On 12/27/2016 11:48 AM, Leonard den Ottolander wrote:
Hello Robert,
On Tue, 2016-12-27 at 10:25 -0500, Robert Moskowitz wrote:
I can display the /home/rgm/public_html/index.html file that only has
"Hello World' in it (to prevent anyone from walking my file tree from
the root).
To prevent people walking a directory structure you better disable
Options Indexes.
If I tell someone about ~rgm/mydir (really no such dir), then I want
them to find ~rgm/mydir/subdir, but not know about ~rgm/otherdir.
My understanding (most likely flawed) is that Indexes are needed to see
the list of files in mydir, and to be able to walk down to subdir. By
having a ~rgm/index.html file, they can't query what other files are
directly in the public_html directory.
But when I try to display the files in a subdir with ipaddr/~rgm/mydir
I get
You don't have permission to access /~rgm/mydir/ on this server.
The fact that you see the index page makes me assume SELinux is not the
problem. If you do have it enabled you might want to check out the
sebooleans that affect apache.
$ getsebool -a | grep http
httpd_enable_homedirs is one of those.
I ran
setsebool -P httpd_enable_homedirs on
restorecon -Rv /home
And I see:
httpd_enable_homedirs --> on
Remember that file access is based on file permissions in combination
with file ownership. This means that if apache is neither owner nor
group owner of a file world must have read access for apache to access
such files. A 711 permission on a directory is then insufficient. It
allows apache to cd to, but not read the directory.
the owner is rgm:rgm, but the permissions is 755, not 711.
So still scratching my head here..
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos
