I have been setting up a Fedore Core 4 box with apache. This is what I have done:

1. Upon installing the OS I created a user titled "administrator"
2. I then created three folders that will ultimately hold my three test sites.
Those folders were setup like this:
"/home/administrator/www/production"
"/home/administrator/www/test"
"/home/administrator/www/development"
3. I then setup three virtual hosts pointing to the folders described above.
4. All was going beautifully. All pages were appearing. Then I decided to add a new user to the OS so I launched the "Add Users/Goups" application and added a user titled "rhall"
5. I then logged out and back in as "rhall"
6. I thend recreated the ENTIRE folder structure I had when I was logged in as "administrator"
7. Then I su'd and changed the path of the virtual hosts to point to the new user I am now logged in as.

Unfortuantely, I am getting a "Forbidden" error. BUT it goes away once I change the path back to the old.

Any ideas?


BTW. I have confirmed SELinux has be DISABLED so I know that is not the problem.

permissions on the new folder structure.

tail your error.log when you hit that page and post up what it says.

Here are the permissions and the log files

[root@inetserver www]# ls -laR
.:
total 12
drwxrwxr-x 3 syst75 syst75 4096 Apr 6 09:03 .
drwx------ 13 syst75 syst75 4096 Apr 6 09:04 ..
drwxrwxr-x 2 syst75 syst75 4096 Apr 6 09:04 production

./production:
total 12
drwxrwxr-x 2 syst75 syst75 4096 Apr 6 09:04 .
drwxrwxr-x 3 syst75 syst75 4096 Apr 6 09:03 ..
-rw-rw-r-- 1 syst75 syst75 117 Apr 6 09:04 index.htm





[root@inetserver logs]# tail /etc/httpd/logs/error_log
[Thu Apr 06 09:04:56 2006] [notice] LDAP: Built with OpenLDAP LDAP SDK
[Thu Apr 06 09:04:56 2006] [notice] LDAP: SSL support unavailable
[Thu Apr 06 09:04:56 2006] [notice] mod_python: Creating 4 session mutexes based on 256 max processes and 0 max threads.
[Thu Apr 06 09:04:57 2006] [notice] Apache/2.0.54 (Fedora) configured -- resuming normal operations
[Thu Apr 06 09:05:06 2006] [error] [client 192.168.1.28] (13)Permission denied: access to / denied
[Thu Apr 06 09:05:06 2006] [error] [client 192.168.1.28] (13)Permission denied: access to /favicon.ico denied
[Thu Apr 06 09:12:24 2006] [error] [client 192.168.1.28] (13)Permission denied: access to / denied
[Thu Apr 06 09:12:24 2006] [error] [client 192.168.1.28] (13)Permission denied: access to /favicon.ico denied
[Thu Apr 06 11:03:02 2006] [error] [client 192.168.1.28] (13)Permission denied: access to / denied
[Thu Apr 06 11:03:02 2006] [error] [client 192.168.1.28] (13)Permission denied: access to /favicon.ico denied


I'm not seeing anything that looks particularly odd other than the favicon thing being denied. But I am not using and favicons. Any ideas?

so....when you point your virtual host at /admin/www/production it works, but if you point it at /rhall/www/production it doesnt?

im not sure what exactly your saying the problem is.

You are correct. When I point the virtual host at /admin/www/production, it works but /rhall/www/production returns a "forbidden" error..

Hope that helps.

wierd, never seen a problem like this before.

Have you tried making a .htaccess file by chance?

show us the perms all the way to / on both structures.

and the .conf files.

relabel the SELinux

show us the perms all the way to / on both structures.

and the .conf files.


Perms? I'm sorry I not understand what you mean by "Perms."

wierd, never seen a problem like this before.

Have you tried making a .htaccess file by chance?

I hear ya. This problem makes absolutely no sense to me either. As far as the .htaccess file go, no .htaccess files exist. in either of the setups.

Do you think it is possible this has anything to do with the "Add User" application I used to create this user? I used the default GUI app that came with Fedora.

I'm actually beginning to think it might be faster to jsut reinstall the entire OS, but part of me REALLY wants to figure this out. I guess I am just looking for punishment :-)

sorry - by perms I meant permissions. show me the permissions for both administrator and rhall right from / all the way to the DocumentRoot.

and yes, I'd use useradd rather than some GUI.

whiphubley is going along the right route, In order for a user/group to be able to read a file/directory, every directory up the directory tree leading back to / must have execute permissions.[root@inetserver www]# ls -laR
.:
total 12
drwxrwxr-x 3 syst75 syst75 4096 Apr 6 09:03 .
drwx------ 13 syst75 syst75 4096 Apr 6 09:04 ..
drwxrwxr-x 2 syst75 syst75 4096 Apr 6 09:04 production

./production:
total 12
drwxrwxr-x 2 syst75 syst75 4096 Apr 6 09:04 .
drwxrwxr-x 3 syst75 syst75 4096 Apr 6 09:03 ..
-rw-rw-r-- 1 syst75 syst75 117 Apr 6 09:04 index.htm Try changing the parent dir, plus all dirs leading to root to rwx--x--x.

Savage

sorry to hijack this thread, but would just like to say what a helpful quota tutorial you have on your website $avage.

I set up quotas on a fileserver that died on me and have to do it again next week, so that'll come in very handy :-)

sorry to hijack this thread, but would just like to say what a helpful quota tutorial you have on your website $avage.

I set up quotas on a fileserver that died on me and have to do it again next week, so that'll come in very handy :-)Thanks, it's always nice to know my tutorials are helping people. I'm moving my server into a house of 3.5 nerds and it's going to have network shares setup, I'll be damned if they think they're having all my disk space :D

Savage

whiphubley is going along the right route, In order for a user/group to be able to read a file/directory, every directory up the directory tree leading back to / must have execute permissions.[root@inetserver www]# ls -laR
.:
total 12
drwxrwxr-x 3 syst75 syst75 4096 Apr 6 09:03 .
drwx------ 13 syst75 syst75 4096 Apr 6 09:04 ..
drwxrwxr-x 2 syst75 syst75 4096 Apr 6 09:04 production

./production:
total 12
drwxrwxr-x 2 syst75 syst75 4096 Apr 6 09:04 .
drwxrwxr-x 3 syst75 syst75 4096 Apr 6 09:03 ..
-rw-rw-r-- 1 syst75 syst75 117 Apr 6 09:04 index.htm Try changing the parent dir, plus all dirs leading to root to rwx--x--x.

Savage

I KNEW it had to be something easy. Unfortunately, I had to have it set up within 2 days, so I just restalled the OS. However, I'm gonna add a second user and test your suggestion anayway then get back to y'all.

It usually is something simple :) Simple things always get me. I recently had this problem when I setup public_html dir's site.com/~username access, because every user's home directory had rwx------ permissions.

Let me know if it works :)

Savage