Fedora Servers :: Apache Says User Directory 'Not Found'
Feb 2, 2009
I have FC10 newly installed, and Apache is serving content from /var/www/ okay.
I'm trying to get Apache to serve web content from user's home directories. This is what I've tried with no success:
Uncommented 'UserDir public_htm' in /etc/httpd/conf/httpd.conf and commented out 'UserDir disabled'.
Uncommented user directory section in /etc/httpd/conf/httpd.conf. It now reads as follows:
# Control access to UserDir directories. The following is an example
# for a site where these directories are restricted to read-only.
I also tried setenforce 0 to temporarily disable SELinux until the next reboot. No luck. It doesn't appear to be an SELinux issue.
That's as far as the information available will take me. I still get URL 'Not Found' when I try to access http://192.168.0.2/~myusername/
I want to enable User Directories in Apache. So in httpd.conf I set:
Code: <IfModule mod_userdir.c> #UserDir enabled // commented out UserDir public_html </IfModule> Directory /home/kees is listed has the following file permissions: drwx--x--x 32 kees kees Directory /home/kees/public_html has the following file permissions: drwxr-xr-x 2 root root
Directory public_html has two files: index.html and index.php, both with file permissions: -rwxr-xr-x 1 root root If I now try to open http://myhost/~kees/index.html (or index.php) in my browser I get a 403 Forbidden error. If I look in my error log I see the following messages if I first try to open the index.html and then the index.php file:
I'm configuring Apache for the first time on this box (8.04 LTS) and Apache2 for the first time ever. "Out of the box" it runs fine and I get the "It Works" page okay. But I'd like to use the virtual site feature to direct Apache to a folder in my user space, and I keep getting errors.
When I point a browser at localhost, the 404 message is "The requested URL / was not found on this server." and the /var/log/apache2/error.log ends with "File does not exist: /htdocs.
Here's my config file from the apache2/sites-available folder:
I diff'ed this file with the default and the only differences are in the DocumentRoot line and the <Directory ...> line.
My public_html folder has permissions 755 and the index.html file is 644.
I have a network set up that has been working for around a year with no problems but has now developed a login problem. The system was set up with a main server with all users on it and another PC located elsewhere that people could log onto using there personal login and password that then gained access to the account on the main server. This remote PC has now got the problem. When you try to log onto an account it comes up with the message "your session has lasted less than 10 seconds. If you have not logged out yourself this could mean there is a installation problem or that you are out of disk space."
Error message says that no profile for the user can be found and it couldnt create per-user gnome configuration directory. I can log on as root onto the remote PC as it is obviously a local account but all the account on the main server are not accessible. From the root account I can see that the connection to the server is OK and I can actually log into the accounts on the server using the failsafe session so the physical network is OK.
I never built or designed this set up and to be honest I normally work with windows so its all a bit strange to me. Both PC's run Centos 5. I have checked the messages log and there doesnt seem to be any indication of a problem. Just that it stopped connecting from the remote PC. The accounts are all active on the main server itself and have no problems being accessed.
Something that has been in the pipleline at work for a while is user-based web directories. Main PDCs are running Windows Server 2003 using Active Directory, ideally what would happen is that users have a web share under [URL].. - the server behind this would be Linux (either Fedora or CentOS).
What kind of configuration would be needed for Apache to make this possible? The way I have planned so far is to have the Linux box auth against the AD domain (possibly joined), with Apache setup to share local public_html folders. Not sure how I can get rid of the tilde from the start of the username, but it should be pretty easy.
I'm using FC10 and I want to create a symlink to my movies directory in my home folder:
This is what I did: I created in /var/www/html ln -s /home/username/movies movies
Then in /etc/httpd/conf/httpd.conf DocumentRoot "/var/www/html" <Directory /> Options FollowSymLinks AllowOverride None </Directory>
<Directory "/var/www/html"> Options Indexes FollowSymLinks AllowOverride None Order allow,deny Allow from all </Directory>
<Directory "/home/username/movies"> Options Indexes FollowSymLinks Order allow,deny Allow from all </Directory>
Restart apache and then the test page is working.
The directory /home/username/movies has following permissions: drwxrwxrwx 2 apache apache 4096 2009-03-05 23:43 movies When trying to access my webpage at localhost/movies I get the 403 Forbidden Error. Ok then, entering: sudo -u apache ls /var/www/html > movies This works, sudo -u /var/www/html/movies returns the permission denied error. As well sudo -u /home/username/movies Is the user apache chrooted by default? SELinux is in permissive mode. What can I do?
With F11 installed Apache is having permissions issues reading files out of the html directory. Only wants to work with permissions set to read for other. [Thu Jun 11 23:25:28 2009] [error] [client 127.0.0.1] (13)Permission denied: file permissions deny server access: /var/www/html/index.html Tracked down the permissions issue. Is there a good reason not to change the group to apache and remove world read?
I have apache working,i have users set under admin group in /home/admin/username/html that is with an html publicfolder at the end, now permissions are set right, /html is set to mode 777, and the contents also inside them. But everytime i do a 10.0.11.25/~les i get a damn forbidden error code, its got me so pissed off and i dont' know whats the problem. This is the error i get: Forbidden 403 You don't have permission to access /~les on this server.
[Tue May 05 19:37:48 2009] [notice] Apache/2.2.11 (Unix) DAV/2 PHP/5.2.6 configured -- resuming normal operations [Tue May 05 20:44:30 2009] [error] [client 10.3.0.254] (13)Permission denied: access to /~les denied
I'm trying to restrict a particular ssh user to his home directory, I'm just giving him access so that he can ssh to another server that is only accessible from the former but restrict his movement so that he can't poke around the former.I already made some changes to sshd_config file and added the following line at the end:
Did some test, user joe can ssh to the server but unable to do anything aside from logging in, even a simple ls command will immediately close the putty session. I know I'm still missing something but don't really know what it is.I also tried this how to that uses rssh --> http://www.adamhawkins.net/2009/05/r...ured/#more-431 however when I login the session immediately closes.
I'm trying to get Apache to run in a user's home directory. I changed the conf file so that Apache runs under the user and group "kiosk" and changed the DocumentRoot and Directory from the default to "/home/kiosk". Then I set Apache to start at boot (chkconfig --level 235 httpd on) and rebooted. When I checked, httpd is running as kiosk like it should (ps aux | grep httpd). However, when I try wget localhost, I get a 403 response back. If as root I call "httpd -k stop" and then "httpd -k start", then everything works exactly as it should (curiously, if I try using "-k restart", it still doesn't work). After this, httpd still shows as running as kiosk and if I check before calling start, it shows no httpd processes running as expected.
This only happens when I use httpd to stop and then start the web server. If I try to restart using apachectl I still get a 403 error. As an interesting aside, after I've used httpd, if I try using "apachectl restart" I get a "(13)Permission denied: Error retrieving pid file run/httpd.pid" error. This is all on a freshly installed CentOS 5.5 server. Why I'm seeing this very different behaviour from what I thought were just equivalent ways of starting Apache? And then what I could do to get it to start up and run properly on boot? One last item to mention is this isn't a permissions problem. I set the permissions to 777 to both the home and kiosk directories (and 666 to the web files) just to be sure that's not the problem.
I recently started using SVN with Apache for my web development, although I find it really annoying that I have to issue two SVN commands (one local, one remote) to update my web site. I have been looking into SVN post-commit hooks to solve this problem. The only problem is that apache does not have permission to modify files in my user directory... So here is how everything is setup. I am running Slackware 13 full install. There have been no installations overriding any of the default installs.
I'm trying to jail a sftp user. All I want is for my daughter-in-law to be able to download pictures of my grandson on his step-uncle's motorcycle. But I don't want her browsing around. She's not a techie, but she's smart enough to catch on how WinSCP is looking at my files. I've set up the jail using jk_init, adding ssh, sftp, bash, netutils, basicshell, jk_lsh.
The physical root of the jail is owned by root, as are all the binaries loaded by the jk_init. The user's home directory is owned recursively by the user and is writable only by the owner. The passwd and group files are in the jailed /etc and populated by the user's lines. Shell is bash, and bash is there too. The error message must be coming from some other problem that's not notifying, but what?
In my website, I'm putting shared files in a "/global" folder. Both "styles.css" and "library.php" are in this global folder. HTML code seems to be working ok - the following bit works great to pick up a style sheet:
Code: <link rel="stylesheet" type="text/css" href="/global/styles.css" /> However PHP does not seem to understand my root directory. Using the following does not work: Code: include_once("/global/library.php");
I receive a "failed to open stream: No such file or directory" error.Spelling out the entire full path works, like so:
But this type of code is no good as I may change servers in the future. I have my "DocumentRoot" set correctly in my sites-available file. It seems as if PHP is ignoring it. Is there a config file someplace (htaccess? Local php.ini?) where I should update my root directory for this site only? Or am I following bad form and there's a better way to do this? Relative paths don't seem like the answer here though...
Have Apache running on Ubuntu Server. Say I have a domain, www.somewhere.com, and I have uploaded a file, phpinfo.php. If I hit http://www.somewhere.com/phpinfo.php, I get my file as expected. However, If I hit non-existent file http://www.somewhere.com/phpinfo/somefile.dat, it also acts as if I hit phpinfo.php, instead of giving me a 404 error. It seems that because the DIRECTORY "phpinfo" does not exist, it decided that I must have meant to hit phpinfo.php at the root of the site.
If I create an empty "phpinfo" directory then it behaves as expected and gives me a 404 not found page. This is reproducible for any other file name you can think of. I'm sure this is some Apache convenience behavior but I would like to disable it (it is messing with some mod_rewrite stuff I would like to do). Because it's hard to describe I cannot figure out which Apache option it might be (whatever I Google for gives me completely unrelated results).
When we run php scripts that move/rename/etc files, the script does not have access to write to files in our web root. Changing permissions to 777 fixes the problem, but obviously this is not an option..I've been reading up about suexec, phpsuexec, and suphp, but we can't seem to figure any of this out.In phpinfo(),the Server API reads: Server API Apache 2.0 Handlerbut on another server (where everything works, it reads : Server API CGI/FastCGIIs there ANY way to achieve this?
Vanilla install of Karmic (64 bit) - would like to change the Apache doc root to point to /home/sam/www as it's my web development machine. (Default install is working fine) Created copy of 'default' to 'mylocal' in '/etc/apache2/sites-available'
Code: <VirtualHost *:80> ServerAdmin webmaster@localhost DocumentRoot /home/sam/www <Directory /> Options FollowSymLinks AllowOverride None </Directory> <Directory /home/sam/www/> Options Indexes FollowSymLinks MultiViews AllowOverride None Order allow,deny allow from all </Directory> ...
The permissions on the folder in my home dir: Code: sam@rocket:~$ ls -la ww* total 16 drwxrwxrwx 2 sam sam 4096 2010-01-09 22:26 . drwx------ 35 sam sam 12288 2010-01-09 22:11 .. -rwxrwxrwx 1 sam sam 100 2010-01-09 22:27 index.html sam@rocket:~$ pwd /home/sam sam@rocket:~$ The sites enabled set up:
Code: root@rocket:/etc/apache2# ls -la sites-enabled/ total 8 drwxr-xr-x 2 root root 4096 2010-01-09 22:24 . drwxr-xr-x 7 root root 4096 2009-12-20 00:22 .. lrwxrwxrwx 1 root root 26 2010-01-09 22:24 mylocal -> ../sites-available/mylocal But I still get: "Forbidden You don't have permission to access / on this server".
I would like to change the permissions for a directory and all files inside the directory how do I do this? The website is located only on my local network so I am not worried about security. Also what would be the optimal permissions for running wordpress.
I am trying to make my Apache server show symbolic links in a directory listing, but have so far been unsuccessful. In my latest attempt, I have placed the following code in .htaccess, in the directory with the symlinks that I want listing:
Code: <Directory /> Options All </Directory> Im httpd-vhosts.conf, I have also placed the following code within the relative <VirtualHost></VirtualHost>:
I want to automaticly set the group ownership of user home directories to a group that the user is not part of. This is so that Apache can be part of this group and can access user public HTML directory, but other users are not able to access in any way the files in the users home directory. What I have seen that works manually is adding the user and then changing the group for the home directory. But I want to automatically set this when the user account is created. WHat I see happening is that when /etc/skel is copied, it automatically sets the group and ownership of everything to the users default group and ownership. I've seen some suggestions on setting permissions, but these don't seem to work because it seems that users are able to cd into a directory and not list it, but if they know the file name they can access the file.
i want to allow some friends to ssh/sftp/scp into my system but i only want them to have access to my external hard drive (/media/externalHD/), and i dont want them to be able to delete or add anything, only download.i have found instructions on how to limit a user to his/her home directory and thought about just creating a user with the home directory /media/externalHD but idk if this will work and im afraid i might make a mistake and delete 800gb of 'files'
I was having trouble getting php files to display properly on my ubuntu 10.10 LAMP setup. Everything was installed with defaults and working properly. testphp.php worked as long as it was in the sites parent directory, but any php files in user directories did not work. All browsers tried to download the php files located in /home/user/public_html instead. I tried to use the help documents here, [URL]..
Finally I was browsing around in the /etc/apache2/mods-available directory and looked at the php5.conf file. Here is the relevant information from the file:
# To re-enable php in user directories comment the following lines # (from <IfModule ...> to </IfModule>.) Do NOT set it to On as it # prevents .htaccess files from disabling it. # <IfModule mod_userdir.c> #Comment out this line
I tried to edit the help document linked above but it says not to do so! I couldn't find a reference for this fix anywhere else, so I decided to post it here.
I have searched the forum high and low for the solution with no success, so I will now post this problem, with all known facts. Linux (and Fedora) is brand new to me so I'm somewhat illiterate with the language and recommendations from reading other threads. Please bare with me. I'm reading the book Beginning PHP and MySQL from Novice to Professional by Cristian Darie.The book has you create an Alias directory for creating the tshirtshop web-based application.
The book uses the directory /home/username/tshirtshop. However, I did not want this in the /home directory, so I created a new directory from the root directory /workspace/tshirtshop. Below are the areas of interest in the file httpd.conf (I restarted the httpd service each time I edited this file):
I am having a problem getting Apache to serve out a directory. If I place an index.html in the Document.Root I can see that page. When I remove the index.html I only see the test page for Apache. the relevant section form my httpd.conf. I am not using virtual hosts just setting up one Apache instance.
As you can see from the below I have enabled Indexes so I am at a loss :-(
ServerTokens OS ServerRoot "/etc/httpd" PidFile run/httpd.pid Timeout 120 KeepAlive Off MaxKeepAliveRequests 100
I've setup Kerberos and OpenLDAP servers (9.10) similar to the official documentation (and other sites that fill in the "gaps"). However, when you start to get in to some of the details, there seem to be many options - and I guess I'm looking for what could be the defacto standard. I'd like to allow Ubuntu clients to have a sso capability, with the ability for local caching of passwords if not connected to the network (such as a laptop user away from the office, prior to a VPN). I'd like to automount a secure NFS share somewhere in the /home directory. If the user logs in to a computer they've not logged in to before (if they're authorized), it would be nice if a skeleton /home directory could be setup there automatically I'm guessing that it is not desirable to use a shared /home NFS - as if you're off the network this would be problematic - as well as multiple computers sharing the same /home. There are some benefits to a shared /home (SSH certs, etc.), so maybe there is a hybrid approach out there.
I've read that it's not necessarily good practice to have OpenLDAP to do the authentication (leave this to Kerberos), but it's fine for authorization (such as ACLs for logins to certain computers). It's also good practice to use TLS with OpenLDAP (which requires public certs on all the clients) and to not allow anonymous read to the directory. I would guess that a computer host keytab could be refreshed to bind to the OpenLDAP server via GSSAPI / SASL to allow a non-anonymous read, and then determine if, say, the user was a member of a group allowed to log in. Kerberos would then pick up and authenticate the user and then proceed to the login. Off the network here, I'm not sure. I found this document, but it's self declared missing items: [URL]
I'll stop the rambling, but I cannot be the only one who would like to setup a relatively standard and secure server based network authentication and authorization back-end. Is there any _complete_ documentation on the best practices and how to implement?
I have configured apache on my Centos 5.2 and it is working well. I want to have a sym link of my docs directory in /root/ in the apache root directory. I used ln -s command to create this sym link. But when I tried to access this I get the following error:
You don't have permission to access /docs on this server. Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.
How can I access this directory in apache. i use apache 2.0.63.