FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Red Hat Linux

 
 
LinkBack Thread Tools
 
Old 10-22-2010, 05:06 PM
"Ramsey, Robert L"
 
Default problem accessing directories under /var/www/html

Ok, this is a really weird one, but I've seen it on two different servers. The first is a RHEL server that I don't maintain, the second is the RHEL 6 Beta server I set up this morning, no customizations or anything.

Here's the behavior:

1) #cd /var/www/html

2) #wget somefile.tgz

3) #tar xvf somefile.tgz

4) Open firefox, go to http://localhost/somefile/index.html and get an access denied message.

5) #cd /var/www/html

6) #vi index.php [create a test page]

7) Open firefox, http://localhost/index.php works correctly.

8) #cd /var/www/html

9) #mkdir test

10) #cp index.php test/

11) Open firefox, go to http://localhost/test/index.php works correctly.

12) #cd /var/www/html

13) #mkdir new

14) #cp -r somefile/* new

15) Open firefox, go to http://localhost/new/index.html and works correctly.

It does the same thing if I use a gui. For example, I download somefile.tgz and open it Archive Manager. I drag the folder from Archive Manager onto my desktop, then from there into /var/www/html. Same behavior.

It fails doing this as root and doing it as a regular user.

The files are all owned by user:apache and all set to rwxrwxr-x or drwxrwxr-x for directories, so in theory the world can read them.

Other than outlining the steps to duplicate it, I don't even know a quick way to summarize this problem.

Does anyone have any ideas?

Thanks,

Bob
--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
 
Old 10-22-2010, 06:07 PM
Steven Barre
 
Default problem accessing directories under /var/www/html

Hey Bob

Sounds like a permissions issue. TAR can hold file permissions and when
extracted will keep those permissions.


When you copied it you "loose" the permissions and they reset to the
default for the directory.


Can you do a ls -l and send that to us? That should show the permission
difference between somefile/index.html and new/index.html


=================================================
Steven Barre
steven@realestatewebmasters.com

Systems and Support Manager
Real Estate Webmasters
==================================================


On 10/22/2010 10:06, Ramsey, Robert L wrote:

oes anyone have any idea


--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
 
Old 10-22-2010, 07:09 PM
Grzegorz Witkowski
 
Default problem accessing directories under /var/www/html

Hi,
Did you check selinux contexts? If you won't have public context on files
you won't get access.

Regards,
Ges

On 22 Oct 2010 19:14, "Steven Barre" <steven@realestatewebmasters.com>
wrote:

Hey Bob

Sounds like a permissions issue. TAR can hold file permissions and when
extracted will keep those permissions.

When you copied it you "loose" the permissions and they reset to the default
for the directory.

Can you do a ls -l and send that to us? That should show the permission
difference between somefile/index.html and new/index.html

=================================================
Steven Barre
steven@realestatewebmasters.com

Systems and Support Manager
Real Estate Webmasters
==================================================


On 10/22/2010 10:06, Ramsey, Robert L wrote:

> oes anyone have any idea
>


--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe...
--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
 
Old 10-22-2010, 07:19 PM
"Ramsey, Robert L"
 
Default problem accessing directories under /var/www/html

Someone contacted me off list about this. It's the default SELinux configuration that's causing the problem in both 5 and 6 beta.

For some reason, if you drag a folder or tar creates the folder, SELinux sets the permissions to disallow reading by httpd, even if the files are owned by the apache group and have g+r on them. I right clicked on the html folder and changed the SELinux Context to "Read from all httpd scripts and the daemon" and that fixed it.

Unfortunately I can't remember the exact default phrase in the SELinux Context, and none of the options I see now look right. It was a real phrase like "Read from all httpd scripts and the daemon," but all I have options for are things like httpd_user_content_t or httpd_user_contentt_ra_t.

It's easy enough to fix, but I am very curious to know the reasoning behind making that setting the default.

Bob

-----Original Message-----
From: redhat-list-bounces@redhat.com [mailto:redhat-list-bounces@redhat.com] On Behalf Of Steven Barre
Sent: Friday, October 22, 2010 1:08 PM
To: redhat-list@redhat.com
Subject: Re: problem accessing directories under /var/www/html

Hey Bob

Sounds like a permissions issue. TAR can hold file permissions and when
extracted will keep those permissions.

When you copied it you "loose" the permissions and they reset to the
default for the directory.

Can you do a ls -l and send that to us? That should show the permission
difference between somefile/index.html and new/index.html

=================================================
Steven Barre
steven@realestatewebmasters.com

Systems and Support Manager
Real Estate Webmasters
==================================================


On 10/22/2010 10:06, Ramsey, Robert L wrote:
> oes anyone have any idea

--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list

--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
 
Old 10-22-2010, 07:30 PM
Grzegorz Witkowski
 
Default problem accessing directories under /var/www/html

Security? And you can have non-public and public files easily in the same
folder.
Regs,
Ges

On 22 Oct 2010 20:24, "Ramsey, Robert L" <robert-ramsey@uiowa.edu> wrote:

Someone contacted me off list about this. It's the default SELinux
configuration that's causing the problem in both 5 and 6 beta.

For some reason, if you drag a folder or tar creates the folder, SELinux
sets the permissions to disallow reading by httpd, even if the files are
owned by the apache group and have g+r on them. I right clicked on the html
folder and changed the SELinux Context to "Read from all httpd scripts and
the daemon" and that fixed it.

Unfortunately I can't remember the exact default phrase in the SELinux
Context, and none of the options I see now look right. It was a real phrase
like "Read from all httpd scripts and the daemon," but all I have options
for are things like httpd_user_content_t or httpd_user_contentt_ra_t.

It's easy enough to fix, but I am very curious to know the reasoning behind
making that setting the default.

Bob


-----Original Message-----
From: redhat-list-bounces@redhat.com [mailto:redhat-list-bounces@redhat....
--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
 

Thread Tools




All times are GMT. The time now is 12:59 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org