Hello,
I am new to centos7 just came from win.
I 'd like to set up my machine as a web development workstation but I can not make it. Right now I must have done something very wrong because when I go to http://localhost I get
"Forbidden
You don't have permission to access / on this server."
I really want to learn how to use this os, so I would like to point me to documentation related on how setting up a machine as web developer work station. I have seen the series "building the perfect server with ..." but this are towards a server machine.
What I would like to have is
Name virtual host,
Users of the workstation having r/w access to fiels
and If it is possible, besides serving from /var/www/html, I would the users of the machine to be able to serve web applications from their public_html director not by a url like /localhost/~/local.wepapp but by a name virtual host like "local.webapp".
any link to related docs or info would be match appreciated,
thank you,
christoforos
Setup for webdevelopment
Re: Setup for webdevelopment
That means what it says.Forbidden You don't have permission to access / on this server.
1) Does the httpd server "know" the webroot? By default I think this is now somewhere under /usr/share/<something>. That's a change from C6 and previous versions.
2) Does the user running the webserver (usually either called apache or httpd), have read/execute permissions on the directory and the files (execute only required for directories not files)?
3) Have you run into an SELinux problem. Switch to permissive mode (use setenfoce command for this), try your http get and if that works, then you need to relabel those files (restorecon can help).
I see a potential problem there:Users of the workstation having r/w access to fiels
and If it is possible, besides serving from /var/www/html,
The default webroot is no longer under var and creation/update of files will probably no longer get the SE label required for web content, by default. To do so would involve you creating your own SE policy (not hard, but you've got to learn a whole bunch of stuff before hand). You'll want to ensure that when users write to the directories/files, they get the right labels and permissions.
AKA Apache's user directories module.public_html director not by a url like /localhost/~/local.wepapp
The Sys Admin documentation on |RHEL 7 docs site, provides much detail on the subjects mentioned (it's under web services, towards the end of the book).any link to related docs or info would be match appreciated,
Re: Setup for webdevelopment
Hi,
You will need to familiarise yourself with users' rights and permissions and how Apache behaves via editing its config file.
A good starting point would be this:
https://www.dedoimedo.com/computers/www ... ver-lm.pdf
You will need to familiarise yourself with users' rights and permissions and how Apache behaves via editing its config file.
A good starting point would be this:
https://www.dedoimedo.com/computers/www ... ver-lm.pdf
-
- Posts: 6
- Joined: 2017/09/20 10:36:18
Re: Setup for webdevelopment
The server knows about web root it is on /var/www/html and runs as user apache in group apache and the permissions are ok for this folder.
What I am trying to achieve is besides /var/www/html I am trying to serve also from /home/<user>/public_html which is known to apache from a Directory directive inside httpd.conf
Probably the problem is with permissions because /home/<User>/public_html folder belongs to User and group User and apache has no rights.
Two solution came on my mind:
1. To change ownership of /home/<user>/public_html to <User>:apache and give permissions 775 so <User> and group apache have rw access.
2. Change ownership default document root (/var/www/html) to apache:developer and add <User> to developer group with 775 permissions.
I followed the second beacouse I was afraid to change the document root.
I cant not say that I solved my problems because every time a new file is created by my IDE (Ntebeans) it is giver <User>:<User> ownership and I have to change ownership manually.
Perhaps se linux solves problems like this, I will surely have to learn it,
thanks for the info!
PS: Is it possible to have sub groups e.g .developer group as subgroup of apache or vice versa? (forgive me if what I ask is stupid, newbie here)
What I am trying to achieve is besides /var/www/html I am trying to serve also from /home/<user>/public_html which is known to apache from a Directory directive inside httpd.conf
Probably the problem is with permissions because /home/<User>/public_html folder belongs to User and group User and apache has no rights.
Two solution came on my mind:
1. To change ownership of /home/<user>/public_html to <User>:apache and give permissions 775 so <User> and group apache have rw access.
2. Change ownership default document root (/var/www/html) to apache:developer and add <User> to developer group with 775 permissions.
I followed the second beacouse I was afraid to change the document root.
I cant not say that I solved my problems because every time a new file is created by my IDE (Ntebeans) it is giver <User>:<User> ownership and I have to change ownership manually.
Perhaps se linux solves problems like this, I will surely have to learn it,
thanks for the info!
PS: Is it possible to have sub groups e.g .developer group as subgroup of apache or vice versa? (forgive me if what I ask is stupid, newbie here)
Re: Setup for webdevelopment
It can be done, but get your httpd server running properly first.
Permissions on those files and directories is something Linux is finicky about.
The first thing I'd recommend is to get the files you want ot publish out of the "/home" directory. That's probably going to cause headaches later, even if you get it working.
"VirtualHost" is your friend, once you get the first default page to load properly.
Check out this link pertaining to Access Control Lists.... There's a surprizing amount of malleability with Linux permissions....
http://www.softpanorama.org/Solaris/ACL/index.shtml
Best of luck!
Have fun!
Permissions on those files and directories is something Linux is finicky about.
The first thing I'd recommend is to get the files you want ot publish out of the "/home" directory. That's probably going to cause headaches later, even if you get it working.
"VirtualHost" is your friend, once you get the first default page to load properly.
Check out this link pertaining to Access Control Lists.... There's a surprizing amount of malleability with Linux permissions....
http://www.softpanorama.org/Solaris/ACL/index.shtml
Best of luck!
Have fun!
-
- Posts: 6
- Joined: 2017/09/20 10:36:18
Re: Setup for webdevelopment
thanks for the answer @anitch but outside /home the files wont be editable by editable without permission modification. I need to configure the machine for web development so edit, create, delete will be in daily base and propably form an IDE so it has to be done without more effort by the user.the first thing I'd recommend is to get the files you want ot publish out of the "/home" directory
So I ended up to this configuration which works fine for about 2 weeks now.
First I had a user named User belonged to the group User. Apache was running as user apache and belonged to the group apache.
1. I changed apache to also belongs to the group User.
2. I changed permisson of user home directory and personal web folder ( /home/User, home/User/public_html) to rwx--x--. This way apache could access directory without be able to modify them while the User could modify them.
3. I add to apache configuration file, in my case it was /etc/httpd/conf/httpd.conf the directive
Code: Select all
<Directory "/home/User/public_html">
AllowOverride None
Options Indexes FollowSymLinks
Require all granted
</Directory>
Until now this configuration works fine but any suggestion is welcome.