Apache 13 permission denied in user's home dir

2019-02-01 10:00发布

站内问答 / 前端开发
1935 9 5

My friend's website was working fine until he moved the document root from /var/www/xxx to /home/user/xxx.

Apache gives 13 permission denied error messages when we try to access the site via a web browser.

The site is configured as a virtual directory. All the Apache configurations were unchanged (except for the directory change).

We tried to chmod 777 /home/user/xxx, chown apache /home/user/xxx. But they didn't work.

Is there some kind of security feature set on the user's home directories? The server OS is CentOS (Godaddy VPS).

Any help is appreciated!

Thanks!

9条回答
可以哭但决不认输i
2楼-- · 2019-02-01 10:10

Could be SELinux. Check the appropriate log file (/var/log/messages? - been a while since I've used a RedHat derivative) to see if that's blocking the access.

查看更多
0人赞 添加讨论(0) 举报
冷血范
3楼-- · 2019-02-01 10:10

Error:

[error] [client 127.0.0.1] (13)Permission denied: Could not open password file: /home/XXX/svn/svn_password

Info:

##SELinux Security Context File Labels
#httpd_sys_content_t  The type used by regular static web pages with .html and .htm extensions.
#httpd_sys_script_ro_t  Required for CGI scripts to read files and directories.
#httpd_sys_script_ra_t  Same as the httpd_sys_script_ro_t type but also allows appending data to files by the CGI script.
#httpd_sys_script_rw_t  Files with this type may be changed by a CGI script in any way, including deletion.
#httpd_sys_script_exec_t  The type required for the execution of CGI scripts

Solution:

[root@localhost]# perror 13
OS error code  13:  Permission denied
[root@localhost]# chown apache.apache /home/XXX/svn/ -R
[root@localhost]# semanage fcontext -a -t httpd_sys_script_rw_t  "/home/XXX/svn(/.*)?"
[root@localhost]# restorecon -R -v /home/XXX/svn/
[root@localhost]# restorecon reset /home/XXX/svn/ context
[root@localhost]# ls -dZ /home/XXX/svn/
drwxr-xr-x. apache apache system_u:object_r:httpd_sys_rw_content_t:s0 /home/XXX/svn/
[root@localhost]# ls -dZ /home/XXX/svn/svn_password 
-rwxr-xr-x. apache apache system_u:object_r:httpd_sys_rw_content_t:s0 /home/XXX/svn/svn_password
[root@localhost]#
查看更多
0人赞 添加讨论(0) 举报
太酷不给撩
4楼-- · 2019-02-01 10:12

Turns out... we had to also chmod 755 the parent directory, user, in addition to xxx.

查看更多
0人赞 添加讨论(0) 举报
Summer. ? 凉城
5楼-- · 2019-02-01 10:13

Apache's errorlog will explain why you get a permission denied. Also, serverfault.com is a better forum for a question like this.

If the error log simply says "permission denied", su to the user that the webserver is running as and try to read from the file in question. So for example:

sudo -s
su - nobody
cd /
cd /home
cd user
cd xxx
cat index.html

See if one of those gives you the "permission denied" error.

查看更多
0人赞 添加讨论(0) 举报
戒情不戒烟
6楼-- · 2019-02-01 10:13

Have you changed the permissions on the individual files as well as just the directory?

chmod -R 777 /home/user/xxx
查看更多
0人赞 添加讨论(0) 举报
Deceive 欺骗
7楼-- · 2019-02-01 10:19

Can't you set the Loglevel in httpd.conf to debug? (I'm using FreeBSD)

ee usr/local/etc/apache22/httpd.conf

change loglevel :

'LogLevel: Control the number of messages logged to the error_log. Possible values include: debug, info, notice, warn, error, crit, alert, emerg.'

Try changing to debug and re-checking the error log after that.

查看更多
0人赞 添加讨论(0) 举报
1 2 下一页
登录 后发表回答
相关问题
查看全部
相关文章
查看全部
收藏的人(5)