It's a blog.
In: Uncategorized8 Dec 2011
I was just pretty stumped by the following Apache error, in /var/log/httpd/error_log:
[Thu Dec 08 21:53:28 2011] [error] [client 192.168.1.2] (13)Permission denied: file permissions deny server access: /var/www/html/aml/i ndex.html
The error implies it’s a filesystem permissions issue, and the Apache site explains that it’s almost always related to filesystem permissions, not Apache configuration. But this was exasperating, because the file ownership was apache.apache, and index.html was chmod 755. Apache could absolutely access it. But then the Apache docs made a passing mention that sometimes it was related to SELinux errors.
Sure enough, that’s exactly my problem:
[matt@bos aml]$ ls -alZ drwxr-xr-x. apache apache unconfined_u:object_r:httpd_sys_content_t:s0 . drwxr-xr-x. root root system_u:object_r:httpd_sys_content_t:s0 .. -rw-r--r--. apache apache unconfined_u:object_r:httpd_sys_content_t:s0 .htaccess drwxr-xr-x. apache apache unconfined_u:object_r:user_home_t:s0 images -rw-r--r--. apache apache unconfined_u:object_r:user_home_t:s0 index.html drwxr-xr-x. apache apache unconfined_u:object_r:user_home_t:s0 stylesheets
Note that the directory, and the .htaccess file I touched, have the
httpd_sys_content label, which is appropriate here. But the other files show
user_home_t. This apparently precludes Apache from being able to see them.
Where this went wrong is that, to get them onto the server, I scp’ed them from my desktop to my home directory on the webserver, and then cp’ed them to /var/www/html. In doing so, they picked up the user_home_t label since they were in my home directory.
sudo restorecon -r . got everything sorted out. There may be a more elegant way, but this worked for me.