Re: Curious symlink problem with Apache -- FC12

2010-11-03 Thread Tom H
On Wed, Nov 3, 2010 at 8:58 AM, Robert Moskowitz wrote: > On 11/03/2010 07:04 AM, Tom H wrote: >> >> You're going to have to compare the selinux contexts with the "-Z" ls >> option and then apply the correct context (most probably with >> "--type=httpd_sys_content_t") on the CentOS repository. > >

Re: Curious symlink problem with Apache -- FC12

2010-11-03 Thread Robert Moskowitz
On 11/03/2010 11:56 AM, Tim wrote: > On Wed, 2010-11-03 at 11:27 -0400, Robert Moskowitz wrote: > >> This is NOT a publicly facing server. It is behind my firewall (A >> Juniper SSG5) on a subnet that has very limited outside access. Other >> subnets here have limited access to this subnet. Thi

Solved - Re: Curious symlink problem with Apache -- FC12

2010-11-03 Thread Robert Moskowitz
The problem was permissions at: [r...@homebase /]# ls -ls /media/ total 4 4 drwx-- 6 root root 4096 2010-11-01 09:52 d4ae05a3-c60f-489d-8159-e16c9a271f0b I changed that from 700 to 755 and now everything works. I kind of thought that symlink permissions were inherited for the current path,

Re: Curious symlink problem with Apache -- FC12

2010-11-03 Thread Tim
On Thu, 2010-11-04 at 02:15 +1030, Tim wrote: > Typing correction, the triple of permissions should have been: > > rwx & r-- & r-- > > No eXecutables set. Grr, sodding typos. I'll try that again, third time's the charm... For most files served out through Apache, there will be no executable

Re: Curious symlink problem with Apache -- FC12

2010-11-03 Thread Tim
On Wed, 2010-11-03 at 15:15 +0100, Roberto Ragusa wrote: > Try this,as root: > > su apache I wouldn't expect that to work. The default set up for the apache user doesn't let you (anybody or anything) login as apache to be able to do anything. -- [...@localhost ~]$ uname -r 2.6.27.25-78.2.56.f

Re: Curious symlink problem with Apache -- FC12

2010-11-03 Thread Tim
On Wed, 2010-11-03 at 11:27 -0400, Robert Moskowitz wrote: > This is NOT a publicly facing server. It is behind my firewall (A > Juniper SSG5) on a subnet that has very limited outside access. Other > subnets here have limited access to this subnet. This server is > running the Amahi.org setup an

Re: Curious symlink problem with Apache -- FC12

2010-11-03 Thread James Mckenzie
Robert Moskowitz wrote: > >Well this is not going well... > >On 11/03/2010 10:15 AM, Roberto Ragusa wrote: >> James Mckenzie wrote: >> >>> Robert Moskowitz wrote: >>> >>> # ls -lsZ total 8 lrwxrwxrwx root root ?Centos-5.5 -> /media/d4a

Re: Curious symlink problem with Apache -- FC12

2010-11-03 Thread Tim
On Thu, 2010-11-04 at 00:01 +1030, Tim wrote: > The file permissions need to be almost the same, the file in question > should be rwx r-x r-x (owner read, write and execute; group > permissions usually don't matter; other users can read the files). > Apache treats the executable bit on files specia

Re: Curious symlink problem with Apache -- FC12

2010-11-03 Thread Robert Moskowitz
Well this is not going well... On 11/03/2010 10:15 AM, Roberto Ragusa wrote: > James Mckenzie wrote: > >> Robert Moskowitz wrote: >> >> >>> # ls -lsZ >>> total 8 >>> lrwxrwxrwx root root ?Centos-5.5 -> >>> /media/d4ae05a3-c60f-489d-8159-e16c9a271f0b/repos

Re: Curious symlink problem with Apache -- FC12

2010-11-03 Thread Robert Moskowitz
There is a lot here to go through, but just a quick note below. On 11/03/2010 09:31 AM, Tim wrote: > On Wed, 2010-11-03 at 01:59 -0400, Robert Moskowitz wrote: > >> # cat /etc/sysconfig/selinux >> >> # This file controls the state of SELinux on the system. >> # SELINUX= can take one of these t

Re: Curious symlink problem with Apache -- FC12

2010-11-03 Thread Roberto Ragusa
James Mckenzie wrote: > Robert Moskowitz wrote: > >> # ls -lsZ >> total 8 >> lrwxrwxrwx root root ?Centos-5.5 -> >> /media/d4ae05a3-c60f-489d-8159-e16c9a271f0b/repos/centos/5.5 >> lrwxrwxrwx root root ?FC12 -> >> /var/hda/files/rep

Re: Curious symlink problem with Apache -- FC12

2010-11-03 Thread James Mckenzie
Robert Moskowitz wrote: > ># ls -lsZ >total 8 >lrwxrwxrwx root root ?Centos-5.5 -> >/media/d4ae05a3-c60f-489d-8159-e16c9a271f0b/repos/centos/5.5 >lrwxrwxrwx root root ?FC12 -> >/var/hda/files/repo/fedora/FC12 >-rw-r--r-- root root

Re: Curious symlink problem with Apache -- FC12

2010-11-03 Thread Tim
On Wed, 2010-11-03 at 01:59 -0400, Robert Moskowitz wrote: > # cat /etc/sysconfig/selinux > > # This file controls the state of SELinux on the system. > # SELINUX= can take one of these three values: > # enforcing - SELinux security policy is enforced. > # permissive - SELinux prints warnings ins

Re: Curious symlink problem with Apache -- FC12

2010-11-03 Thread Robert Moskowitz
On 11/03/2010 07:04 AM, Tom H wrote: > On Wed, Nov 3, 2010 at 12:11 AM, Robert Moskowitz > wrote: > >> On 11/02/2010 10:13 PM, Tom H wrote: >> >>> On Tue, Nov 2, 2010 at 9:39 PM, Robert Moskowitz >>> wrote: >>> I have a very simple setup. This is to create a simple repo.

Re: Curious symlink problem with Apache -- FC12

2010-11-03 Thread Tom H
On Wed, Nov 3, 2010 at 12:11 AM, Robert Moskowitz wrote: > On 11/02/2010 10:13 PM, Tom H wrote: >> On Tue, Nov 2, 2010 at 9:39 PM, Robert Moskowitz >>  wrote: >>> >>> I have a very simple setup.  This is to create a simple repo. >>> >>> In /var//repo/html there are three files: >>> >>> # ls -l

Re: Curious symlink problem with Apache -- FC12

2010-11-02 Thread Robert Moskowitz
On 11/02/2010 10:07 PM, Bruno Wolff III wrote: > On Tue, Nov 02, 2010 at 21:39:38 -0400, >Robert Moskowitz wrote: > >> The link to FC12 works. The link ot Centos-5.5 gets a 403 failure: >> >> You don't have permission to access /Centos-5.5 on this server. >> >> The permissions look the same,

Re: Curious symlink problem with Apache -- FC12

2010-11-02 Thread Robert Moskowitz
On 11/02/2010 10:13 PM, Tom H wrote: > On Tue, Nov 2, 2010 at 9:39 PM, Robert Moskowitz wrote: > >> I have a very simple setup. This is to create a simple repo. >> >> In /var//repo/html there are three files: >> >> # ls -ls >> total 8 >> 4 lrwxrwxrwx 1 root root 60 2010-11-02 13:42 Cent

Re: Curious symlink problem with Apache -- FC12

2010-11-02 Thread Bruno Wolff III
On Tue, Nov 02, 2010 at 21:39:38 -0400, Robert Moskowitz wrote: > > The link to FC12 works. The link ot Centos-5.5 gets a 403 failure: > > You don't have permission to access /Centos-5.5 on this server. > > The permissions look the same, so why the failure? And looking into > these two sym

Re: Curious symlink problem with Apache -- FC12

2010-11-02 Thread Tom H
On Tue, Nov 2, 2010 at 9:39 PM, Robert Moskowitz wrote: > I have a very simple setup.  This is to create a simple repo. > > In /var//repo/html there are three files: > > # ls -ls > total 8 > 4 lrwxrwxrwx 1 root root 60 2010-11-02 13:42 Centos-5.5 -> > /media/d4ae05a3-c60f-489d-8159-e16c9a271f0

Curious symlink problem with Apache -- FC12

2010-11-02 Thread Robert Moskowitz
I have a very simple setup. This is to create a simple repo. In /var//repo/html there are three files: # ls -ls total 8 4 lrwxrwxrwx 1 root root 60 2010-11-02 13:42 Centos-5.5 -> /media/d4ae05a3-c60f-489d-8159-e16c9a271f0b/repos/centos/5.5 0 lrwxrwxrwx 1 root root 31 2010-11-02 11:05 FC12 -