Re: Cannot authenticate (after six years)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Data in home directories is indeed a problem for shared systems, since you have to chmod the /home/user directory.

On Sun, Jul 30, 2023 at 8:53 AM Andrew Hoff <andrew.hoff@xxxxxxxxxxx.invalid> wrote:
Hello,

I have resolved ALL issues. Nearly all problems were related to selinux. It is lucky I made some notes.

Data in home directories is not a problem. It was just selinux.

Regards,
-- 
Andrew Hoff
6/10 Middle Road
Maribyrnong 3032
Victoria
Tel: 0393185581 (Please leave a message.)
Mob: 0400966178
Email: andrew.hoff@xxxxxxxxxxx


On Fri, 2023-07-28 at 13:00 -0400, Frank Gingras wrote:
You need to run namei -mo /home/hoff/public_html/index.html and fix the permissions. httpd needs traversal capability from /.

Also, consider moving your content out of /home

On Fri, Jul 28, 2023 at 12:40 PM jean-frederic clere <jfclere@xxxxxxxxx> wrote:
On 7/20/23 15:07, Andrew Hoff wrote:
> Hello,
>
> Strange problem. Everything was going great for at least six years then
> all of a sudden authentication using port 80 failed. Authentication
> using port 443 works fine.

Probably something is defined in the 443 VirtualHost and not in 80 one..

SElinux would block both port and not only 80, but that is worth
checking.  Check if enable, if yes put a permissive mode and retry.

> I first noticed the problem because apache no longer creates the
> REMOTE_USER env variable. _I want authentication using port 80, i.e.
> plain vanilla http._
>
> httpd.conf attached. See line 169. (httpd service is running.)
> If I enter the following url it should bring up a login box:
> http://172.18.0.20/~hoff <http://172.18.0.20/~hoff> (It no longer does.)
> Error_log: [Thu Jul 20 21:39:57.913337 2023] [core:error] [pid 3460:tid
> 3522] (13)Permission denied: [client 172.18.0.97:54422] AH00035: access
> to /~hoff/index.html denied (filesystem path
> '/home/hoff/public_html/index.html') because search permissions are
> missing on a component of the path
>
> I rebuilt the server and am using fedora 38 fully updated. Problem still
> persists.
>
> FYI only (netstat -nap | grep httpd):
> tcp 0 0 172.18.0.20:80 0.0.0.0:* LISTEN 3456/httpd
> tcp 0 0 172.18.0.20:443 0.0.0.0:* LISTEN 3456/httpd
> tcp6 0 0 fec0::ac12:14:443 :::* LISTEN 3456/httpd
> tcp6 0 0 fec0::ac12:14:80 :::* LISTEN 3456/httpd
>
> Regards,
>
> --
>
> Andrew Hoff
> 6/10 Middle Road
> Maribyrnong 3032
> Victoria, AU
> Tel: 0393185581 (Please leave a message.)
> Mob: 0400966178
> Email: andrew.hoff@xxxxxxxxxxx
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
> For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx


[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux