On 07/27/2012 12:46, Tim wrote:
On Fri, 2012-07-27 at 11:55 -0400, Mark Haney wrote:
The problem is, no matter what I do, I get an access denied error.
By
default apache2 has INDEXES enabled for DOCROOT, but to be on the
safe
side I added a new directory directive for <DOCROOT/pics> and set
INDEXES. Still nothing.
Is your access denied error just for trying to view an index, or does
it
happen when trying to view anything?
Did you set that directive /after/ any opposing rules, were set? And
is
your filepath inside the usual docroot, or outside of it? (It goes
inside <Directory> clauses.)
The files, and all the directories back to the Linux /, all need to
be
world-readable, and the directories also need to be world executable.
e.g. /var/
/var/www/
/var/www/html/
/var/www/html/whatever-else/
All need to have at least -------r-x directory permissions, and
-------r-- file permissions.
Likewise, if you're serving from /home/your-username/public_html/
If SELinux is enforcing, then there needs to be a "httpd_sys_content"
or
"httpd_user_content" context to the file and directories, too.
That'll
be set, by default, if you create or copy files in the usual web
serving
filepaths; but not if you created them elsewhere, and moved them
over.
If you're serving from an unusual filepath, then you'll need to
manually
apply file contexts. And you'll need to re-apply them anytime
there's a
relabelling of the file system, or, you'd create a rule for your
serving
filespace, so it gets labelled automatically.
You may also need to tick some options on inside a SELinux
configurator,
regarding local webserving, too.
--
[tim@localhost ~]$ uname -r
2.6.27.25-78.2.56.fc9.i686
Don't send private replies to my address, the mailbox is ignored. I
read messages from the public lists.
If he is serving from an unusual path he should use the semanage
fcontext command to add the proper labeling and then just relabel that
location. That way he doesn't have to worry about relabeling operations.
Dave
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
