Apache permission denied

Andrew asked:

I am trying to spin up a webserver using CentOS 6 and Apache. The files for the websites are hosted in a Windows file share. Here is the line from the fstab file to mount the web files:
\192.168.1.10apache /var/www/html cifs credentials=/root/secret.txt,uid=apache,gid=apache 0 0. This seems to be working fine.

Here is the vhost.conf file:

Listen 80
<VirtualHost *:80>
    ServerAdmin webmaster@domain.com
    ServerName sub.domain.com
    DocumentRoot "/var/www/html/domain.com/sub/public_html"
    #ErrorLog /var/www/html/domain.com/sub/logs/error.log
    #CustomLog /var/www/html/domain.com/sub/logs/access.log combined
</VirtualHost>

I ran the command ls -l /var/www/html/domain.com/sub/public_html and here is the output:

total 1
-rwxr-xr-x. 0 apache apache  0 Jan 26 20:43 index2.txt
-rwxr-xr-x. 0 apache apache 45 Jan 26 19:33 index.html

Command ls -l /var/www/html/domain.com/sub output is:

total 0
drwxr-xr-x. 0 apache apache 0 Jan 26 20:00 logs
drwxr-xr-x. 0 apache apache 0 Jan 26 20:43 public_html

When I go to http://sub.domain.com, I get the generic Apache screen. On a whim, I went to the URL http://sub.domain.com/index.html; and the browser said I don’t have permission to access the page–same thing for http://sub.domain.com/index2.txt. For the URL http://sub.domain.com/index2.html, the browser said the file does not exist. That tells me my ‘fingers’ are all pointing in the right directions. Any idea what my problem might be?

The log lines in the vhost.conf file are commented out because httpd would not restart with those. I think it is the same problem.

My answer:


We can see in your question that you are running SELinux and have attempted to have Apache read web content from a CIFS share. By default this is not permitted by SELinux, but you can enable it by setting the appropriate boolean.

setsebool -P httpd_use_cifs 1

View the full question and answer on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.