On 11/26/2009 03:54 AM, Justin Jereza wrote: >> Have you configured Apache to follow symlinks? >> http://localhost/manual/mod/core.html#options > > Yes, Apache follows symlinks. That's why http://localhost/~user/foo/ > is accessible. > >> You also need appropriate file and directory permissions (world readable >> files and directories, and directories need to be world executable, >> too). > > All necessary permissions are set. Only directories inside ~/foo that > contain symlinks are inaccessible. Remove the symlinks, and they > become accessible. Also, http://localhost/~user/foo/bar/baz.html is > accessible even though http://localhost/~user/foo/bar/ isn't. Finally, > symlinks within ~/public_html itself work fine. So it seems that > symlinks within symlinks are the only ones that give me trouble. > > Should have attached the following log messages earlier: > > Nov 26 16:49:26 adnix kernel: type=1400 audit(1259225366.816:11484): > avc: denied { read } for pid=21208 comm="httpd" name="index.html" > dev=dm-2 ino=5144788 scontext=unconfined_u:system_r:httpd_t:s0 > tcontext=unconfined_u:object_r:user_home_t:s0 tclass=lnk_file > Nov 26 16:49:26 adnix kernel: type=1400 audit(1259225366.816:11485): > avc: denied { getattr } for pid=21208 comm="httpd" > path="/home/justin/foo/bar/index.html" dev=dm-2 ino=5144788 > scontext=unconfined_u:system_r:httpd_t:s0 > tcontext=unconfined_u:object_r:user_home_t:s0 tclass=lnk_file > You need to fix the context to match that in public_html chcon -R -t httpd_user_content_t foo Would do it. -- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
