Virtual hosts not working in Fedora 22

gskema asked:

Recently I’ve switched from Ubuntu to Fedora Workstation as my development enviroment to better understand centOS servers (and for other reasons too).

I’ve been trying to set up a local LAMP stack for developement.

Here is what I have atm:

httpd    Apache/2.4.16 (Fedora), runs as apache/apache,
         mod_php is disabled,
         handler is
         "proxy:unix:/run/php-fpm/www.sock|fcgi://localhost"

php      5.6.14

php-fpm  runs as apache/apache,
         path is /run/php-fpm/www.sock, process type is mpm_event

/etc/httpd/conf.d/php.conf

<IfModule !mod_php5.c>
    <FilesMatch .php$>
        SetHandler "proxy:unix:/run/php-fpm/www.sock|fcgi://localhost"
    </FilesMatch>
</IfModule>

I haven’t really rouched any of the settings in /etc/httpd/conf/httpd.conf.
The server and PHP seems to work fine for /var/www/html, but when I try to create a new VirtualHost, I get 403 for all directories. I am trying to a new vhost by adding a config file:

/etc/httpd/conf.d/sites.conf

<VirtualHost *:80>
    ServerName site1.local
    ServerAlias site1alias.local
    DocumentRoot /home/myuser/Projects/site1/www
    <Directory /home/myuser/Projects/site1/www>
        AllowOverride All
        Require all granted
    </Directory>
</VirtualHost>

httpd -S

AH00558: httpd: Could not reliably determine the server's
fully qualified domain name, using ::1.
Set the 'ServerName' directive globally to suppress this message
VirtualHost configuration:
*:80                   site1.local (/etc/httpd/conf.d/sites.conf:4)
ServerRoot: "/etc/httpd"
Main DocumentRoot: "/var/www/html"
Main ErrorLog: "/etc/httpd/logs/error_log"
Mutex default: dir="/run/httpd/" mechanism=default 
Mutex authdigest-opaque: using_defaults
Mutex proxy-balancer-shm: using_defaults
Mutex rewrite-map: using_defaults
Mutex authdigest-client: using_defaults
Mutex lua-ivm-shm: using_defaults
Mutex proxy: using_defaults
Mutex authn-socache: using_defaults
PidFile: "/run/httpd/httpd.pid"
Define: DUMP_VHOSTS
Define: DUMP_RUN_CFG
User: name="apache" id=48
Group: name="apache" id=48

/etc/hosts

127.0.0.1   localhost gpc local localhost.localdomain site1.local site1alias.local
::1         localhost gpc local localhost.localdomain

SELinux is set to ‘permissive’ by using setenforce 0 (seems to be showing warnings but permits the actions).

Whenever I try to browse http://localhost/ or http://site1.local/, I get

Forbidden: You don't have permission to access / on this server.

Perhaps the

AH00558: httpd: Could not reliably determine the server's
fully qualified domain name, using ::1.
Set the 'ServerName' directive globally to suppress this message

has something to do with this? I’ve tried chaning ServerName localhost directive in /etc/httpd/conf/httpd.conf but it had no effect. I’m running out of ideas heres. I feel like I’m missing something in the configuration. Any help or advice would be greatly appreciated.

EDIT:

Entries from /var/log/httpd/error_log:

[Sat Oct 31 17:29:33.253428 2015] [core:notice] [pid 844:tid 140376890374272] SELinux policy enabled; httpd running as context system_u:system_r:httpd_t:s0
[Sat Oct 31 17:29:33.259649 2015] [suexec:notice] [pid 844:tid 140376890374272] AH01232: suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using ::1. Set the 'ServerName' directive globally to suppress this message
[Sat Oct 31 17:29:33.274149 2015] [auth_digest:notice] [pid 844:tid 140376890374272] AH01757: generating secret for digest authentication ...
[Sat Oct 31 17:29:33.275309 2015] [lbmethod_heartbeat:notice] [pid 844:tid 140376890374272] AH02282: No slotmem from mod_heartmonitor
[Sat Oct 31 17:29:33.279406 2015] [mpm_event:notice] [pid 844:tid 140376890374272] AH00489: Apache/2.4.16 (Fedora) configured -- resuming normal operations
[Sat Oct 31 17:29:33.279437 2015] [core:notice] [pid 844:tid 140376890374272] AH00094: Command line: '/usr/sbin/httpd -D FOREGROUND'
[Sat Oct 31 17:30:18.500583 2015] [core:error] [pid 937:tid 140376476202752] (13)Permission denied: [client 127.0.0.1:42036] AH00035: access to / denied (filesystem path '/home/myuser/Projects') because search permissions are missing on a component of the path
[Sat Oct 31 17:30:18.667997 2015] [core:error] [pid 937:tid 140376459417344] (13)Permission denied: [client 127.0.0.1:42036] AH00035: access to /favicon.ico denied (filesystem path '/home/myuser/Projects') because search permissions are missing on a component of the path, referer: http://site1.local/

Permissions

apache/apache 755 /var/www/html/
apache/apache 755 /home/myuser/Projects/site1/

My answer:


Here is your error. Look carefully:

[Sat Oct 31 17:30:18.500583 2015] [core:error] [pid 937:tid 140376476202752] (13)Permission denied: [client 127.0.0.1:42036] AH00035: access to / denied (filesystem path '/home/myuser/Projects') because search permissions are missing on a component of the path
[Sat Oct 31 17:30:18.667997 2015] [core:error] [pid 937:tid 140376459417344] (13)Permission denied: [client 127.0.0.1:42036] AH00035: access to /favicon.ico denied (filesystem path '/home/myuser/Projects') because search permissions are missing on a component of the path, referer: http://site1.local/

This is happening because Apache doesn’t have permission to search (descend, the x permission) one of the parent directories.

To resolve the problem, first check to see which parent directory is missing the proper permissions, e.g. with namei -l /home/myuser/Projects/index.php. Find the directory that is missing the x permissions for all users, and give the correct permissions with chmod a+x /directory.


View the full question and answer on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.