I am using centos 7, I installed httpd, svn and mod_dav_svn, I can access the apache by http://localhost.
my /etc/httpd/conf.modules.d/10-subversion.conf looks like :
LoadModule dav_svn_module modules/mod_dav_svn.so
LoadModule authz_svn_module modules/mod_authz_svn.so
LoadModule dontdothat_module modules/mod_dontdothat.so
<Location /svn>
DAV svn
SVNParentPath /svn
AuthName "SVN repo"
AuthType Basic
AuthUserFile /etc/svn/svn-auth
AuthzSVNAccessFile /svn/authz
Require valid-user
</Location>
Create svn repo by command :
cd /svn
sudo svnadmin create repo
sudo chown -R apache:apache repo
Then setup user permission for users by editting /svn/authz which copied from /svn/repo/conf/authz
sudo cp /svn/repo/conf/authz /svn/authz
However, when I accessed http://localhost/svn/repo, it showed me that 403 forbidden, You don't have permission to access /svn/repo on this server.
my /svn directory is :
[frank#localhost svn]$ ls
authz repo
[frank#localhost svn]$ ls -l
total 4
-rw-r--r--. 1 root root 1123 Nov 12 11:08 authz
drwxr-xr-x. 6 apache apache 80 Nov 12 11:01 repo
/svn/authz
[groups]
admin = frank
general_user=test1
[/]
#admin=rw
[repo:/]
#general_user=r
What's the problem?
----- Updated on 14 Nov ------------
I enabled logging like
<Location /svn>
DAV svn
…
</Location>
CustomLog logs/svn_logfile "%t %u %{SVN-ACTION}e" env=SVN-ACTION
there is svn_logfile under /var/log/httpd, but it is empty.
-rw-r--r--. 1 apache apache 0 Nov 14 22:32 svn_logfile
In error_log, the information displayed as
[Mon Nov 14 22:32:15.789588 2016] [core:notice] [pid 6924] SELinux policy enabled; httpd running as context system_u:system_r:httpd_t:s0
[Mon Nov 14 22:32:15.791536 2016] [suexec:notice] [pid 6924] AH01232: suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using localhost.localdomain. Set the 'ServerName' directive globally to suppress this message
[Mon Nov 14 22:32:15.828814 2016] [auth_digest:notice] [pid 6924] AH01757: generating secret for digest authentication ...
[Mon Nov 14 22:32:15.830345 2016] [lbmethod_heartbeat:notice] [pid 6924] AH02282: No slotmem from mod_heartmonitor
[Mon Nov 14 22:32:15.842779 2016] [mpm_prefork:notice] [pid 6924] AH00163: Apache/2.4.6 (CentOS) SVN/1.7.14 configured -- resuming normal operations
[Mon Nov 14 22:32:15.842858 2016] [core:notice] [pid 6924] AH00094: Command line: '/usr/sbin/httpd -D FOREGROUND'
[Mon Nov 14 22:32:25.641415 2016] [authz_svn:error] [pid 6933] (13)Permission denied: [client ::1:60550] Failed to load the AuthzSVNAccessFile: Can't open file '/svn/authz': Permission denied
[Mon Nov 14 22:32:25.641504 2016] [authz_svn:error] [pid 6933] [client ::1:60550] Access denied: 'frank' GET repo:/
but permission of /svn/authz is:
drwxr-xr-x. 4 apache apache 41 Nov 13 22:16 svn
-rwxrwxrwx. 1 apache apache 1120 Nov 12 22:58 authz
drwxr-xr-x. 6 apache apache 80 Nov 12 11:01 repo
The problem is selinux.
After I modify the selinux security context of /svn by
sudo chcon -Rv –-type=httpd_sys_content_t /svn
then I can access the svn.
Then setup user permission for users by editting /svn/authz
You should double-check the access rules you put into authz file. There should be an access rule such as
[repo:/]
* = r
* = r stands for Everyone -- Read Only. Read about the access rules and authz file syntax in SVNBook | Path-Based Authorization.
BTW, you could enable logging and find out the root cause by yourself. Read SVNBook | Apache logging.
Related
My company has just provided us SSL certificates that I had to attempt to install and configure using Apache2.4 on a Windows Server 2019.
I created a folder called "certs" within the conf folder on Apache24.
Within the certs folder, I have the following certs:
MYCOMPANY_Intermediate.cer
MYCOMPANY_Root.cer
mycompany_name_com.cer
private.cer
private.key
I have updated the httpd-ssl.conf file to include the certs, as follows:
<VirtualHost _default_:443>
DocumentRoot "D:/htdocs"
ServerName mycompany.name.com:443
ServerAdmin mycompany#email.com
ErrorLog "${SRVROOT}/logs/error-ssl.log"
TransferLog "${SRVROOT}/logs/access-ssl.log"
# SSL Engine Switch:
SSLEngine on
# Server Certificate:
SSLCertificateFile "${SRVROOT}/conf/certs/mycompany_name_com.cer"
# Server Private Key:
SSLCertificateKeyFile "${SRVROOT}/conf/certs/private.key"
# Server Certificate Chain:
SSLCertificateChainFile "${SRVROOT}/conf/certs/MYCOMPANY_Intermediate.cer"
</VirtualHost>
Back in the httpd.conf file, when I include the following:
# Secure (SSL/TLS) connections
Include conf/extra/httpd-ssl.conf
Apache fails to restart.
Within the error log, the only thing noticeable that I am finding is maybe this:
[Sat Jan 23 10:56:32.453519 2021] [mpm_winnt:notice] [pid 8552:tid 772] AH00455: Apache/2.4.46 (Win64) mod_authnz_sspi/0.1.1 OpenSSL/1.1.1h PHP/7.4.12 configured -- resuming normal operations
[Sat Jan 23 10:56:32.453519 2021] [mpm_winnt:notice] [pid 8552:tid 772] AH00456: Apache Lounge VS16 Server built: Oct 2 2020 11:45:39
[Sat Jan 23 10:56:32.453519 2021] [core:notice] [pid 8552:tid 772] AH00094: Command line: 'C:\\Apache24\\bin\\httpd.exe -d C:/Apache24'
[Sat Jan 23 10:56:32.463520 2021] [mpm_winnt:notice] [pid 8552:tid 772] AH00418: Parent: Created child process 17204
[Sat Jan 23 10:56:33.684738 2021] [ssl:warn] [pid 17204:tid 808] AH01873: Init: Session Cache is not configured [hint: SSLSessionCache]
[Sat Jan 23 10:56:33.729741 2021] [mpm_winnt:notice] [pid 17204:tid 808] AH00354: Child: Starting 64 worker threads.
As you will see, there are no errors, just warnings. I do not know why Apache is failing to restart, and I really need to get this to work.
Edit
In the Event View, under Windows Log under System, I see the following error:
The Apache2.4 service terminated with the following service-specific error:
Incorrect function.
I also see an event ID number 7024. I am not sure what that means.
I found my problem...
A typo.
Yup, it was a typo.
In the httpd-ssl.conf file, this part:
# Server Certificate:
SSLCertificateFile "${SRVROOT}/conf/certs/mycompany_name_com.cer"
mycompany_name_com.cer was mispelled.
thecompany_name_com.cer is the correct spelling.
I'm trying to run the below command from my linux server
curl -T helloworld.txt -u user:pwd http://<ip>/record/helloworld.txt
Not able to upload a helloworld.txt file to my http url
Error:
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>403 Forbidden</title>
</head><body>
<h1>Forbidden</h1>
<p>You don't have permission to access /record/helloworld.txt
on this server.</p>
<hr>
<address>Apache/2.2.3 (Red Hat) Server at <ip> Port 80</address>
</body>
</html>
httpd.conf:
Alias /record /usr/bin/Test/web/record
<Directory /usr/bin/Test/web/record>
DAV On
Options Indexes MultiViews FollowSymLinks
EnableSendfile off
AllowOverride None
Order allow,deny
allow from all
</Directory>
<Location "/record">
DAV On
AuthType Basic
AuthName "user"
AuthUserFile /usr/bin/Test/web/.htpasswd
Require valid-user
RewriteEngine off
</Location>
httpd error logs:
[Thu Aug 27 16:54:39 2015] [notice] caught SIGTERM, shutting down
[Thu Aug 27 16:54:39 2015] [notice] SELinux policy enabled; httpd running as context root:system_r:httpd_t:s0
[Thu Aug 27 16:54:39 2015] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Thu Aug 27 16:54:39 2015] [notice] Digest: generating secret for digest authentication ...
[Thu Aug 27 16:54:39 2015] [notice] Digest: done
[Thu Aug 27 16:54:39 2015] [notice] Apache/2.2.3 (Red Hat) configured -- resuming normal operations
[Thu Aug 27 16:56:41 2015] [error] [client <ip>] Unable to PUT new contents for /record/helloworld.txt. [403, #0]
[Thu Aug 27 16:56:41 2015] [error] [client <ip>] (13)Permission denied: An error occurred while opening a resource. [500, #0]
I have installed Xampp server (xampp-win32-5.6.8-0-VC11-installer) on Windows 8 64 bit os. I have deployed the HelloWorld application folder in htdocs directory and added a virtual host in httpd-vhosts.conf file like below
<VirtualHost localhost:80>
DocumentRoot C:/xampp/htdocs/
RewriteEngine On
ProxyRequests Off
ServerName localhost
<Directory C:/xampp/htdocs/Aasifeweb/app/>
Require all granted
Allow from all
</Directory>
<Location />
ProxyPass http://localhost/Aasifeweb/app/#/home
ProxyPassReverse http://localhost/Aasifeweb/app/#/home
ProxyPassReverseCookiePath / http://localhost/Aasifeweb/app/#/home
</Location>
</VirtualHost>
Apache error Log file
[Fri Aug 07 19:23:26.149126 2015] [ssl:warn] [pid 2684:tid 448] AH01909: www.example.com:443:0 server certificate does NOT include an ID which matches the server name
[Fri Aug 07 19:23:26.200160 2015] [core:warn] [pid 2684:tid 448] AH00098: pid file C:/xampp/apache/logs/httpd.pid overwritten -- Unclean shutdown of previous Apache run?
[Fri Aug 07 19:23:26.268206 2015] [ssl:warn] [pid 2684:tid 448] AH01909: www.example.com:443:0 server certificate does NOT include an ID which matches the server name
[Fri Aug 07 19:23:26.298225 2015] [mpm_winnt:notice] [pid 2684:tid 448] AH00455: Apache/2.4.12 (Win32) OpenSSL/1.0.1l PHP/5.6.8 configured -- resuming normal operations
[Fri Aug 07 19:23:26.298225 2015] [mpm_winnt:notice] [pid 2684:tid 448] AH00456: Apache Lounge VC11 Server built: Jan 28 2015 16:48:40
[Fri Aug 07 19:23:26.298225 2015] [core:notice] [pid 2684:tid 448] AH00094: Command line: 'c:\\xampp\\apache\\bin\\httpd.exe -d C:/xampp/apache'
[Fri Aug 07 19:23:26.301227 2015] [mpm_winnt:notice] [pid 2684:tid 448] AH00418: Parent: Created child process 3576
AH00548: NameVirtualHost has no effect and will be removed in the next release C:/xampp/apache/conf/extra/httpd-vhosts.conf:20
[Fri Aug 07 19:23:26.763535 2015] [ssl:warn] [pid 3576:tid 448] AH01909: www.example.com:443:0 server certificate does NOT include an ID which matches the server name
[Fri Aug 07 19:23:26.885617 2015] [ssl:warn] [pid 3576:tid 448] AH01909: www.example.com:443:0 server certificate does NOT include an ID which matches the server name
[Fri Aug 07 19:23:26.918638 2015] [mpm_winnt:notice] [pid 3576:tid 448] AH00354: Child: Starting 150 worker threads.
[Fri Aug 07 19:23:29.637450 2015] [mpm_winnt:error] [pid 3576:tid 4852] AH00326: Server ran out of threads to serve requests. Consider raising the ThreadsPerChild setting
This problem occurs when i add virtual host configuration to the httpd-vhosts.conf file. When i remove the virtual host, the server seems to respond. The deployed application is written in angular-js framework
Important: The request seems to be appending the resource path again and again. But, I'm not sure why this happens?
GET /Aasifeweb/app/%23/homeAasifeweb/app/%23/homeAasifeweb/app/%23/homeAasifeweb/app/%23
When I hit http://localhost in browser, it keeps loading. There are lot of solutions in the internet, but nothing works for me.
Things I have tried to solve the problem
I have done netsh winsock reset
I have changed the port of the
apache server
I have disabled skype and antivirus
Please let me know your views
I didn't have to use ProxyPass at all. I just had to point the directory and Angularjs - ng-route takes care of page routing.
<VirtualHost localhost:80>
DocumentRoot C:/xampp/htdocs/Aasifeweb/app
</VirtualHost>
After syslogd retarted, Apache started logging Permission denied errors. Nothing has changed on the box. Permissions are 755 across the board and config file hasn't changed. I even set permissions to 777 on all folders leading to the web folder and restarted httpd. SElinux disabled. CentOS release 5.7. Any ideas?
[user#host log]$ sudo cat messages
Jun 23 04:02:55 systools syslogd 1.4.1: restart.
[user#host log]$ head /etc/httpd/logs/error_log
[Sun Jun 23 04:03:02 2013] [notice] Digest: generating secret for digest authentication ...
[Sun Jun 23 04:03:02 2013] [notice] Digest: done
[Sun Jun 23 04:03:04 2013] [notice] mod_python: Creating 4 session mutexes based on 256 max processes and 0 max threads.
[Sun Jun 23 04:03:05 2013] [notice] Apache/2.2.3 (CentOS) configured -- resuming normal operations
[Sun Jun 23 04:04:16 2013] [error] [client 192.168.1.190] (13)Permission denied: access to /incident/rss.php denied
[Sun Jun 23 04:09:14 2013] [error] [client 192.168.1.190] (13)Permission denied: access to /incident/rss.php denied
[Sun Jun 23 04:14:14 2013] [error] [client 192.168.1.190] (13)Permission denied: access to /incident/rss.php denied
[Sun Jun 23 04:19:15 2013] [error] [client 192.168.1.190] (13)Permission denied: access to /incident/rss.php denied
[Sun Jun 23 04:24:16 2013] [error] [client 192.168.1.190] (13)Permission denied: access to /incident/rss.php denied
Forbidden
You don't have permission to access / on this server.
Apache/2.2.3 (CentOS) Server at systools.corp.webex.com Port 80
Changed permissions of files and restarted httpd.
find /var/www -type d -exec chmod 775 {} \; find /var/www -type f -exec chmod 664 {} \; /etc/init.d/http restart
I recently installed apache server via lamp on ubuntu, I tried to copy into /var/www a directory that includes scripts that I created on windows wampserver.
For some reason while trying to access this directory I get 403 Forbidden error.
Can someone help me please?
Recent apache log -
[Fri Jul 27 08:25:31 2012] [error] [client 127.0.0.1] (13)Permission denied: access to /cms-dev/index.html denied
[Fri Jul 27 08:25:31 2012] [error] [client 127.0.0.1] (13)Permission denied: access to /cms-dev/index.cgi denied
[Fri Jul 27 08:25:31 2012] [error] [client 127.0.0.1] (13)Permission denied: access to /cms-dev/index.pl denied
[Fri Jul 27 08:25:31 2012] [error] [client 127.0.0.1] (13)Permission denied: access to /cms-dev/index.php denied
[Fri Jul 27 08:25:31 2012] [error] [client 127.0.0.1] (13)Permission denied: access to /cms-dev/index.xhtml denied
[Fri Jul 27 08:25:31 2012] [error] [client 127.0.0.1] (13)Permission denied: access to /cms-dev/index.htm denied
[Fri Jul 27 08:25:31 2012] [error] [client 127.0.0.1] File does not exist: /var/www/favicon.ico
I think you will need write permissions for copying files into the var folder, also I suggest copying it as root, (with sudo cp file_name), because changing permissions of var and its subfolders for normal users are not recommended.
I had the same problem and solved it as below:
sudo usermod -a -G <username> www-data
sudo chown :www-data /var/www -R
sudo chmod g+rwX /var/www -R
sudo chmod g+s /var/www
Then try to re-login.
Ubuntu is doing some hard time and the only solution is that everytime you copy files to the folder you must run the following script in the terminal -
sudo chmod -R 777 /var/www