• Visitors can check out the Forum FAQ by clicking this link. You have to register before you can post: click the REGISTER link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. View our Forum Privacy Policy.
  • Want to receive the latest contracting news and advice straight to your inbox? Sign up to the ContractorUK newsletter here. Every sign up will also be entered into a draw to WIN £100 Amazon vouchers!

Apache 403 error driving me bananas

Collapse
X
  •  
  • Filter
  • Time
  • Show
Clear All
new posts

    Apache 403 error driving me bananas

    OK so here's the gen, all up front. If it later turns out I missed something vital, I did try.

    Server : Centos 7
    Alias : webail /usr/share/squirrelmail
    Apache root : /var/www/html
    Apache user : apache:apache

    ls - l of /usr/share/squirrelmail

    Code:
    drwxrwxr-x.  12 root root  4096 Aug 13 13:01 squirrelmail
    ls -l of /usr/share/squirrelmail/index.php

    Code:
    drwxrwxr-x.  12 root root  4096 Aug 13 13:01 squirrelmail
    error_log has

    [Wed Aug 13 13:10:13.246273 2014] [authz_core:error] [pid 16276] [client ::1:33929] AH01630: client denied by server configuration: /usr/share/squirrelmail/
    The alias in the httpd.conf looks like

    Alias /squirrelmail /usr/share/squirrelmail
    <Directory /usr/share/squirrelmail>
    Options Indexes FollowSymLinks
    RewriteEngine On
    AllowOverride All
    DirectoryIndex index.php
    Order allow,deny
    Allow from all
    </Directory>
    And good old squirrel mail creates this virtual host

    Alias /webmail /usr/share/squirrelmail
    <Directory /usr/share/squirrelmail>
    RewriteEngine on
    RewriteCond %{HTTPS} !=on
    RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
    </Directory>
    I am absolutely stumped.

    If I su to apache and cat the index.php I can read the contents.

    I have created a test html page in the same path and again I get a 403.

    Spend the morning trawling google and various forums. I believe I have checked everything. Clearly I haven't and I'm an idiot but can someone please point out what I may have missed?

    SELINUX is set to permissive.

    Also a /var/www/html/test.php works fine. The folder permissions for both paths are exactly identical.

    Knock first as I might be balancing my chakras.

    #2
    Does it work if you turn iptables off?

    Comment


      #3
      Originally posted by stek View Post
      Does it work if you turn iptables off?
      No. And port80 is open.

      Also as mentioned /var/www/html/index.php works just fine.
      Knock first as I might be balancing my chakras.

      Comment


        #4
        Is apache running under root or apache user?

        Comment


          #5
          Originally posted by suityou01 View Post
          OK so here's the gen, all up front. If it later turns out I missed something vital, I did try.

          Server : Centos 7
          Alias : webail /usr/share/squirrelmail
          Apache root : /var/www/html
          Apache user : apache:apache

          <snip>
          Originally posted by stek View Post
          Is apache running under root or apache user?
          apache
          Knock first as I might be balancing my chakras.

          Comment


            #6
            Originally posted by suityou01 View Post
            apache
            chown /var/www/html apache:apache or whatever the incantation is?

            Comment


              #7
              What's the output of...

              ls -l of /usr/share/squirrelmail/index.php

              ...as the apache user in the apache environment?

              Comment


                #8
                Originally posted by NickFitz View Post
                chown /var/www/html apache:apache or whatever the incantation is?
                Not sure what it is on CentOS but on Ubuntu it would be

                sudo chown -r www-data:www-data /var/www/html

                The OP hasn't mentioned if squirrelmail was installed from a package or not.
                McCoy: "Medical men are trained in logic."
                Spock: "Trained? Judging from you, I would have guessed it was trial and error."

                Comment


                  #9
                  Originally posted by suityou01 View Post
                  OK so here's the gen, all up front. If it later turns out I missed something vital, I did try.


                  ls -l of /usr/share/squirrelmail/index.php

                  Code:
                  drwxrwxr-x.  12 root root  4096 Aug 13 13:01 squirrelmail

                  <snip>
                  It is this
                  Knock first as I might be balancing my chakras.

                  Comment


                    #10
                    Originally posted by lilelvis2000 View Post
                    Not sure what it is on CentOS but on Ubuntu it would be

                    sudo chown -r www-data:www-data /var/www/html

                    The OP hasn't mentioned if squirrelmail was installed from a package or not.
                    Installed from an rpm.

                    I did a chown to apache:apache

                    It made no difference I'm afraid. So I changed it back to root.

                    Also the owner of /var/www/html (which does work) is root.
                    Knock first as I might be balancing my chakras.

                    Comment

                    Working...
                    X