views:

5162

answers:

8

Hi,

My friend's website was working fine until he moved the document root from /var/www/xxx to /home/user/xxx

Apache give 13 permission denied error messages when we try to access the site via a web browser.

The site is configured as a virtual directory. All the Apache configurations were unchanged (except for the directory change).

We tried to chmod 777 /home/user/xxx, chown apache /home/user/xxx. But they didn't work.

Is there some kind of security feature set on the user's home directories? The server OS is CentOS (Godaddy VPS).

Any help is appreciated!

Thanks!

A: 

Have you changed the permissions on the individual files as well as just the directory?

chmod -R 777 /home/user/xxx
Yes we have.
Dave
A: 

Apache's errorlog will explain why you get a permission denied. Also, serverfault.com is a better forum for a question like this.

If the error log simply says "permission denied", su to the user that the webserver is running as and try to read from the file in question. So for example:

sudo -s
su - nobody
cd /
cd /home
cd user
cd xxx
cat index.html

See if one of those gives you the "permission denied" error.

Josh
Yup we looked through the error log. All it had was (13) permission denied.Is there some parameter that we can set to enable more debug outputs?
Dave
A: 

Could be SELinux. Check the appropriate log file (/var/log/messages? - been a while since I've used a RedHat derivative) to see if that's blocking the access.

Andrew Medico
Thanks for your help. I tried to look into /var/log/messages; there are a whole bunch of them: messages, messages.1.gz, messages.2.gz, ... up to messages.14.gz. /var/log/messages is empty; so are the other ones after I decompress them ...
Dave
A: 

Can't you set the Loglevel in httpd.conf to debug? (I'm using FreeBSD)

ee usr/local/etc/apache22/httpd.conf

change loglevel :

'LogLevel: Control the number of messages logged to the error_log. Possible values include: debug, info, notice, warn, error, crit, alert, emerg.'

Try changing to debug and re-checking the error log after that.

Thanks, now the error log is: (13)Permission denied: /home/user/.htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable
Dave
I tried to search for solutions specific to that error. But, most of them involve chmod'ing files to the right permissions (which I have already done). Some of them say it involves front page extension. But, we never used that to begin with...
Dave
+3  A: 

Turns out... we had to also chmod 755 the parent directory, user, in addition to xxx.

Dave
thnx man you saved my life. some idiots in our hosting fuckuped all permissions... this fixed the issue.
holms
A: 

Not sure if you've fixed it but in your httpd.conf

Check to see your User/Group settings. Usually it will be set to

User www Group www

If so change it to your name/group

User Greg group staff

Greg
A: 

hello, im using CentOS 5.5 and for me it was SElinux messing with it, i forgot to check that out. you can temporary disable it by doing as root

echo 0 > /selinux/enforce

hope it help someone

kek