Apache is unable to access /tmp in any way

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




This problem happened in a recent apache release before version 2.4.55. I encountered this after a system upgrade a month ago.


Apache is unable to access /tmp in any way.


We may let apache host some external websites by:

Alias "/ext" "/path/to/external"
<Directory "/path/to/external">
     Options Indexes
     Require all granted
</Directory>


You can access that through http://yourwebsite/ext

This works most of the time. Changing "/path/to/external" to any path works fine including /bin, /srv, /etc ...

Except for anything under /tmp.

I always get 403 Forbidden for that.

For other directories, as long as apache has access permission on them, I could always get their content listed.

Only for /tmp I get 403 Forbidden.

Indexing (/ext) and actual file accessing (/ext/index.html) are both forbidden.


Why is /tmp different from others?

Changing permission of /tmp to 755 does not work, either.


Debug log here:

[authz_core:debug] [pid 4469:tid 140408108734144]mod_authz_core.c(815): [client 127.0.0.1:37804] AH01626: authorization result of Require all denied: denied [authz_core:debug] [pid 4469:tid 140408108734144]mod_authz_core.c(815): [client 127.0.0.1:37804] AH01626: authorization result of <RequireAny>: denied [authz_core:error] [pid 4469:tid 140408108734144] [client127.0.0.1:37804] AH01630: client denied by server configuration: /tmp/http


Build options:

./configure --sbindir=/usr/bin \
     --enable-layout=Arch \
     --enable-mpms-shared=all \
     --enable-modules=all \
     --enable-mods-shared=all \
     --enable-so \
     --enable-suexec \
     --with-suexec-caller=http \
     --with-suexec-docroot=/srv/http \
     --with-suexec-logfile=/var/log/httpd/suexec.log \
     --with-suexec-bin=/usr/bin/suexec \
     --with-suexec-uidmin=99 --with-suexec-gidmin=99 \
     --enable-ldap --enable-authnz-ldap --enable-authnz-fcgi \
     --enable-cache --enable-disk-cache --enable-mem-cache
--enable-file-cache \
     --enable-ssl --with-ssl \
     --enable-deflate --enable-cgi --enable-cgid \
     --enable-proxy --enable-proxy-connect \
     --enable-proxy-http --enable-proxy-ftp \
     --enable-dbd --enable-imagemap --enable-ident --enable-cern-meta \
     --enable-lua --enable-xml2enc --enable-http2 \
     --enable-proxy-http2 --enable-md --enable-brotli \
     --with-apr=/usr/bin/apr-1-config \
     --with-apr-util=/usr/bin/apu-1-config \
     --with-pcre2


Source:

https://www.apache.org/dist/httpd/httpd-2.4.55.tar.bz2


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx




[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux