PDA

View Full Version : F11 Apache 403 Forbidden using alias directory



douglazb
20th November 2009, 01:29 AM
I have searched the forum high and low for the solution with no success, so I will now post this problem, with all known facts. Linux (and Fedora) is brand new to me so I'm somewhat “illiterate” with the language and recommendations from reading other threads. Please bare with me.

I'm reading the book “Beginning PHP and MySQL from Novice to Professional by Cristian Darie.

The book has you create an Alias directory for creating the “tshirtshop” web-based application.

The book uses the directory /home/username/tshirtshop. However, I did not want this in the /home directory, so I created a new directory from the root directory /workspace/tshirtshop.

Below are the areas of interest in the file httpd.conf
(I restarted the httpd service each time I edited this file):

DocumentRoot "/var/www/html"
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>

<Directory "/var/www/html">
Options Indexes FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all

</Directory>

<Directory "/var/www">
Options Indexes FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
</Directory>

DirectoryIndex index.php index.html index.html.var

<IfModule alias_module>

Alias /icons/ "/var/www/icons/"

Alias /tshirtshop/ /workspace/tshirtshop
Alias /tshirtshop /workspace/tshirtshop

Alias /obits/ /workspace/obits
Alias /obits /workspace/obits

</IfModule>

<Directory /workspace/tshirtshop>
Options Indexes FollowSymLinks
AllowOverride All
Order allow,deny
Allow from all
</Directory>

<Directory /workspace/obits>
Options Indexes FollowSymLinks
AllowOverride All
Order allow,deny
Allow from all
</Directory>

Next are the permission settings for the files and directories of interest:

[root@DougsBox workspace]# ls -l /workspace
total 8
drwxrwxrwx. 2 apache apache 4096 2009-11-15 18:28 obits
drwxrwxrwx. 2 apache apache 4096 2009-11-15 20:17 tshirtshop
[root@DougsBox workspace]# ls -l /workspace/obits
total 52
-rwxrwxrwx. 1 apache apache 975 2009-11-15 17:45 add.php
-rwxrwxrwx. 1 apache apache 350 2009-11-15 17:46 datatypes.php
-rwxrwxrwx. 1 apache apache 393 2009-11-15 17:46 error.php
-rwxrwxrwx. 1 apache apache 1120 2009-11-15 18:30 index.php
-rwxrwxrwx. 1 apache apache 3014 2009-11-15 17:46 insert.php
-rwxrwxrwx. 1 apache apache 1454 2009-11-15 17:46 obitdetail.php
-rwxrwxrwx. 1 apache apache 88 2009-11-15 17:47 owa.inc
-rwxrwxrwx. 1 apache apache 91 2009-11-15 17:48 owu.inc
-rwxrwxrwx. 1 apache apache 742 2009-11-15 18:28 search.php
-rwxrwxrwx. 1 apache apache 2233 2009-11-15 18:28 searchresults.php
-rwxrwxrwx. 1 apache apache 838 2009-11-15 17:44 sourceOptions.php
-rwxrwxrwx. 1 apache apache 1073 2009-11-15 17:46 sql search example format.sql
-rwxrwxrwx. 1 apache apache 644 2009-11-15 17:46 welcome.php
[root@DougsBox workspace]#

and finally, the error log:


[root@DougsBox workspace]# tail -f /var/log/httpd/error_log
[Thu Nov 19 18:53:43 2009] [error] [client ::1] Directory index forbidden by Options directive: /var/www/html/
[Thu Nov 19 18:53:46 2009] [error] [client ::1] (13)Permission denied: access to /obits denied

What remaining steps -or- what setting is incorrect?

Thanks in advance!

Douglas

markkuk
20th November 2009, 10:58 AM
The book uses the directory /home/username/tshirtshop. However, I did not want this in the /home directory, so I created a new directory from the root directory /workspace/tshirtshop.
You shouldn't create new directories directly in root, that's a violation of the Filesystem Hierarchy Standard (http://www.pathname.com/fhs/pub/fhs-2.3.html#THEROOTFILESYSTEM). If you don't want the website in /home or /var/www, put it in /srv (http://www.pathname.com/fhs/pub/fhs-2.3.html#SRVDATAFORSERVICESPROVIDEDBYSYSTEM).



and finally, the error log:


[root@DougsBox workspace]# tail -f /var/log/httpd/error_log
[Thu Nov 19 18:53:43 2009] [error] [client ::1] Directory index forbidden by Options directive: /var/www/html/
[Thu Nov 19 18:53:46 2009] [error] [client ::1] (13)Permission denied: access to /obits denied

What remaining steps -or- what setting is incorrect?

If you use a non-standard location for your web site files, you must manually change the SELinux context of the directories and files to httpd_sys_content_t. See "man httpd_selinux" and the Fedora SELinux User Guide (http://docs.fedoraproject.org/selinux-user-guide/f12/en-US/).