View previous topic :: View next topic |
Author |
Message |
Kennel n00b
Joined: 13 Apr 2002 Posts: 17 Location: Helsingborg, Sweden
|
Posted: Fri Jun 21, 2002 1:45 am Post subject: You don't have permission to access /~username |
|
|
So I decided to upgrade my old 1.0rc6 to 1.2 and all went well except that I can't seem to get access to users public_html through /~username. I get:
You don't have permission to access /~username on this server
I searched the forums and found some stuff about adding the apache user to the users group and I did by running:
usermod -G apache,users apache
I also made sure that ~/public_html was chmodded 755 (even tried 777). Still no luck. Could someone please tell me what to do? I'm kind of a newbie, so a very descriptive instruction would be appreciated.
BTW. I screwed around quite a lot with apache.conf and commonapache.conf because I first believed that the problem was there. Where can I download the original version of these two files again (1.3.26)? _________________ My hovercraft is full of eels. |
|
Back to top |
|
|
skweegie n00b
Joined: 18 Jun 2002 Posts: 9
|
Posted: Fri Jun 21, 2002 2:31 am Post subject: |
|
|
since you already added the apache user to the users group...
did you confirm that the user's home directories themselves are 755?
please note that the -m switch in useradd defaults user home directories to permission 700. do a ls -al /home to confirm correct user directory permissions...
cheers |
|
Back to top |
|
|
rt_clik n00b
Joined: 18 Jun 2002 Posts: 70 Location: Rohnert Park, California, US
|
Posted: Fri Jun 21, 2002 3:52 am Post subject: Re: You don't have permission to access /~username |
|
|
Another (obvious, I know) thing to check is the apache.conf file to make sure that:
UserDir public_html
still exists. I would assume that this hasn't changed (or was backed up), but had a similar experience myself, and this was the culprit.
Good luck.
CW
Kennel wrote: | So I decided to upgrade my old 1.0rc6 to 1.2 and all went well except that I can't seem to get access to users public_html through /~username. I get:
You don't have permission to access /~username on this server
I searched the forums and found some stuff about adding the apache user to the users group and I did by running:
usermod -G apache,users apache
I also made sure that ~/public_html was chmodded 755 (even tried 777). Still no luck. Could someone please tell me what to do? I'm kind of a newbie, so a very descriptive instruction would be appreciated.
BTW. I screwed around quite a lot with apache.conf and commonapache.conf because I first believed that the problem was there. Where can I download the original version of these two files again (1.3.26)? |
|
|
Back to top |
|
|
Kennel n00b
Joined: 13 Apr 2002 Posts: 17 Location: Helsingborg, Sweden
|
Posted: Fri Jun 21, 2002 10:38 am Post subject: |
|
|
skweegie wrote: |
did you confirm that the user's home directories themselves are 755?
|
Ah! That did the trick. Another question then, won't this allow anyone to read the contents of anyones homedir? _________________ My hovercraft is full of eels. |
|
Back to top |
|
|
klieber Bodhisattva
Joined: 17 Apr 2002 Posts: 3657 Location: San Francisco, CA
|
Posted: Fri Jun 21, 2002 11:55 am Post subject: |
|
|
Kennel wrote: | Another question then, won't this allow anyone to read the contents of anyones homedir? |
Yes, change it to 750 instead. BTW, what group owns all your user directories? Is it 'users'? If so, then even 750 will allow all users to read and execute other users files.
--kurt _________________ The problem with political jokes is that they get elected |
|
Back to top |
|
|
Kennel n00b
Joined: 13 Apr 2002 Posts: 17 Location: Helsingborg, Sweden
|
Posted: Sat Jun 22, 2002 9:56 am Post subject: |
|
|
klieber wrote: | Kennel wrote: | Another question then, won't this allow anyone to read the contents of anyones homedir? |
Yes, change it to 750 instead. BTW, what group owns all your user directories? Is it 'users'? If so, then even 750 will allow all users to read and execute other users files.
--kurt |
Yes, that is very true. What do you recommend to get around this? _________________ My hovercraft is full of eels.
Last edited by Kennel on Sat Jun 22, 2002 10:39 am; edited 1 time in total |
|
Back to top |
|
|
klieber Bodhisattva
Joined: 17 Apr 2002 Posts: 3657 Location: San Francisco, CA
|
Posted: Sat Jun 22, 2002 10:31 am Post subject: |
|
|
Kennel wrote: | Yes, that is very true. What do you recommend to get around this? |
Create a special group for each user, named the same as the username. (so, for me, there would be a 'klieber' group, of which I was the only member) Then, chown each users' home directory to their username and their group. Then, 750 will work as expected/desired.
--kurt _________________ The problem with political jokes is that they get elected |
|
Back to top |
|
|
Kennel n00b
Joined: 13 Apr 2002 Posts: 17 Location: Helsingborg, Sweden
|
Posted: Sat Jun 22, 2002 10:38 am Post subject: |
|
|
klieber wrote: | Kennel wrote: | Yes, that is very true. What do you recommend to get around this? |
Create a special group for each user, named the same as the username. (so, for me, there would be a 'klieber' group, of which I was the only member) Then, chown each users' home directory to their username and their group. Then, 750 will work as expected/desired.
--kurt |
Ok, but won't I have to add apache to all those groups then i order for some.where/~username to be accessible? _________________ My hovercraft is full of eels. |
|
Back to top |
|
|
klieber Bodhisattva
Joined: 17 Apr 2002 Posts: 3657 Location: San Francisco, CA
|
Posted: Sat Jun 22, 2002 10:57 am Post subject: |
|
|
Kennel wrote: | Ok, but won't I have to add apache to all those groups then i order for some.where/~username to be accessible? |
Yes, but you can't have it both ways. Perhaps a better question is why are you putting apache virtual roots within home directories and is there a better way you can do that? (like using symlinks to another place on the HD, for example)
--kurt _________________ The problem with political jokes is that they get elected |
|
Back to top |
|
|
|