I was just pretty stumped by the following Apache error, in /var/log/httpd/error_log:

[Thu Dec 08 21:53:28 2011] [error] [client 192.168.1.2] (13)Permission denied: file permissions deny server access: /var/www/html/aml/i
ndex.html

The error implies it’s a filesystem permissions issue, and the Apache site explains that it’s almost always related to filesystem permissions, not Apache configuration. But this was exasperating, because the file ownership was apache.apache, and index.html was chmod 755. Apache could absolutely access it. But then the Apache docs made a passing mention that sometimes it was related to SELinux errors.

Sure enough, that’s exactly my problem:

[matt@bos aml]$ ls -alZ
drwxr-xr-x. apache apache unconfined_u:object_r:httpd_sys_content_t:s0 .
drwxr-xr-x. root   root   system_u:object_r:httpd_sys_content_t:s0 ..
-rw-r--r--. apache apache unconfined_u:object_r:httpd_sys_content_t:s0 .htaccess
drwxr-xr-x. apache apache unconfined_u:object_r:user_home_t:s0 images
-rw-r--r--. apache apache unconfined_u:object_r:user_home_t:s0 index.html
drwxr-xr-x. apache apache unconfined_u:object_r:user_home_t:s0 stylesheets

Note that the directory, and the .htaccess file I touched, have the httpd_sys_content label, which is appropriate here. But the other files show user_home_t. This apparently precludes Apache from being able to see them.

Where this went wrong is that, to get them onto the server, I scp’ed them from my desktop to my home directory on the webserver, and then cp’ed them to /var/www/html. In doing so, they picked up the user_home_t label since they were in my home directory.

A quick sudo restorecon -r . got everything sorted out. There may be a more elegant way, but this worked for me.

Related posts:

1. MySQL Replication – Permission Denied Errors
2. Weave
3. Truncating a Log File
4. Windows File Sharing
5. video.exe is bad