Apache HTTPd FollowSymLinks path permission
Posted
by
apast
on Server Fault
See other posts from Server Fault
or by apast
Published on 2011-02-13T21:40:14Z
Indexed on
2011/02/13
23:27 UTC
Read the original article
Hit count: 305
Hi,
I'm configuring my development environment with a basic Apache HTTPd configuration.
But, to avoid a often problem, I want to map my test URL to my development folder.
I'm using Ubuntu.
My development path is located under the following example path:
/home/myusername/myworkspace/hptargetpath/src/pages
Considering the following symbolic link mapping:
#ls -l /opt/share/www/mydevelopmentrootpath:
lrwxrwxrwx 1 root root 77 2011-02-13 18:53 /opt/share/www/mydevelopmentrootpath -> /home/myusername/myworkspace/hptargetpath/src/pages
With this folder mapping, I configured Apache HTTPd with the following configuration:
<VirtualHost *:*>
ServerName local.server.com
ServerAdmin [email protected]
DirectoryIndex index.html
DocumentRoot /opt/share/www/mydevelopmentrootpath
<Directory /opt/share/www/mydevelopmentrootpath/ >
Options +Indexes
Options +FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
</Directory>
</VirtualHost>
But, I'm receiving a 403 Forbidden error when I want to access index.html under the address http://local.server.com/index.html.
403 Forbidden
You don't have permission to access /index.html on this server.
On httpd debug log, I checked the following message:
[Sun Feb 13 19:34:47 2011] [error] [client 127.0.1.1] Symbolic link not allowed or link target not accessible: /opt/share/www/mydevelopmentrootpath
I'm thinking that this problem is been generated by some path permission. It's not a direct permission to directory, but some intermediate directory in the path.
There's a directive on httpd core Options:
SymLinksIfOwnerMatch
The server will only follow symbolic links for which the target file or directory is owned by the same user id as the link.
But, I tested it without effects.
Somebody may help me? I think that it's a trivial configuration on development environment.
Best regards,
And Past
© Server Fault or respective owner