1

I have been trying to get to grips with Apache in CentOS 7.

I have set up two virtual hosts and created basic index.html pages as follows:

/var/www/domainA/public_html/index.html

/var/www/domainB/public_html/index.html

Both hosts have permissions as follows:

DomainA:

public_html -> jonathan:jonathan
index.html -> root:root

DomainB:

public_html -> jonathan:jonathan
index.html -> root:root

Now, what is happening is DomainA's index.html page is being served up fine, but domain B's index.html gives me a 403 Forbidden.

DomainB's error.log gives me this:

AH00132: file permissions deny server access: /var/www/DomainB/public_html/index.html

Why is this happening? It makes me very sad.

Improve this question
3
  • 1
    ¿What filesystem permissions do you have in each directory? Commented May 4, 2015 at 20:18
  • 1
    To expand on motilio's comment: please show us the output of ls -ld on all public_html and index.html files and directories, as well as on DomainA and DomainB. Commented May 4, 2015 at 20:23
  • 1
    As i was getting the details of the filesystem permissions, i stumbled across the ls -Z command. This highlighted the fact that the working had the httpd_sys_content_t context but the non-working domain had something like user_root_t context. I set this to be httpd_sys_content_t and both domains are now working. Thanks for your help fellas. Commented May 6, 2015 at 7:57

2 Answers 2

Reset to default
3

The issue turned out not to be file /folder permissions as such, but the security context of the non-working domain.

From my limited understanding, in order for Apache to serve up files, the files / folders need to be configured to run under the httpd_sys_content_d context.

My 'mistake' was the non-working domain had been mv'd into the Apache content folder from my Development area and did not have the correct security context so Apache could not serve up the files. This was confirmed by running ls -Z on the public_html folder and subfolders.

I used chcon -R -t httpd_sys_content_t public_html/ to set the correct security context and now Apache is serving up everything.

Improve this answer
1
  • chcon -R -t httpd_sys_content_t Did the trick Commented Dec 21, 2016 at 12:37
0

chcon -R -t httpd_sys_content_t <Your_Document_Root_Dir>

Should do the trick

Improve this answer
3
  • 3
    Could you please describe what this command does on CentOS? Commented Dec 8, 2018 at 14:30
  • 2
    Note also that chcon -R -t httpd_sys_content_t public_html was described in the other answer, 3 years ago. Commented Dec 8, 2018 at 18:13
  • @Kusalananda chcon changes file context, you may check more at wiki.centos.org/HowTos/SELinux Commented Jan 18, 2019 at 13:16

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.