apache 2.4 permissions issues (forbidden)





.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ height:90px;width:728px;box-sizing:border-box;
}







0















This is driving me nuts!



Just installed Ubuntu 14.04 with Apache 2.4.7. I've found a ton of posts on this issue but nothing seems to work. I do have ACLs enabled, but neither -b (removing entry) or adding permissions for www-data group worked. What's really bugging me is that I can't really tell where the problem is (I assume it is an apache issue though)?



Tried everything here: Apache 2.4 don't follow all symlinks



apache2.conf



<Directory /var/www/>

    Options +FollowSymLinks

    AllowOverride All

    Require all granted

</Directory>


sites-enabled/vhost.conf



<VirtualHost *:80>

    ServerName dev.net

    ServerAdmin webmaster@dev.net

    DocumentRoot /var/www/dev

    <Directory /var/www/dev/>

            Options +FollowSymLinks

            AllowOverride All

            Require all granted

    </Directory>

    ErrorLog ${APACHE_LOG_DIR}/error.dev.log

    CustomLog ${APACHE_LOG_DIR}/access.dev.log combined

</VirtualHost>


ls -al /var/www



lrwxrwxrwx   1 root root   40 Sep 30 13:51 dev -> /home/yyyy/dev


sudo -u www-data ls -al /var/www/dev/



ls: cannot access /var/www/dev/: Permission denied


error log



[Tue Sep 30 14:16:22.508794 2014] [core:error] [pid 544] [client 127.0.0.1:52850] AH00037: Symbolic link not allowed or link target not accessible: /var/www/dev


These are the auth related enabled modules (these were enabled by default during install):



access_compat.load -> ../mods-available/access_compat.load

auth_basic.load -> ../mods-available/auth_basic.load

authn_core.load -> ../mods-available/authn_core.load

authn_file.load -> ../mods-available/authn_file.load

authz_core.load -> ../mods-available/authz_core.load

authz_host.load -> ../mods-available/authz_host.load

authz_user.load -> ../mods-available/authz_user.load


What am I doing wrong here?



SOLUTION



I figured this out. Hopefully my foolishness will save others some time. I forgot I had encrypted my home directory which I have not done in the past.



Once I took symlink out of the equation the log error changed which led me to the issue:



[Tue Sep 30 16:16:36.497015 2014] [core:error] [pid 2292] (13)Permission denied: [client 127.0.0.1:54012] AH00035: access to / denied (filesystem path '/home/yyyy/zzzz') because search permissions are missing on a component of the path


sure enough drwx------ /home/yyyy/zzzz






ubuntu symbolic-link apache-http-server







share|improve this question

























  • Tried sudo chown -R www-data:www-data /var/www as suggested, problem persists (checked sudo -u www-data... and through the browser). Thanks though.

    – bfuzze
    Sep 30 '14 at 19:30


















0















This is driving me nuts!



Just installed Ubuntu 14.04 with Apache 2.4.7. I've found a ton of posts on this issue but nothing seems to work. I do have ACLs enabled, but neither -b (removing entry) or adding permissions for www-data group worked. What's really bugging me is that I can't really tell where the problem is (I assume it is an apache issue though)?



Tried everything here: Apache 2.4 don't follow all symlinks



apache2.conf



<Directory /var/www/>

    Options +FollowSymLinks

    AllowOverride All

    Require all granted

</Directory>


sites-enabled/vhost.conf



<VirtualHost *:80>

    ServerName dev.net

    ServerAdmin webmaster@dev.net

    DocumentRoot /var/www/dev

    <Directory /var/www/dev/>

            Options +FollowSymLinks

            AllowOverride All

            Require all granted

    </Directory>

    ErrorLog ${APACHE_LOG_DIR}/error.dev.log

    CustomLog ${APACHE_LOG_DIR}/access.dev.log combined

</VirtualHost>


ls -al /var/www



lrwxrwxrwx   1 root root   40 Sep 30 13:51 dev -> /home/yyyy/dev


sudo -u www-data ls -al /var/www/dev/



ls: cannot access /var/www/dev/: Permission denied


error log



[Tue Sep 30 14:16:22.508794 2014] [core:error] [pid 544] [client 127.0.0.1:52850] AH00037: Symbolic link not allowed or link target not accessible: /var/www/dev


These are the auth related enabled modules (these were enabled by default during install):



access_compat.load -> ../mods-available/access_compat.load

auth_basic.load -> ../mods-available/auth_basic.load

authn_core.load -> ../mods-available/authn_core.load

authn_file.load -> ../mods-available/authn_file.load

authz_core.load -> ../mods-available/authz_core.load

authz_host.load -> ../mods-available/authz_host.load

authz_user.load -> ../mods-available/authz_user.load


What am I doing wrong here?



SOLUTION



I figured this out. Hopefully my foolishness will save others some time. I forgot I had encrypted my home directory which I have not done in the past.



Once I took symlink out of the equation the log error changed which led me to the issue:



[Tue Sep 30 16:16:36.497015 2014] [core:error] [pid 2292] (13)Permission denied: [client 127.0.0.1:54012] AH00035: access to / denied (filesystem path '/home/yyyy/zzzz') because search permissions are missing on a component of the path


sure enough drwx------ /home/yyyy/zzzz






ubuntu symbolic-link apache-http-server







share|improve this question

























  • Tried sudo chown -R www-data:www-data /var/www as suggested, problem persists (checked sudo -u www-data... and through the browser). Thanks though.

    – bfuzze
    Sep 30 '14 at 19:30














0












0








0








This is driving me nuts!



Just installed Ubuntu 14.04 with Apache 2.4.7. I've found a ton of posts on this issue but nothing seems to work. I do have ACLs enabled, but neither -b (removing entry) or adding permissions for www-data group worked. What's really bugging me is that I can't really tell where the problem is (I assume it is an apache issue though)?



Tried everything here: Apache 2.4 don't follow all symlinks



apache2.conf



<Directory /var/www/>

    Options +FollowSymLinks

    AllowOverride All

    Require all granted

</Directory>


sites-enabled/vhost.conf



<VirtualHost *:80>

    ServerName dev.net

    ServerAdmin webmaster@dev.net

    DocumentRoot /var/www/dev

    <Directory /var/www/dev/>

            Options +FollowSymLinks

            AllowOverride All

            Require all granted

    </Directory>

    ErrorLog ${APACHE_LOG_DIR}/error.dev.log

    CustomLog ${APACHE_LOG_DIR}/access.dev.log combined

</VirtualHost>


ls -al /var/www



lrwxrwxrwx   1 root root   40 Sep 30 13:51 dev -> /home/yyyy/dev


sudo -u www-data ls -al /var/www/dev/



ls: cannot access /var/www/dev/: Permission denied


error log



[Tue Sep 30 14:16:22.508794 2014] [core:error] [pid 544] [client 127.0.0.1:52850] AH00037: Symbolic link not allowed or link target not accessible: /var/www/dev


These are the auth related enabled modules (these were enabled by default during install):



access_compat.load -> ../mods-available/access_compat.load

auth_basic.load -> ../mods-available/auth_basic.load

authn_core.load -> ../mods-available/authn_core.load

authn_file.load -> ../mods-available/authn_file.load

authz_core.load -> ../mods-available/authz_core.load

authz_host.load -> ../mods-available/authz_host.load

authz_user.load -> ../mods-available/authz_user.load


What am I doing wrong here?



SOLUTION



I figured this out. Hopefully my foolishness will save others some time. I forgot I had encrypted my home directory which I have not done in the past.



Once I took symlink out of the equation the log error changed which led me to the issue:



[Tue Sep 30 16:16:36.497015 2014] [core:error] [pid 2292] (13)Permission denied: [client 127.0.0.1:54012] AH00035: access to / denied (filesystem path '/home/yyyy/zzzz') because search permissions are missing on a component of the path


sure enough drwx------ /home/yyyy/zzzz






ubuntu symbolic-link apache-http-server







share|improve this question
















This is driving me nuts!



Just installed Ubuntu 14.04 with Apache 2.4.7. I've found a ton of posts on this issue but nothing seems to work. I do have ACLs enabled, but neither -b (removing entry) or adding permissions for www-data group worked. What's really bugging me is that I can't really tell where the problem is (I assume it is an apache issue though)?



Tried everything here: Apache 2.4 don't follow all symlinks



apache2.conf



<Directory /var/www/>

    Options +FollowSymLinks

    AllowOverride All

    Require all granted

</Directory>


sites-enabled/vhost.conf



<VirtualHost *:80>

    ServerName dev.net

    ServerAdmin webmaster@dev.net

    DocumentRoot /var/www/dev

    <Directory /var/www/dev/>

            Options +FollowSymLinks

            AllowOverride All

            Require all granted

    </Directory>

    ErrorLog ${APACHE_LOG_DIR}/error.dev.log

    CustomLog ${APACHE_LOG_DIR}/access.dev.log combined

</VirtualHost>


ls -al /var/www



lrwxrwxrwx   1 root root   40 Sep 30 13:51 dev -> /home/yyyy/dev


sudo -u www-data ls -al /var/www/dev/



ls: cannot access /var/www/dev/: Permission denied


error log



[Tue Sep 30 14:16:22.508794 2014] [core:error] [pid 544] [client 127.0.0.1:52850] AH00037: Symbolic link not allowed or link target not accessible: /var/www/dev


These are the auth related enabled modules (these were enabled by default during install):



access_compat.load -> ../mods-available/access_compat.load

auth_basic.load -> ../mods-available/auth_basic.load

authn_core.load -> ../mods-available/authn_core.load

authn_file.load -> ../mods-available/authn_file.load

authz_core.load -> ../mods-available/authz_core.load

authz_host.load -> ../mods-available/authz_host.load

authz_user.load -> ../mods-available/authz_user.load


What am I doing wrong here?



SOLUTION



I figured this out. Hopefully my foolishness will save others some time. I forgot I had encrypted my home directory which I have not done in the past.



Once I took symlink out of the equation the log error changed which led me to the issue:



[Tue Sep 30 16:16:36.497015 2014] [core:error] [pid 2292] (13)Permission denied: [client 127.0.0.1:54012] AH00035: access to / denied (filesystem path '/home/yyyy/zzzz') because search permissions are missing on a component of the path


sure enough drwx------ /home/yyyy/zzzz






ubuntu symbolic-link apache-http-server




ubuntu symbolic-link apache-http-server






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Mar 20 '17 at 10:17









Community

1




1










asked Sep 30 '14 at 19:08









bfuzzebfuzze

113




113













  • Tried sudo chown -R www-data:www-data /var/www as suggested, problem persists (checked sudo -u www-data... and through the browser). Thanks though.

    – bfuzze
    Sep 30 '14 at 19:30



















  • Tried sudo chown -R www-data:www-data /var/www as suggested, problem persists (checked sudo -u www-data... and through the browser). Thanks though.

    – bfuzze
    Sep 30 '14 at 19:30

















Tried sudo chown -R www-data:www-data /var/www as suggested, problem persists (checked sudo -u www-data... and through the browser). Thanks though.

– bfuzze
Sep 30 '14 at 19:30





Tried sudo chown -R www-data:www-data /var/www as suggested, problem persists (checked sudo -u www-data... and through the browser). Thanks though.

– bfuzze
Sep 30 '14 at 19:30










1 Answer
1






active

oldest

votes


















0














Add www-data as owner and owner group:



sudo chown -R www-data:www-data /var/www



root user will always have read write permissions on whole filesystem by default.



--OR--



You can modify the user which is running the apache but it could hurt so I don't recommend that.






share|improve this answer
























    Your Answer








    StackExchange.ready(function() {
    var channelOptions = {
    tags: "".split(" "),
    id: "3"
    };
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function() {
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled) {
    StackExchange.using("snippets", function() {
    createEditor();
    });
    }
    else {
    createEditor();
    }
    });

    function createEditor() {
    StackExchange.prepareEditor({
    heartbeatType: 'answer',
    autoActivateHeartbeat: false,
    convertImagesToLinks: true,
    noModals: true,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: 10,
    bindNavPrevention: true,
    postfix: "",
    imageUploader: {
    brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
    contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
    allowUrls: true
    },
    onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    });


    }
    });














    draft saved

    draft discarded


















    StackExchange.ready(
    function () {
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f818876%2fapache-2-4-permissions-issues-forbidden%23new-answer', 'question_page');
    }
    );

    Post as a guest















    Required, but never shown

























    1 Answer
    1






    active

    oldest

    votes








    1 Answer
    1






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes









    0














    Add www-data as owner and owner group:



    sudo chown -R www-data:www-data /var/www



    root user will always have read write permissions on whole filesystem by default.



    --OR--



    You can modify the user which is running the apache but it could hurt so I don't recommend that.






    share|improve this answer




























      0














      Add www-data as owner and owner group:



      sudo chown -R www-data:www-data /var/www



      root user will always have read write permissions on whole filesystem by default.



      --OR--



      You can modify the user which is running the apache but it could hurt so I don't recommend that.






      share|improve this answer


























        0












        0








        0







        Add www-data as owner and owner group:



        sudo chown -R www-data:www-data /var/www



        root user will always have read write permissions on whole filesystem by default.



        --OR--



        You can modify the user which is running the apache but it could hurt so I don't recommend that.






        share|improve this answer













        Add www-data as owner and owner group:



        sudo chown -R www-data:www-data /var/www



        root user will always have read write permissions on whole filesystem by default.



        --OR--



        You can modify the user which is running the apache but it could hurt so I don't recommend that.







        share|improve this answer












        share|improve this answer



        share|improve this answer










        answered Sep 30 '14 at 19:25









        Dániel SebestyénDániel Sebestyén

        736




        736






























            draft saved

            draft discarded




















































            Thanks for contributing an answer to Super User!


            • Please be sure to answer the question. Provide details and share your research!

            But avoid



            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.


            To learn more, see our tips on writing great answers.




            draft saved


            draft discarded














            StackExchange.ready(
            function () {
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f818876%2fapache-2-4-permissions-issues-forbidden%23new-answer', 'question_page');
            }
            );

            Post as a guest















            Required, but never shown





















































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown

































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown







            -

            Popular posts from this blog

            Сан-Квентин

            Image
            Сан-Квентин Местоположение Сан-Квентин, Калифорния Координаты 37°56′13″ с. ш. 122°29′20″ з. д. H G Я O L Текущий статус Действует Режим безопасности минимальный и максимальный Количество мест 3 302 Открытие Июнь 1852 Находится в ведомстве California Department of Corrections and Rehabilitation Начальник Mike Martel, начальник  Сан-Квентин на Викискладе Сан-Квентин (англ.  San Quentin ) — тюрьма, располагающаяся на 432 акрах (около 1,7 км²), на мысе Сан-Квентин, в округе Марин, штат Калифорния, США. Тюрьма штата Калифорния Сан-Квентин была открыта в июле 1852 года и является старейшей в штате. Она была построена заключёнными, которые проживали в течение строительства на тюремном судне Вабан. В Сан-Квентине отбывали наказание и мужчины, и женщины до 1934 года, когда построили женскую тюрьму в Техачапи и туда перевели всех заключённых женщин. В Сан-Квентине приводятся в исполнение смертные казни, для этого имеется газовая камера, но...
            Read more

            8-я гвардейская общевойсковая армия

            Image
            8-я гвардейская общевойсковая ордена Ленина армия Награды: Войска: РККА → Советская армия → СВ России Род войск: Формирование: 1943 Расформирование (преобразование): 1992 Предшественник: 62-я армия (1942—43) → 8-я гвардейская общевойсковая армия (1943—92) → 8-й гвардейский армейский корпус (1992—98) Боевой путь Изюм-Барвенковская операция Донбасская операция Запорожская операция Битва за Днепр Днепропетровская операция Березнеговато-Снигирёвская операция Одесская операция Люблин-Брестская операция Варшавско-Познанская операция Восточно-Померанская операция Берлинская наступательная операция У этого термина существуют и другие значения, см. 8-я армия. Фотография Гвардейского Красного Знамени (лицевая сторона) 8-й гвардейской армии , образца 1943 года. Фотография Гвардейского Красного Знамени (оборотная сторона) 8-й гвардейской армии , образца 1943 года. 8-я гвардейская общевойсковая ордена Ленина армия  — гвардейское фор...
            Read more

            Алькесар

            Image
            Муниципалитет Алькесар Alquézar Герб 42°10′16″ с. ш. 0°01′27″ в. д. H G Я O L Страна Испания   Испания Автономное сообщество Арагон Провинция Уэска Комарка Сомонтано-де-Барбастро Алькальд Хосе Марияно Альтемир Ласкорс (ИСРП) История и география Площадь 32,36 км² Высота НУМ 660 м Часовой пояс UTC+1, летом UTC+2 Население Население 313 человек ( 2010 ) Плотность 9,92 чел./км² Этнохороним alquezarano/-a Цифровые идентификаторы Телефонный код +34 974 Почтовые индексы 22112 Автомобильный код HU alquezar.org   (исп.) Показать/скрыть карты Алькесар Алькесар Алькесар  Аудио, фото и видео на Викискладе Алькесар (исп.  Alquézar ) — муниципалитет в Испании, входит в провинцию Уэска, в составе автономного сообщества Арагон. Муниципалитет находится в составе района (комарки) Сомонтано-де-Барбастро. Занимает площадь 32,36 км². Население — 321 челове...
            Read more