Date: Sun, 17 Aug 2003 10:01:11 -0700 From: Joshua Oreman <oremanj@get-linux.org> To: Jez Hancock <jez.hancock@munk.nu> Cc: questions@freebsd.org Subject: Re: permission in apache Message-ID: <20030817170111.GC3389@webserver> In-Reply-To: <20030817141041.GA66494@users.munk.nu> References: <9C413C14-D0A4-11D7-976E-003065A51656@mac.com> <000401c364bb$29e596c0$f4f0a8c0@pcmedx.com> <20030817141041.GA66494@users.munk.nu>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Aug 17, 2003 at 03:10:41PM +0100 or thereabouts, Jez Hancock wrote: > On Sun, Aug 17, 2003 at 05:29:11AM -0700, Mike Maltese wrote: > > This shouldn't have anything to do with UNIX permissions. You'll get this > > error (403) if there is no document by the name specified in the > > DirectoryIndex directive (defualt is index.html) and the directory does not > > have the Indexes option (display directory contents). So either create > > index.html in that directory, or add Indexes to the Options for that > > directory to view the list of files. These options can be set on a per-vhost > > basis. > A 403 error would occur if a DirectoryIndex file exists (index.html say) > and permissions on that file in the DocumentRoot were such that it can't > be accessed by the apache user. > > Further it could be the case that permissions on the file itself, say > /usr/local/www/vhost/index.html, were 755 but still the error occurs. > Usually this is because the permissions on a parent directory somewhere > up the directory tree are set so that the apache user can't read files > under that directory structure. For example /usr/local/www might be set > to 750 and owned 'root:wheel' - so the 'other' group (which the apache > user falls into) cannot read files under that directory tree. > > In summary make sure the EUID user apache is running as has access to > the DocumentRoot directory as well as the files it needs to access of > course. > > FWIW you can check if the apache user has perms to read somefile.txt by doing: > > echo "ls -al somefile.txt" | su -fm www Won't work. Non-apache-related-example: % id -u 1000 % ls /etc/master.passwd /etc/master.passwd % less /etc/master.passwd /etc/master.passwd: Permission denied You need to actually read the file - something like `dd if=somefile.txt of=/dev/null' should work. -- Josh > > as root. > > -- > Jez > > http://www.munk.nu/ > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030817170111.GC3389>