httpd access problems

Manuel Aróstegui manuel at todo-linux.com
Sun Oct 26 11:19:36 UTC 2008 

El dom, 26-10-2008 a las 05:00 -0400, Gene Heskett escribió:
> Greetings all;
> 
> I note just now that logwatch reports this:
> 
>  --------------------- httpd Begin ------------------------ 
> 
>  
>  Requests with error response codes
>     403 Forbidden
>        /: 1 Time(s)
>        /gene/nitros9/level2/cc3io.dis: 1 Time(s)
>        /gene/nitros9/level2/cc3io_l51.ng: 1 Time(s)
>        /gene/nitros9/level2/cc3io_l51.ng.list: 1 Time(s)
>        /gene/nitros9/level2/cc3io_l51_191l.list: 1 Time(s)
>        /gene/nitros9/level2/cc3io_l52: 1 Time(s)
>        /gene/nitros9/level2/cc3io_l52_191l: 1 Time(s)
>        /gene/nitros9/level2/cc3io_m51.mine: 1 Time(s)
>        /gene/nitros9/level2/cc3io_m51.mine.list: 1 Time(s)
>        /gene/nitros9/level2/cc3io_m52: 1 Time(s)
>        /gene/nitros9/level2/cc3io_m52_191l: 1 Time(s)
>        /gene/nitros9/level2/dbgmouse: 1 Time(s)
>        /gene/nitros9/level2/smouseM51_L51.updt: 1 Time(s)
> 
> Indicating that someone tried to read those files, which they should be able 
> to, but were refused permissions.  The directory 'nitros9' is a softlink 
> from /var/www/html/gene/nitros9 to that directory in /opt, which has these 
> permissions:
> [root at coyote logrotate.d]# ls -l --lcontext /var/www/html/gene
> total 36
> drwxr-xr-x 2 system_u:object_r:httpd_sys_content_t:s0 apache apache 4096 
> 2008-09-28 14:09 emc
> lrwxrwxrwx 1 system_u:object_r:httpd_sys_content_t:s0 apache apache   19 
> 2008-07-20 08:51 Garage-pix -> /usr/pix/Garage-pix
> lrwxrwxrwx 1 system_u:object_r:httpd_sys_content_t:s0 apache apache   12 
> 2008-06-20 11:01 nitros9 -> /opt/nitros9
> drwxr-xr-x 2 system_u:object_r:httpd_sys_content_t:s0 apache apache 4096 
> 2008-10-10 07:56 pix
> drwxr-xr-x 2 system_u:object_r:httpd_sys_content_t:s0 apache apache 4096 
> 2008-04-08 09:48 txpix
> lrwxrwxrwx 1 system_u:object_r:httpd_sys_content_t:s0 root   root     18 
> 2008-10-15 21:49 WorkBench -> /usr/pix/WorkBench
> 
> All the files that are referenced in the 403 no perms are owned by the user I 
> must be in order to make cvs write access work.  And that user is his own 
> group also.

Is /opt readable for the apache user?

Manuel.

-- 
Manuel Arostegui Ramirez.

Electronic Mail is not secure, might not be read every day, and should not
be used for urgent or sensitive issues.

More information about the fedora-list mailing list