rt client denied by server configuration

2005-10-09 Thread John Oxley 
I'm trying to install rt on FreeBSD 5.4 with Apache 2.  I have installed
the port, and configured it.  I have also setup Apache like this:

# Tell FastCGI to put its temporary files somewhere sane.
FastCgiIpcDir /tmp

# Number of processes is tunable, but you need at least 3 or 4
# FastCgiServer is illegal in the VirtualHost section
FastCgiServer /usr/local/rt3/bin/mason_handler.fcgi -idle-timeout 120 
-processes 4

VirtualHost *
   ServerAdmin [EMAIL PROTECTED]
   DocumentRoot /usr/local/rt3/share/html
   ServerName rt.yoafrica.com
   ErrorLog /var/log/httpd/rt-error_log
   CustomLog /var/log/httpd/rt-access_log common

   Alias /NoAuth/images /usr/local/rt3/share/html/NoAuth/images/

   ScriptAlias / /usr/local/rt3/bin/mason_handler.fgci/
/VirtualHost

Apache starts okay, but when I go to http://rt.yoafrica.com/ the page
says:
Forbidden

You don't have permission to access / on this server.
Apache/2.0.54 (FreeBSD) PHP/4.3.11 mod_fastcgi/2.4.2 Server at rt.yoafrica.com 
Port 80

and in /var/log/httpd/rt-error_log there is:

[Sun Oct 09 14:18:18 2005] [error] [client 196.44.177.50] client denied by 
server configuration: /usr/local/rt3/bin/mason_handler.fgci
[Sun Oct 09 14:18:18 2005] [error] [client 196.44.177.50] client denied by 
server configuration: /usr/local/rt3/bin/mason_handler.fgci

Does anyone know what I am doing wrong ?

Regards,

-John

-- 
John Oxley
Systems Administrator
Yo!Africa
E-Mail:  john at yoafrica.com
Tel: +263 4 858404
echo '9k[l:l;ss=0lx]s[1+ldd*l=d*-l;+dsrl=2**l:+ds=d*rd*+4-d15] 
s[q]s-[d77/3*2-s;47lx-P1+d78`]s`0[d23/.5-3*s:0l`xr10P1+d24$]ds$x'|dc
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: rt client denied by server configuration

2005-10-09 Thread Mike Friedman 

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On Sun, 9 Oct 2005 at 14:17 (+0200), John Oxley wrote:

I'm trying to install rt on FreeBSD 5.4 with Apache 2.  I have installed 
the port, and configured it.  I have also setup Apache like this:


...

Apache starts okay, but when I go to http://rt.yoafrica.com/ the page
says:
Forbidden

You don't have permission to access / on this server.
Apache/2.0.54 (FreeBSD) PHP/4.3.11 mod_fastcgi/2.4.2 Server at rt.yoafrica.com 
Port 80

and in /var/log/httpd/rt-error_log there is:

[Sun Oct 09 14:18:18 2005] [error] [client 196.44.177.50] client denied by 
server configuration: /usr/local/rt3/bin/mason_handler.fgci
[Sun Oct 09 14:18:18 2005] [error] [client 196.44.177.50] client denied by 
server configuration: /usr/local/rt3/bin/mason_handler.fgci

Does anyone know what I am doing wrong ?


John,

This is not a FreeBSD problem;  it's really an Apache config issue, 
assuming you're having the same problem I had using the same RT install 
environment as yours.


In your httpd.conf, see if the following appears:

 Directory /
 AllowOverride None
 Order Deny,Allow
 Deny from all
 /Directory

If so, then comment out (or remove) the 'Deny from all' directive, which 
is causing very strict default access control for the DocumentRoot 
directory.  (If you choose, you can always define your own Allow, Order 
and Deny directives for particular directories in your virtual home).


At least this was the source of my symptoms, which were the same as yours.

Mike

_
Mike Friedman   System and Network Security
[EMAIL PROTECTED]  2484 Shattuck Avenue
1-510-642-1410  University of California at Berkeley
http://ack.Berkeley.EDU/~mikef  http://security.berkeley.edu
_

-BEGIN PGP SIGNATURE-
Version: PGP 6.5.8

iQA/AwUBQ0lUUq0bf1iNr4mCEQKZkgCbBh+IHlrlsq9Hfb4ifE7G3Sc1H8UAn1iQ
MktOnX09SMIQJEqgokdDRldx
=a2rI
-END PGP SIGNATURE-
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]