Bug 140190 - httpd mod_userdir throws 403 with right permissions
Summary: httpd mod_userdir throws 403 with right permissions
Keywords:
Status: CLOSED NOTABUG
Alias: None
Product: Fedora
Classification: Fedora
Component: httpd
Version: 3
Hardware: i686
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Joe Orton
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2004-11-20 20:09 UTC by Sergio Restrepo
Modified: 2007-11-30 22:10 UTC (History)
0 users

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2004-11-21 12:59:22 UTC
Type: ---
Embargoed:


Attachments (Terms of Use)

Description Sergio Restrepo 2004-11-20 20:09:05 UTC
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.5)
Gecko/20041111 Firefox/1.0

Description of problem:
I am running httpd-2.0.52-3.1 under Fedora Core 3 using SELinux.

I am trying to use the UserDir directive for Apache, and this is the
relevant part from my httpd.conf file

UserDir public_html

<Directory /home/*/public_html>

   Options Indexes FollowSymLinks
   AllowOverride All

   Order allow,deny
   Allow from All

</Directory>


The DocumentRoot is pointing to /var/www/html (as per default)

The permissions to /, /home, /home/user, /home/user/public_html are
all set to 755, however every time I try to access
http://localhost/~user I get the following error:


Forbidden

You don't have permission to access /~parca on this server.

Additionally, a 403 Forbidden error was encountered while trying to
use an ErrorDocument to handle the request.
Apache/2.0.52 (Fedora) Server at localhost Port 80

Additionally, this is the error on the Apache logs:

access:
127.0.0.1 - - [20/Nov/2004:14:53:25 -0500] "GET /~parca HTTP/1.1" 403
402 "-" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.5)
Gecko/20041111 Firefox/1.0"

error:
[Sat Nov 20 14:53:25 2004] [error] [client 127.0.0.1] (13)Permission
denied: access to /~parca denied




Version-Release number of selected component (if applicable):
httpd-2.0.52-3.1

How reproducible:
Always

Steps to Reproduce:
1.Install httpd-2.0.52-3.1
2.Activate UserDir
3.Create a public_html for any user and try to access it through
domain/~user
    

Actual Results:  Returns a 403 Forbidden

Expected Results:  Returns the index page for the user

Additional info:

Comment 1 Joe Orton 2004-11-21 12:59:13 UTC
This is due to SELinux, please see the SELinux httpd guide:

http://fedora.redhat.com/docs/selinux-apache-fc3/

and specifically the section:

http://fedora.redhat.com/docs/selinux-apache-fc3/sn-user-homedir.html

Comment 2 Marcelo macCoy 2005-05-20 17:43:16 UTC
Joe Orton,

Your information is crucial for people that have trouble with userdir, when just
tried all configurations in filesystem and httpd.conf. I followed your
indication and change one of two configurations in this steps:

run: system-config-securitylevel (terminal)
choose: SELinux part
uncheck: Enforcing
or
check: Disable SELinux protection for httpd Daemon

It's working now (apache using userdir)

Thanks,
macCoy 


Note You need to log in before you can comment on or make changes to this bug.