Apache giving me 403 on Virtual Host
up vote
1
down vote
favorite
I have been trying to get to grips with Apache in CentOS 7.
I have set up two virtual hosts and created basic index.html pages as follows:
/var/www/domainA/public_html/index.html
/var/www/domainB/public_html/index.html
Both hosts have permissions as follows:
DomainA:
public_html -> jonathan:jonathan
index.html -> root:root
DomainB:
public_html -> jonathan:jonathan
index.html -> root:root
Now, what is happening is DomainA's index.html page is being served up fine, but domain B's index.html gives me a 403 Forbidden.
DomainB's error.log gives me this:
AH00132: file permissions deny server access: /var/www/DomainB/public_html/index.html
Why is this happening? It makes me very sad.
centos apache-httpd apache-virtualhost
edited Aug 10 '16 at 12:47
Jeff Schaller
37.5k1052121
asked May 4 '15 at 19:58
jonnyknowsbest
1264
add a comment |
up vote
1
down vote
favorite
I have been trying to get to grips with Apache in CentOS 7.
I have set up two virtual hosts and created basic index.html pages as follows:
/var/www/domainA/public_html/index.html
/var/www/domainB/public_html/index.html
Both hosts have permissions as follows:
DomainA:
public_html -> jonathan:jonathan
index.html -> root:root
DomainB:
public_html -> jonathan:jonathan
index.html -> root:root
Now, what is happening is DomainA's index.html page is being served up fine, but domain B's index.html gives me a 403 Forbidden.
DomainB's error.log gives me this:
AH00132: file permissions deny server access: /var/www/DomainB/public_html/index.html
Why is this happening? It makes me very sad.
centos apache-httpd apache-virtualhost
edited Aug 10 '16 at 12:47
Jeff Schaller
37.5k1052121
asked May 4 '15 at 19:58
jonnyknowsbest
1264
1
¿What filesystem permissions do you have in each directory?
– motilio
May 4 '15 at 20:18
1
To expand on motilio's comment: please show us the output ofls -ldon allpublic_htmlandindex.htmlfiles and directories, as well as onDomainAandDomainB.
– dhag
May 4 '15 at 20:23
1
As i was getting the details of the filesystem permissions, i stumbled across the ls -Z command. This highlighted the fact that the working had thehttpd_sys_content_tcontext but the non-working domain had something likeuser_root_tcontext. I set this to behttpd_sys_content_tand both domains are now working. Thanks for your help fellas.
– jonnyknowsbest
May 6 '15 at 7:57
add a comment |
up vote
1
down vote
favorite
up vote
1
down vote
favorite
I have been trying to get to grips with Apache in CentOS 7.
I have set up two virtual hosts and created basic index.html pages as follows:
/var/www/domainA/public_html/index.html
/var/www/domainB/public_html/index.html
Both hosts have permissions as follows:
DomainA:
public_html -> jonathan:jonathan
index.html -> root:root
DomainB:
public_html -> jonathan:jonathan
index.html -> root:root
Now, what is happening is DomainA's index.html page is being served up fine, but domain B's index.html gives me a 403 Forbidden.
DomainB's error.log gives me this:
AH00132: file permissions deny server access: /var/www/DomainB/public_html/index.html
Why is this happening? It makes me very sad.
centos apache-httpd apache-virtualhost
edited Aug 10 '16 at 12:47
Jeff Schaller
37.5k1052121
asked May 4 '15 at 19:58
jonnyknowsbest
1264
I have been trying to get to grips with Apache in CentOS 7.
I have set up two virtual hosts and created basic index.html pages as follows:
/var/www/domainA/public_html/index.html
/var/www/domainB/public_html/index.html
Both hosts have permissions as follows:
DomainA:
public_html -> jonathan:jonathan
index.html -> root:root
DomainB:
public_html -> jonathan:jonathan
index.html -> root:root
Now, what is happening is DomainA's index.html page is being served up fine, but domain B's index.html gives me a 403 Forbidden.
DomainB's error.log gives me this:
AH00132: file permissions deny server access: /var/www/DomainB/public_html/index.html
Why is this happening? It makes me very sad.
centos apache-httpd apache-virtualhost
centos apache-httpd apache-virtualhost
edited Aug 10 '16 at 12:47
Jeff Schaller
37.5k1052121
asked May 4 '15 at 19:58
jonnyknowsbest
1264
edited Aug 10 '16 at 12:47
Jeff Schaller
37.5k1052121
asked May 4 '15 at 19:58
jonnyknowsbest
1264
edited Aug 10 '16 at 12:47
Jeff Schaller
37.5k1052121
edited Aug 10 '16 at 12:47
Jeff Schaller
37.5k1052121
edited Aug 10 '16 at 12:47
Jeff Schaller
37.5k1052121
37.5k1052121
asked May 4 '15 at 19:58
jonnyknowsbest
1264
asked May 4 '15 at 19:58
jonnyknowsbest
1264
asked May 4 '15 at 19:58
jonnyknowsbest
1264
1264
1
¿What filesystem permissions do you have in each directory?
– motilio
May 4 '15 at 20:18
1
To expand on motilio's comment: please show us the output ofls -ldon allpublic_htmlandindex.htmlfiles and directories, as well as onDomainAandDomainB.
– dhag
May 4 '15 at 20:23
1
As i was getting the details of the filesystem permissions, i stumbled across the ls -Z command. This highlighted the fact that the working had thehttpd_sys_content_tcontext but the non-working domain had something likeuser_root_tcontext. I set this to behttpd_sys_content_tand both domains are now working. Thanks for your help fellas.
– jonnyknowsbest
May 6 '15 at 7:57
add a comment |
1
¿What filesystem permissions do you have in each directory?
– motilio
May 4 '15 at 20:18
1
To expand on motilio's comment: please show us the output ofls -ldon allpublic_htmlandindex.htmlfiles and directories, as well as onDomainAandDomainB.
– dhag
May 4 '15 at 20:23
1
As i was getting the details of the filesystem permissions, i stumbled across the ls -Z command. This highlighted the fact that the working had thehttpd_sys_content_tcontext but the non-working domain had something likeuser_root_tcontext. I set this to behttpd_sys_content_tand both domains are now working. Thanks for your help fellas.
– jonnyknowsbest
May 6 '15 at 7:57
1
1
¿What filesystem permissions do you have in each directory?
– motilio
May 4 '15 at 20:18
¿What filesystem permissions do you have in each directory?
– motilio
May 4 '15 at 20:18
1
1
To expand on motilio's comment: please show us the output of
ls -ld on all public_html and index.html files and directories, as well as on DomainA and DomainB.– dhag
May 4 '15 at 20:23
To expand on motilio's comment: please show us the output of
ls -ld on all public_html and index.html files and directories, as well as on DomainA and DomainB.– dhag
May 4 '15 at 20:23
1
1
As i was getting the details of the filesystem permissions, i stumbled across the ls -Z command. This highlighted the fact that the working had the
httpd_sys_content_t context but the non-working domain had something like user_root_t context. I set this to be httpd_sys_content_t and both domains are now working. Thanks for your help fellas.– jonnyknowsbest
May 6 '15 at 7:57
As i was getting the details of the filesystem permissions, i stumbled across the ls -Z command. This highlighted the fact that the working had the
httpd_sys_content_t context but the non-working domain had something like user_root_t context. I set this to be httpd_sys_content_t and both domains are now working. Thanks for your help fellas.– jonnyknowsbest
May 6 '15 at 7:57
add a comment |
2 Answers
2
active
oldest
votes
up vote
2
down vote
The issue turned out not to be file /folder permissions as such, but the security context of the non-working domain.
From my limited understanding, in order for Apache to serve up files, the files / folders need to be configured to run under the httpd_sys_content_d context.
My 'mistake' was the non-working domain had been mv'd into the Apache content folder from my Development area and did not have the correct security context so Apache could not serve up the files. This was confirmed by running ls -Z on the public_html folder and subfolders.
I used chcon -R -t httpd_sys_content_t public_html/ to set the correct security context and now Apache is serving up everything.
answered May 6 '15 at 8:05
jonnyknowsbest
1264
chcon -R -t httpd_sys_content_tDid the trick
– Michel
Dec 21 '16 at 12:37
add a comment |
up vote
0
down vote
chcon -R -t httpd_sys_content_t <Your_Document_Root_Dir>
Should do the trick
answered 2 days ago
Pedro Marthon
1
New contributor
Pedro Marthon is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
3
Could you please describe what this command does on CentOS?
– Kusalananda
2 days ago
1
Note also thatchcon -R -t httpd_sys_content_t public_htmlwas described in the other answer, 3 years ago.
– Jeff Schaller
2 days ago
add a comment |
2 Answers
2
active
oldest
votes
2 Answers
2
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
2
down vote
The issue turned out not to be file /folder permissions as such, but the security context of the non-working domain.
From my limited understanding, in order for Apache to serve up files, the files / folders need to be configured to run under the httpd_sys_content_d context.
My 'mistake' was the non-working domain had been mv'd into the Apache content folder from my Development area and did not have the correct security context so Apache could not serve up the files. This was confirmed by running ls -Z on the public_html folder and subfolders.
I used chcon -R -t httpd_sys_content_t public_html/ to set the correct security context and now Apache is serving up everything.
answered May 6 '15 at 8:05
jonnyknowsbest
1264
chcon -R -t httpd_sys_content_tDid the trick
– Michel
Dec 21 '16 at 12:37
add a comment |
up vote
2
down vote
The issue turned out not to be file /folder permissions as such, but the security context of the non-working domain.
From my limited understanding, in order for Apache to serve up files, the files / folders need to be configured to run under the httpd_sys_content_d context.
My 'mistake' was the non-working domain had been mv'd into the Apache content folder from my Development area and did not have the correct security context so Apache could not serve up the files. This was confirmed by running ls -Z on the public_html folder and subfolders.
I used chcon -R -t httpd_sys_content_t public_html/ to set the correct security context and now Apache is serving up everything.
answered May 6 '15 at 8:05
jonnyknowsbest
1264
chcon -R -t httpd_sys_content_tDid the trick
– Michel
Dec 21 '16 at 12:37
add a comment |
up vote
2
down vote
up vote
2
down vote
The issue turned out not to be file /folder permissions as such, but the security context of the non-working domain.
From my limited understanding, in order for Apache to serve up files, the files / folders need to be configured to run under the httpd_sys_content_d context.
My 'mistake' was the non-working domain had been mv'd into the Apache content folder from my Development area and did not have the correct security context so Apache could not serve up the files. This was confirmed by running ls -Z on the public_html folder and subfolders.
I used chcon -R -t httpd_sys_content_t public_html/ to set the correct security context and now Apache is serving up everything.
answered May 6 '15 at 8:05
jonnyknowsbest
1264
The issue turned out not to be file /folder permissions as such, but the security context of the non-working domain.
From my limited understanding, in order for Apache to serve up files, the files / folders need to be configured to run under the httpd_sys_content_d context.
My 'mistake' was the non-working domain had been mv'd into the Apache content folder from my Development area and did not have the correct security context so Apache could not serve up the files. This was confirmed by running ls -Z on the public_html folder and subfolders.
I used chcon -R -t httpd_sys_content_t public_html/ to set the correct security context and now Apache is serving up everything.
answered May 6 '15 at 8:05
jonnyknowsbest
1264
answered May 6 '15 at 8:05
jonnyknowsbest
1264
answered May 6 '15 at 8:05
jonnyknowsbest
1264
answered May 6 '15 at 8:05
jonnyknowsbest
1264
1264
chcon -R -t httpd_sys_content_tDid the trick
– Michel
Dec 21 '16 at 12:37
add a comment |
chcon -R -t httpd_sys_content_tDid the trick
– Michel
Dec 21 '16 at 12:37
chcon -R -t httpd_sys_content_t Did the trick– Michel
Dec 21 '16 at 12:37
chcon -R -t httpd_sys_content_t Did the trick– Michel
Dec 21 '16 at 12:37
add a comment |
up vote
0
down vote
chcon -R -t httpd_sys_content_t <Your_Document_Root_Dir>
Should do the trick
answered 2 days ago
Pedro Marthon
1
New contributor
Pedro Marthon is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
3
Could you please describe what this command does on CentOS?
– Kusalananda
2 days ago
1
Note also thatchcon -R -t httpd_sys_content_t public_htmlwas described in the other answer, 3 years ago.
– Jeff Schaller
2 days ago
add a comment |
up vote
0
down vote
chcon -R -t httpd_sys_content_t <Your_Document_Root_Dir>
Should do the trick
answered 2 days ago
Pedro Marthon
1
New contributor
Pedro Marthon is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
3
Could you please describe what this command does on CentOS?
– Kusalananda
2 days ago
1
Note also thatchcon -R -t httpd_sys_content_t public_htmlwas described in the other answer, 3 years ago.
– Jeff Schaller
2 days ago
add a comment |
up vote
0
down vote
up vote
0
down vote
chcon -R -t httpd_sys_content_t <Your_Document_Root_Dir>
Should do the trick
answered 2 days ago
Pedro Marthon
1
New contributor
Pedro Marthon is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
chcon -R -t httpd_sys_content_t <Your_Document_Root_Dir>
Should do the trick
answered 2 days ago
Pedro Marthon
1
New contributor
Pedro Marthon is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
answered 2 days ago
Pedro Marthon
1
New contributor
Pedro Marthon is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
answered 2 days ago
Pedro Marthon
1
answered 2 days ago
Pedro Marthon
1
1
New contributor
Pedro Marthon is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
New contributor
Pedro Marthon is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
Pedro Marthon is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
3
Could you please describe what this command does on CentOS?
– Kusalananda
2 days ago
1
Note also thatchcon -R -t httpd_sys_content_t public_htmlwas described in the other answer, 3 years ago.
– Jeff Schaller
2 days ago
add a comment |
3
Could you please describe what this command does on CentOS?
– Kusalananda
2 days ago
1
Note also thatchcon -R -t httpd_sys_content_t public_htmlwas described in the other answer, 3 years ago.
– Jeff Schaller
2 days ago
3
3
Could you please describe what this command does on CentOS?
– Kusalananda
2 days ago
Could you please describe what this command does on CentOS?
– Kusalananda
2 days ago
1
1
Note also that
chcon -R -t httpd_sys_content_t public_html was described in the other answer, 3 years ago.– Jeff Schaller
2 days ago
Note also that
chcon -R -t httpd_sys_content_t public_html was described in the other answer, 3 years ago.– Jeff Schaller
2 days ago
add a comment |
Thanks for contributing an answer to Unix & Linux Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Some of your past answers have not been well-received, and you're in danger of being blocked from answering.
Please pay close attention to the following guidance:
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f200384%2fapache-giving-me-403-on-virtual-host%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
1
¿What filesystem permissions do you have in each directory?
– motilio
May 4 '15 at 20:18
1
To expand on motilio's comment: please show us the output of
ls -ldon allpublic_htmlandindex.htmlfiles and directories, as well as onDomainAandDomainB.– dhag
May 4 '15 at 20:23
1
As i was getting the details of the filesystem permissions, i stumbled across the ls -Z command. This highlighted the fact that the working had the
httpd_sys_content_tcontext but the non-working domain had something likeuser_root_tcontext. I set this to behttpd_sys_content_tand both domains are now working. Thanks for your help fellas.– jonnyknowsbest
May 6 '15 at 7:57