Just once, I’d like to see a problem that takes more than 20 minutes of my time to identify actually take time to resolve than it did to research. We’re probably all a little guilty of trying to make things harder than they should be, but I swear, I must have skipped “simple stuff” in school, because that’s what always gets me.
In this case, I had some files being ftp’d in regularly to a user’s folder on the server, and I needed to make the file accessible on a website that also runs on the box, but under a different ID.
The server is managed through Plesk, so I needed a brief lesson in httpd.conf management under Plesk - you don’t edit the file directly (it gets overwritten regularly with Plesk-generated data), but you can create a file called vhost.conf in [webroot]/conf. Mine looked like this:
Alias /cover /home/theuser
<Directory “/home/theuser”>
order deny,allow
allow from all
AllowOverride Limit
Options FollowSymLinks ExecCGI
</Directory>
Once that’s in place, two commands are needed:
- /usr/local/psa/admin/sbin/websrvmng –reconfigure-vhost –vhost-name=radio.lggmedia.ca
- /usr/sbin/apachectl restart
Everything above, including the vhost.conf creation, seems to need to be done as root.
That, however, wasn’t the problem.
The problem was that despite the amazing setup job I did with my vast array of sysadmin knowledge, I kept getting a 403 Forbidden error when trying to access any files in the /cover directory. Permissions were great across the board with everything world-readable from / to /home/theuser/file but Apache hated me.
After too much time and not enough beer, the issue turned out to be that Apache wanted the /home/theuser folder to be executable. I don’t know what made me try that, but once I set the bit, it all worked.
Sadly, I only found the explanatory “Directories need to be executable by the Apache user, so that Apache can get listings of the files in the directory, and display the documents located in that directory” from this article after Googling “why does apache need executable rights on a directory,” which isn’t much of a query for troubleshooting, since it kinda needs you to know
the answer up front. What did work great was preparing a blog post about the problem, which brought a solution to my mind right away. Talk to the duck…
Technorati Tags: Apache permissions
George | 15-Oct-07 at 3:50 pm | Permalink
Executable is needed in general to be able to cd to a dir.