View previous topic :: View next topic |
Author |
Message |
keifir Tux's lil' helper
Joined: 10 Jun 2002 Posts: 119 Location: Canada
|
Posted: Sat Feb 15, 2003 9:17 pm Post subject: another Apache config question: custom UserDir? |
|
|
Hi,
srry if this is something that has been asked bfor - this is my first time installing Apache.
I want queries like:
http://localhost/~userid
to default to a directory that is other than public_html.
so in /etc/apache/commonapache.conf i edited the UserDir:
UserDir custom_html
UserDir public_html
now the error_log tells me that:
[Sat Feb 15 16:07:35 2003] [error] [client 192.168.1.4] client denied by server configuration: /home/userid/custom_html
so it recognizes my UserDir but apparently smtg else in config prevents it from loading(Error 403: forbidden). I tried to rename custom_html to public_html and the page appears no problem - so it's not permissions/user/group ownership.
Could someone help me with this?
thx,
keifir |
|
Back to top |
|
|
Eagle-Eye n00b
Joined: 25 Sep 2002 Posts: 17
|
Posted: Sun Feb 16, 2003 10:27 am Post subject: |
|
|
Hi,
you also have to modify the access-rights for your directories futher down in /etc/apache/conf/commonapache.conf.
Code: | #
# UserDir: The name of the directory which is appended onto a user's home
# directory if a ~user request is received.
#
<IfModule mod_userdir.c>
UserDir /home/httpd/users
</IfModule>
|
Code: | #
# Control access to UserDir directories. The following is an example
# for a site where these directories are restricted to read-only.
#
#<Directory /home/*/public_html>
# AllowOverride FileInfo AuthConfig Limit
# Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
# <Limit GET POST OPTIONS PROPFIND>
# Order allow,deny
# Allow from all
# </Limit>
# <LimitExcept GET POST OPTIONS PROPFIND>
# Order deny,allow
# Deny from all
# </LimitExcept>
#</Directory>
# These settings are pretty flexible, and allow for Frontpage and XSSI
<Directory /home/httpd/users/*/>
AllowOverride All
Options MultiViews -Indexes Includes FollowSymLinks
Order allow,deny
Allow from all
</Directory>
<Directory /home/httpd/users/*/cgi-bin>
Options +ExecCGI -Includes -Indexes
SetHandler cgi-script
</Directory>
<IfModule mod_perl.c>
<Directory /home/httpd/users/*/perl>
SetHandler perl-script
PerlHandler Apache::PerlRun
Options -Indexes ExecCGI
PerlSendHeader On
</Directory>
</IfModule> |
|
|
Back to top |
|
|
keifir Tux's lil' helper
Joined: 10 Jun 2002 Posts: 119 Location: Canada
|
Posted: Sun Feb 16, 2003 5:28 pm Post subject: |
|
|
heya!
thx a bunch - working nice now.
One thing i noticed tho: it only works if i define one UserDir - not multiple ones. But that's fine with me - i only use one of them anyway.
Once again, thanx for your post,
keifir |
|
Back to top |
|
|
davidsb Tux's lil' helper
Joined: 08 Dec 2002 Posts: 146 Location: Lisbon, Portugal
|
Posted: Tue Feb 18, 2003 3:23 pm Post subject: |
|
|
I have the following configuration:
Quote: |
#
# UserDir: The name of the directory which is appended onto a user's home
# directory if a ~user request is received.
#
<IfModule mod_userdir.c>
UserDir public_html
</IfModule>
|
Quote: |
#
# Control access to UserDir directories. The following is an example
# for a site where these directories are restricted to read-only.
#
<Directory /home/*/public_html>
AllowOverride FileInfo AuthConfig Limit
Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
<Limit GET POST OPTIONS PROPFIND>
Order allow,deny
Allow from all
</Limit>
<LimitExcept GET POST OPTIONS PROPFIND>
Order deny,allow
Deny from all
</LimitExcept>
</Directory>
# These settings are pretty flexible, and allow for Frontpage and XSSI
<Directory /home/*/public_html>
AllowOverride All
Options MultiViews Indexes Includes FollowSymLinks
Order allow,deny
Allow from all
</Directory>
#<Directory /home/*/public_html/cgi-bin>
# Options +ExecCGI -Includes -Indexes
# SetHandler cgi-script
#</Directory>
|
and still when i try to acess http://my.webserver.com/~user/
I get
Quote: |
Forbidden
You don't have permission to access /~i30118/ on this server.
|
I have the permissions rigth:
Quote: |
drwxr-xr-x 2 i30118 gml 4096 Jan 23 18:33 public_html/
|
and inside public_html:
Quote: |
-rw-r--r-- 1 i30118 gml 9983 Jan 23 18:32 bootlegs.txt
|
Even if i try:
/~i30118/bootlegs.txt
I get the same error.
I'm desperate
Any help would be cool!
Thanks ppl! |
|
Back to top |
|
|
davidsb Tux's lil' helper
Joined: 08 Dec 2002 Posts: 146 Location: Lisbon, Portugal
|
Posted: Tue Feb 18, 2003 3:46 pm Post subject: |
|
|
one more thing:
error_log reports this:
[Tue Feb 18 15:45:05 2003] [error] [client 194.117.20.2] client denied by server configuration: |
|
Back to top |
|
|
Eagle-Eye n00b
Joined: 25 Sep 2002 Posts: 17
|
Posted: Tue Feb 18, 2003 3:48 pm Post subject: |
|
|
What access-rights do you have on your home-directory or the directories above? Apache must have access all the way down to your public_html in the filesystem.
If you run apache as user apache, it will not be able to change dir into your homedir if it's not owned by apache (or group apache) or the x-flag on world is set. For example user test:
drwx-----x test users ... /home/users/test
Applying x-flag for world also means that other people will be able to change dir into you homedir, so it would be better (with respect to security) to move all users webdirs into a separate directory. For example in the same way as shown earlier. |
|
Back to top |
|
|
keifir Tux's lil' helper
Joined: 10 Jun 2002 Posts: 119 Location: Canada
|
Posted: Tue Feb 18, 2003 5:31 pm Post subject: |
|
|
davidsb, do you have a index.html file in your public_html?
your listing showed that u only had a some.txt file ...
i think apache requieres it as a default, otherwise u'd have to explicitly specify the file u wanna see in your public_html
hope this helps,
keifir
[/code] |
|
Back to top |
|
|
Eagle-Eye n00b
Joined: 25 Sep 2002 Posts: 17
|
Posted: Tue Feb 18, 2003 8:09 pm Post subject: |
|
|
An index.html should not be required when the Indexes option is set. The Indexes options tells apache if it's allowed to list the contents of the directory. This is done if none of the files set by DirectoryIndex exists. If the Indexes option was not set and none of the files existed you will get the "forbidden - don't have access" message.
Code: | ...
<IfModule mod_dir.c>
DirectoryIndex index.html index.php index.php3 index.shtml index.cgi index.pl index.htm Default.htm default.htm
</IfModule>
...
<Directory /home/*/public_html>
AllowOverride FileInfo AuthConfig Limit
Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
... |
|
|
Back to top |
|
|
davidsb Tux's lil' helper
Joined: 08 Dec 2002 Posts: 146 Location: Lisbon, Portugal
|
Posted: Wed Feb 19, 2003 4:17 pm Post subject: |
|
|
First I would like to thank for all the feedback
Thanks!
I have the configurations files enable for directory listing, so I think that theres no need for an index.html file.
If I checked:
http://myserver/~user/
I would be able to see the contents of the user dir, the permissions are ok.
But I always get a 403 ERROR and log file says
"client denied by server configuration"
So I guess that It must be something from the configurations files, but I alredy uncommented the lines that give access to public_html dirs :\
Any help is welcome!
Cheers! |
|
Back to top |
|
|
ghetto Guru
Joined: 10 Jul 2002 Posts: 369 Location: BC, Canada
|
Posted: Sat Feb 22, 2003 12:00 am Post subject: |
|
|
Im having Forbidden 403 errors too.. but only when i try to access perl files.
This seems to be a rather common problem.. i wonder if its gentoo's apache or if its just apache itself...
Maybe due to the way gentoo setsup its apache conf files screws things up and makes them hard to fix.
Im kind of disgruntled about it. _________________ Blizzard you suck. |
|
Back to top |
|
|
ardavan@kyrandia n00b
Joined: 06 Jul 2003 Posts: 7 Location: Érd, Hungary
|
Posted: Sat Oct 04, 2003 11:50 pm Post subject: A possible solution |
|
|
Greetings....
I had the same problem just a few minutes ago... What I did wrong was to previously move my users from /home to /home/users; so in commonapache.conf i had to write /home/users/*/public_html instead of /home/*/public_html I thought that /*/ could include any number of levels - obviously I was wrong... |
|
Back to top |
|
|
|