Getting 403 on apache with php on fedora 17

Js Lim asked:

I put the projects on ~/public_html/project and create a soft-link in /var/www/html/project which point to ~/public_html/project.

my /etc/httpd/conf/httpd.conf is shown below

ServerRoot "/etc/httpd"

PidFile run/httpd.pid

Timeout 60

KeepAlive Off

MaxKeepAliveRequests 100

KeepAliveTimeout 5

<IfModule prefork.c>
StartServers       8
MinSpareServers    5
MaxSpareServers   20
ServerLimit      256
MaxClients       256
MaxRequestsPerChild  4000
</IfModule>

<IfModule worker.c>
StartServers         4
MaxClients         300
MinSpareThreads     25
MaxSpareThreads     75 
ThreadsPerChild     25
MaxRequestsPerChild  0
</IfModule>

Listen 80

Include conf.d/*.conf

User apache
Group apache

ServerAdmin root@localhost

UseCanonicalName Off

DocumentRoot "/var/www/html"

<Directory />
    Options FollowSymLinks
    AllowOverride None
</Directory>

<Directory "/var/www/html">
    Options Indexes FollowSymLinks
    AllowOverride All
    Order allow,deny
    Allow from all
</Directory>

# Allow SVN access from public
<Directory "/var/www/svn">
    Options Indexes FollowSymLinks
    AllowOverride None
    Order allow,deny
    Allow from all
</Directory>

<IfModule mod_userdir.c>
    UserDir disabled
    # UserDir public_html
</IfModule>

DirectoryIndex index.html index.html.var

AccessFileName .htaccess

<FilesMatch "^.ht">
    Order allow,deny
    Deny from all
    Satisfy All
</FilesMatch>

TypesConfig /etc/mime.types

DefaultType text/plain

<IfModule mod_mime_magic.c>
#   MIMEMagicFile /usr/share/magic.mime
    MIMEMagicFile conf/magic
</IfModule>

HostnameLookups Off

<IfModule mod_dav_fs.c>
    # Location of the WebDAV lock database.
    DAVLockDB /var/lib/dav/lockdb
</IfModule>

ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"

<Directory "/var/www/cgi-bin">
    AllowOverride None
    Options None
    Order allow,deny
    Allow from all
</Directory>

in /var/log/httpd/error_log

[error] [client 127.0.0.1] Symbolic link not allowed or link target not accessible: /var/www/html/project
[error] [client 127.0.0.1] File does not exist: /var/www/html/favicon.ico

in browser

Forbidden

You don't have permission to access /project on this server.

I get this error.

ls -l result:
drwxrwxrwx 3 js js 4.0K Nov 1 14:43 public_html/
for project
drwxr-xr-x. 6 js js 4.0K Nov 1 16:38 public_html/project/

I cannot figure out the problem.

My answer:


You need to enable httpd to read home directories by SELinux.

setsebool -P httpd_enable_homedirs 1
setsebool -P httpd_read_user_content 1

View the full question and answer on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.