: Apache2's recursive directory permission requirement The experience I've had thus far is from Ubuntu 10.04 and 12.04 64 bit OS so if there are other OS differences I'd like to know if this
The experience I've had thus far is from Ubuntu 10.04 and 12.04 64 bit OS so if there are other OS differences I'd like to know if this is an OS specific problem or not.
The issue I've experienced is mostly confusion. Once the cause of the problem is identified and corrected there are no further related problems experienced. The symptom is Error 403 forbidden. Typically the cause is attempting to use a directory other than /var/www/ for content.
The cause is simply permissions, but its puzzling why the required permissions must persist from at least one level deeper than root onward till the current working directory where the content is stored. For example:
Alias /example/ "/home/user/permissions/can/be/confusing/with/apache/"
<Directory /home/user/permissions/can/be/confusing/with/apache/>
Options FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
Allow from all
</Directory>
With www-data being the user that spawned apache and "user" being a member of the www-data group. Thus, if ownership of /home/user/* is user:user then all that is necessary to display content with apache is permssions of read and execute. So d---r-x--- should suffice, but for practical purposes I'm using drwxr-x--- for most.
However, if all directories /home/user/* are permissions of drwxr-x-- and /home/user/ itself has permissions of drwx------ then content will always fail with error 403. This is strange because it doesn't follow what I would consider traditional logic of permissions which should only be applicable to the current working directory or a particular file in that directory and not any directory further back in the chain.
Is this by design or is it a bug?
More posts by @Miguel251
1 Comments
Sorted by latest first Latest Oldest Best
Try this: (add +Indexes).
Options FollowSymLinks MultiViews +Indexes
What I suspect to be the issue, is that in your default Apache configuration somewhere it has a statement similar to the above, but for /var/www/ and therefore not the /home/.../ locations. If the above does NOT correct your issue, please let me know.
It doesn't usually matter the ownership of a file with whether or not Apache can serve it, as long as it has public READ permissions. (Apache being able to modify it is a different story).
Terms of Use Create Support ticket Your support tickets Stock Market News! © vmapp.org2024 All Rights reserved.