Page 1 of 1

File access denied by httpd after restarting the server

Posted: 2011/03/01 17:29:13
by huyhk
Hello all,

I have a problem with my webserver.

My server is CentOS 5

Apache 2.2.3

I have an upload folder allows users to upload file.

I've run "chown" this folder to apache user (running httpd service) and group and "chmod" the folder to 777 with recursive (-R) option.

Everything is OK, users can upload and browse the file from this folder.

But if I restart the server, some files (only some, not all) will be inaccessible by httpd. It returns 403 error (forbidden).

I run "ls -l", all the files belong to apache and 777 mode.

If I run "httpd -k restart", nothing change.

But if I run "httpd -k stop" and then "httpd -k start", all files are accessible.

I tried to restart the server several times, I got the same result.

I dont know why?

Anyone can help me to solve this?

Thanks in advance.

Re: File access denied by httpd after restarting the server

Posted: 2011/03/01 17:52:04
by pjwelsh
This sounds like an [url=http://wiki.centos.org/HowTos/SELinux]selinux[/url] issue at first glance.

File access denied by httpd after restarting the server

Posted: 2011/03/01 18:59:04
by pschaff
[quote]
huyhk wrote:
...
I run "ls -l", all the files belong to apache and 777 mode.
...[/quote]
Don't know what it may have to do with your problems, but having all those files with world read/write/execute permissions sounds like a [i]very[/i] large security hole.

Re: File access denied by httpd after restarting the server

Posted: 2011/03/02 03:00:18
by huyhk
Thanks for you all help. I will try the change SELinux config and test the system again.


[quote]
pschaff wrote:
[quote]
huyhk wrote:
...
I run "ls -l", all the files belong to apache and 777 mode.
...[/quote]
Don't know what it may have to do with your problems, but having all those files with world read/write/execute permissions sounds like a [i]very[/i] large security hole.[/quote]

I know this risk, but because of the error, I tried the mode to 777 to check. But nothing changed.