
Name: winmail.dat
Type: application/ms-tnef
Size: 5171 bytes
Desc: not available
URL:
<http://lists.centos.org/pipermail/centos/attachments/20090731/99c4225d/attachment-0002.bin>