fedora 4 + apache + forbidden

Tim ignored_mailbox at yahoo.com.au
Fri Dec 23 16:43:09 UTC 2005 

On Fri, 2005-12-23 at 10:55 +0000, Raul wrote:
> lrwxrwxrwx      1 root   root     13 Dec 22 01:10 ldap -> phpldapadmin/
> -rw-r--r--      1 root   root     22 Dec 17 21:25 php_info.php
> drwxrwxr-x      7 apache apache 4096 Dec 21 23:55 phpldapadmin
> lrwxrwxrwx      1 root   root     20 Dec 17 23:56 phpmyadmin -> phpMyAdmin-2.7.0-pl1
> drwxr-xr-x      7 apache apache 4096 Dec 22 00:13 phpMyAdmin-2.7.0-pl1
> drwxr-xr-x      8 apache apache 4096 Dec 17 21:46 scarecrow
> drwxr-xr-x      2 root   root   4096 Dec 22 01:10 test

A tip about something else:  

It's not usually a good idea to put files into the webspace as owned by
apache.  You're giving the server write access to those files, that way,
and that may be remotely exploitable.

Usually, they're owned by someone else, and given world readable, and
world-executable (where needed) permissions, for the server to allow the
WWW to see them.

> As I said am having all the defaults on apache (users etc.) however am
> not able to access the folder phpldapadmin by http://azul/phpldapadmin,
> but I do access it via http://azul/ldap which is a soft link to
> phpldapadmin. The error message am getting is a simple forbidden. Since
> I can access tru the link is not a real problem, but I don't know why I
> cannot make it tru the original.
> 
> Things I changed on the conf file are
> 
>     AllowOverride All
> 
>      UserDir public_html
> 
> everything else is the defaults.
> 
> P.S. am getting the sam error when doing http://azul/~user/

I can't think of the reason for your phpldapadmin access problem off the
top of my head, but SELinux could be one (particularly with the ~user
one).  And in the case of the user homespace one, you need to make their
public_html world readable and executable, and *all* the parent
directories (right down to /home) world executable, as well as
appropriate SELinux contexts and rules (if you're using SELinux).

-- 
Don't send private replies to my address, the mailbox is ignored.
I read messages from the public lists.

More information about the fedora-list mailing list