Received: (qmail 15198 invoked by uid 2012); 7 Mar 1999 06:20:41 -0000 Message-Id: <19990307062041.15197.qmail@hyperreal.org> Date: 7 Mar 1999 06:20:41 -0000 From: Darren Larson Reply-To: dkl@byu.edu To: apbugs@hyperreal.org Subject: User directories not accessible (gets 403 error messages) X-Send-Pr-Version: 3.2 >Number: 4014 >Category: os-linux >Synopsis: User directories not accessible (gets 403 error messages) >Confidential: no >Severity: serious >Priority: medium >Responsible: apache >State: closed >Class: sw-bug >Submitter-Id: apache >Arrival-Date: Sat Mar 6 22:30:01 PST 1999 >Last-Modified: Sat Mar 6 23:10:00 PST 1999 >Originator: dkl@byu.edu >Organization: >Release: 1.3.3 and 1.3.4 >Environment: RedHat 5.2 and Linux Mandrake 5.3 Linux kernels 2.2.1 and 2.2.2 gcc 2.7.2.3 >Description: I am running a few flavors of the Linux distribution (Linux Mandrake, RedHat, TurboLinux) and find that Apache 1.3.3 and 1.3.4 will not allow a browser (in this case, Netscape Communicator 4.5 for i386 Windows98)to view the content of the user's (~username) www directory or index.html file (or any other files in the directory). This problem happens on default configured Apache running on RedHat 5.2 or LinuxMandrake 5.3 but it doesn't happen on TurboLinux 1.2. Each system runs the 2.2.2 Linux kernel however. >How-To-Repeat: Set up a RedHat 5.2 Linux box with Apache 1.3.3 or 1.3.4 (it may be in other versions of 1.3 as well, but I haven't checked them) and then try to access a user's public_html directory from the web. >Fix: Maybe make a configure/compile option for Apache that will address the different libraries (?) used by RedHat-based Linuses? I honestly don't have much of a helpful suggestion other than the possibility that the problem may be specific to RedHat Linux. >Audit-Trail: State-Changed-From-To: open-closed State-Changed-By: marc State-Changed-When: Sat Mar 6 22:33:03 PST 1999 State-Changed-Why: This is almost certainly due to an incorrect Apache configuration (eg. Directory settings) or to file permissions (eg. the home directory isn't world readable) Unfortunately, since you didn't do little things like include any info from the error log or say there is none, I can't say much more. This is almost certainly nothing related to a bug in Apache. From: Marc Slemko To: Darren Larson Cc: Apache bugs database Subject: Re: os-linux/4014: User directories not accessible (gets 403 errormessages) Date: Sat, 6 Mar 1999 23:11:28 -0800 (PST) As I said before, your home directory probably isn't world readable. Not the directories under it, the directory itself. All directories in the path of the file being accessed, up to and including the directory it is in, have to be readable by the user Apache is runnng as, which normally means world readable. On Sat, 6 Mar 1999, Darren Larson wrote: > Sorry if you needed more info. > > My www directory in my home dir is set to be world readable and > executable. > > I do not have this problem running Apache 1.3.4 on OpenBSD 2.3, or > TurboLinux 1.2 kernel 2.2.2 - just RedHat 5.2 kernel 2.2.1 or 2.2.2 > > Also, the error log doesn't show anything but the web server starting up > or shutting down. > > [dklarson@stealth logs]$ more error_log > httpd: [Sat Mar 6 23:29:26 1999] [notice] Apache/1.3.4 (Unix) > configured -- resuming normal operations > > The access log does show the HTTP 403 errors though: > > [dklarson@stealth logs]$ more access_log > 10.1.1.1 - - [06/Mar/1999:23:29:38 -0700] "GET /~dklarson/ HTTP/1.0" 403 > 282 > 10.1.1.1 - - [06/Mar/1999:23:30:42 -0700] "GET / HTTP/1.0" 200 1622 > 10.1.1.1 - - [06/Mar/1999:23:30:42 -0700] "GET /apache_pb.gif HTTP/1.0" > 200 2326 > 10.1.1.1 - - [06/Mar/1999:23:30:46 -0700] "GET /manual/index.html > HTTP/1.0" 200 2287 > 10.1.1.1 - - [06/Mar/1999:23:30:46 -0700] "GET /manual/images/sub.gif > HTTP/1.0" 200 6083 > 10.1.1.1 - - [06/Mar/1999:23:30:46 -0700] "GET /manual/images/index.gif > HTTP/1.0" 200 1540 > 10.1.1.1 - - [06/Mar/1999:23:30:51 -0700] "GET /manual/install.html > HTTP/1.0" 200 10455 > 10.1.1.1 - - [06/Mar/1999:23:34:13 -0700] "GET /~dklarson/ HTTP/1.0" 403 > 282 > 10.1.1.1 - - [06/Mar/1999:23:34:34 -0700] "GET /~dklarson/ HTTP/1.0" 403 > 282 > > Here is the uname -a from my system: > > Linux stealth.blue.house 2.2.1 #1 Sat Feb 27 16:45:46 MST 1999 i586 > unknown > > > Here's an ls of my home and www directory: > > [dklarson@stealth dklarson]$ ls -l > total 7 > drwxr-xr-x 2 dklarson dklarson 2048 Feb 14 21:16 apple2 > drwxr-xr-x 4 dklarson dklarson 1024 Mar 3 01:46 archive > drwxrwxr-x 18 dklarson dklarson 1024 Feb 17 01:31 docs > drwxr-xr-x 4 dklarson dklarson 1024 Feb 14 23:41 images > drwx------ 2 dklarson dklarson 1024 Feb 22 09:23 mail > drwxrwxr-x 2 dklarson dklarson 1024 Mar 6 22:01 www > [dklarson@stealth dklarson]$ ls -l www > total 2 > -rw-rw-r-- 1 dklarson dklarson 1622 Mar 6 22:01 index.html > [dklarson@stealth dklarson]$ > > > (I have the httpd.conf file UserDir set to www instead of public_html) > > > Any ideas why I'd have these errors on this particular version of Linux > but not OpenBSD or non-Redhat Linux? > > Thanks > > > marc@apache.org wrote: > > > > [In order for any reply to be added to the PR database, ] > > [you need to include in the Cc line ] > > [and leave the subject line UNCHANGED. This is not done] > > [automatically because of the potential for mail loops. ] > > [If you do not include this Cc, your reply may be ig- ] > > [nored unless you are responding to an explicit request ] > > [from a developer. ] > > [Reply only with text; DO NOT SEND ATTACHMENTS! ] > > > > Synopsis: User directories not accessible (gets 403 error messages) > > > > State-Changed-From-To: open-closed > > State-Changed-By: marc > > State-Changed-When: Sat Mar 6 22:33:03 PST 1999 > > State-Changed-Why: > > This is almost certainly due to an incorrect Apache > > configuration (eg. Directory settings) or to file permissions > > (eg. the home directory isn't world readable) > > > > Unfortunately, since you didn't do little things like include > > any info from the error log or say there is none, I can't say > > much more. > > > > This is almost certainly nothing related to a bug in Apache. > >Unformatted: [In order for any reply to be added to the PR database, ] [you need to include in the Cc line ] [and leave the subject line UNCHANGED. This is not done] [automatically because of the potential for mail loops. ] [If you do not include this Cc, your reply may be ig- ] [nored unless you are responding to an explicit request ] [from a developer. ] [Reply only with text; DO NOT SEND ATTACHMENTS! ]