A problem with access forbidden


I don’t know if this is the right place for searching the answer, but I’ve been searching for google and these forums hard, and really no solution yet…

I use lampp which is basically out of the box apache. My problem is, I’m trying to view some files from my external hard drive, which is mounted in /media/Muumi. So I linked the folder I need from muumi with ln -s, and made it readable with chmod.

It’s saying Access Denied when I try to access it in browser. I’ve tried changing permissions, adding <Directory “/media/Muumi”> things in httpd.conf, but nothing seems to help.

Any ideas?

Mapping URLs to Filesystem Locations - Apache HTTP Server

Try that. Also, you should first confirm that you did chmod the way it really needs to be – see if you can browse to a page on the external hard drive directly: enter “/mnt/MyExtDrive/SomeFolder/a-page.html” and see if that works.

(Obviously, you change “MyExtDrive,” “SomeFolder” and “a-page” to real names. :slight_smile: )

Yes, for example file:///media/Muumi/test.html in browser works fine. But in this case I need php, and that won’t work straight (like file:///media/Muumi/test.php).

I tried this in httpd.conf:

<IfModule alias_module>
Alias /muumi "/media/Muumi/"

<Directory "/media/Muumi/">
    Options FollowSymLinks Indexes
    AllowOverride None
    Order allow,deny
    Allow from all

But still Access forbidden when browsing to localhost/muumi. Also tried hardlinking muumi to public_html again, without success.


My reading skills are kinda bad, so can you tell me precisely what to try out. Thanks!

You **say **you changed permissions, mounted somewhere, made symlinks, etc. But you did not **show **us. When you have a problem, and you looked everywhere, it is most likely you do not see something that may be somebody else will see. But only when you show him.
So please show output of things like ls -l, ps -ef | grep apache, cat /etc/apache2/… and whatever you think might be important. We cann not look into your system or over your shoulder.

Sorry. I made a Test folder with index.html, which should print out It works! if it works.

[15:26:22] rolle@peikko:~/$ ln -s /media/Muumi/Test/ /home/rolle/public_html/

Success, no output.

In nautilus, there is Test folder in public_html. When typing localhost/Test or peikko/Test in browser, it shows Access Forbidden page. You can try it out yourself here: http://peikko.us/Test

ps -ef |grep lampp

nobody     809 18810  0 15:12 ?        00:00:00 /opt/lampp/bin/httpd -k start -DSSL -DPHP5 -E /opt/lampp/logs/error_log
rolle     2208  7026  0 16:18 pts/1    00:00:00 grep --color lampp
root      7117     1  0 Dec18 pts/1    00:00:00 /bin/sh /opt/lampp/bin/mysqld_safe --datadir=/opt/lampp/var/mysql --pid-file=/opt/lampp/var/mysql/peikko.pid
nobody    7253  7117  0 Dec18 pts/1    00:01:43 /opt/lampp/sbin/mysqld --basedir=/opt/lampp --datadir=/opt/lampp/var/mysql --user=nobody --log-error=/opt/lampp/var/mysql/peikko.err --pid-file=/opt/lampp/var/mysql/peikko.pid --socket=/opt/lampp/var/mysql/mysql.sock --port=3306
root     18810     1  0 Dec20 ?        00:00:01 /opt/lampp/bin/httpd -k start -DSSL -DPHP5 -E /opt/lampp/logs/error_log

Meaningful things in /opt/lampp/etc/httpd.conf (too long to paste whole thing)

DocumentRoot "/home/rolle/public_html/"
<Directory />
    Options FollowSymLinks Indexes
    AllowOverride None
    #Order deny,allow
    #Deny from all
<Directory "/home/rolle/public_html/">
    # Possible values for the Options directive are "None", "All",
    # or any combination of:
    #   Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
    # Note that "MultiViews" must be named *explicitly* --- "Options All"
    # doesn't give it to you.
    # The Options directive is both complicated and important.  Please see
    # http://httpd.apache.org/docs/2.2/mod/core.html#options
    # for more information.
    #Options Indexes FollowSymLinks
    # XAMPP
    Options Indexes FollowSymLinks ExecCGI Includes

    # AllowOverride controls what directives may be placed in .htaccess files.
    # It can be "All", "None", or any combination of the keywords:
    #   Options FileInfo AuthConfig Limit
    #AllowOverride None
    # since XAMPP 1.4:
    AllowOverride All

    # Controls who can get stuff from this server.
    Order allow,deny
    Allow from all


# DirectoryIndex: sets the file that Apache will serve if a directory
# is requested.
<IfModule dir_module>
    #DirectoryIndex index.html
    # XAMPP
    DirectoryIndex index.html index.html.var index.php index.php3 index.php4 .index

# The following lines prevent .htaccess and .htpasswd files from being 
# viewed by Web clients. 
<FilesMatch "^\.ht">
    Order allow,deny
    Deny from all

<IfModule alias_module>
    # Redirect: Allows you to tell clients about documents that used to 
    # exist in your server's namespace, but do not anymore. The client 
    # will make a new request for the document at its new location.
    # Example:
    # Redirect permanent /foo http://www.example.com/bar

    # Alias: Maps web paths into filesystem paths and is used to
    # access content that does not live under the DocumentRoot.
    # Example:
    # Alias /webpath /full/filesystem/path
    # If you include a trailing / on /webpath then the server will
    # require it to be present in the URL.  You will also likely
    # need to provide a <Directory> section to allow access to
    # the filesystem path.

    # ScriptAlias: This controls which directories contain server scripts. 
    # ScriptAliases are essentially the same as Aliases, except that
    # documents in the target directory are treated as applications and
    # run by the server when requested rather than as documents sent to the
    # client.  The same rules about trailing "/" apply to ScriptAlias
    # directives as to Alias.
    ScriptAlias /cgi-bin/ "/opt/lampp/cgi-bin/"
    Alias /posters "/media/Muumi/Leffat/"


<Directory "/media/Muumi/">
    Options FollowSymLinks Indexes
    AllowOverride None
    Order allow,deny
    Allow from all

<Directory "/opt/lampp/cgi-bin">
    AllowOverride None
    Options None
    Order allow,deny
    Allow from all

Here you go. Now you can help me?

And where is the

s -l /media/Muumi
ls -l /medi/Muumi/Test

so we can see who is the owner and who is given access?
Ir seems that you do not run simly Apaxhe but som lampp. This is run by root and nobody (why nobody, does the products suggest this?).
I hope that nobody is the real user and then it must be able to access your /home/rolle/public_html/index.html. That means that /home, /home/rolle and /home/rolle must also rx have set for nobodu (or the world. Thus

ls -l /home

is also of interest.

BTW, when I browse to http://peiko.us/ I do get a page. Where is that page located?

[21:48:11] rolle@peikko:~$ ls -l /media/Muumi/Test/
yhteensä 1
-rwxrwxrwx 1 rolle users 80 21.12. 15:55 index.html

Lampp is out-of-a-box server for you to know… Word LAMPP comes from LINUX APACHE MYSQL PHP PERL, so it has apache and modules already. Very fast to install and configure. It basicly the same than installing them one by one.

[21:48:17] rolle@peikko:~$ ls -l /home
yhteensä 60
drwxr-xr-x   8 jape      users  4096 19.9. 00:58 jape
drwx------   2 root      root  16384 11.9. 08:20 lost+found
drwxrwxrwx   5 passenger users  4096  8.10. 18:20 passenger
drwxr-xr-x 157 rolle     users 36864 21.12. 17:03 rolle

It seems you are missing letters. It’s ls command, not s, and peikko.us, not peiko.us, right? peikko.us | Rollen kotikone points to /home/rolle/public_html, naturally. It has its own indexes and stuff. Everything works under public_html (which is DocumentRoot), but outside DocumentRoot/public_html nothing works in public.

Just to clearify: I try to get other places than public_html available to outside world. In this case I’m hardlinking my external harddrive Muumi to public_html, but it gives me Access Forbidden every time.

Hope this help.

Thanks for advance.

Yes, my fingers are a bit thick now and then.

Now I do not understand this. When you have done

ln -s /media/Muumi/Test/ /home/rolle/public_html/

(and public_html may not exist, else you would have got an error message) then

ls -l /home/rolle/public_html

must show something like

lrwxrwxrwx 1 rolle users 3 dec 21 21:08 public_html -> /media/Muumi/Test/

Please check that.
When that is the case then when your webserver serves /home/rolle/public_html/index.html this is in reality /media/Muumi/Test/index.html. And I see it!

You say:
“In this case I’m hardlinking my external harddrive Muumi to public_html”. That is impossible, not only because one can not link ‘harddrives’ (only directories/files), but also because you can not hard link accross file systems.

Most people running LAMP here have their files in /srv/www and the directories allready created there. I have. And I have added other directories to that in /etc/apache2/default-server.conf, works without problems. But I do not use your lampp from somewhere, but the normal openSUSE repository ones.

Yes, the default DocumentRoot in lampp is /opt/lampp/htdocs/, but I don’t like it that way. I want it to act more like original apache, and I it’s easier to put files to $HOME/public_html than some other path. This is really more matter of taste.

I’m just wondering why this does not work now. In openSUSE 11.1 it used to work like charm.

I have to say I don’t understand people who bring foreign LAMP stacks to openSUSE when it’s just a matter of installing the LAMP pattern in YaST. But anyway to try to be helpful, you should look at the Options in effect, including any that are inherited. You’ll probably find that you need to allow Symlinks for this particular directory.

I meant to say “hardlinking directory in my external harddrive Muumi to public_html” (the command ln -s /media/Muumi/Test /home/rolle/public_html/ → which creates Test-link in public_html -directory, like mv /media/Muumi/Test /home/rolle/public_html/ would move Test-folder to public_html… ).

You talk nuts. This is not hardlinking. The -s option in ln -s means symbolic.

Until now I tried to understand what you are doing even if you did it not the ‘normal’ openSUSE way, because I thought you knew what you are doing. But now I think I am with ken_yap. There is a perfect way to install LAMP the openSUSE native way. It will run under www (not nobody). It will serve by default from /srv/www/htdocs and friends (not from within somebody’s home directory) and it can easily be configured to serve from other directories. I also have a strong idea that you do not understand linking (hard and symbolic) and did not read the security actions Apache makes (like not following symbolic links).

In short, I give up. For you information, I give up for lack of knowledge about your lampp thingy.