PDA

Archiv verlassen und diese Seite im Standarddesign anzeigen : Apache2 homedir Problem



Multe
14.01.05, 10:26
Hallo,

ich hab nochmal meinen Apache2 angesehen und weiterhin folgendes Problem.
Alle Seiten die im Verzeichnis /home/user/public_html liegen werden ohne Probleme angezeigt.
Alle Seiten die im Verzeichnis /home/subdir/user/public_html liegen werden nicht angezeigt.
Es wird ein Fehler 403 ausgegeben.

Bei diesen Seiten handelt es sich um Subdomains sowohl eine TLD. Daher schliesse ich einen Fehler in der DNS Konfiguration aus. Das habe ich auch nocheinmal geprüft, alle Angaben landen auf dem richtigen Server.

Ich hab auch einen User testhalber aus dem subdir rausgenommen und eine Verzeichnisebene höher angesetzt, dann geht die Seite.

Fehlermeldung /var/log/apache2/error-log:



bliblaHostnameBlubbetc request denied by server configuration


httpd.conf:


###
# (1)
###
Include /etc/apache2/httpd_global.conf

# forbid access to the entire filesystem by default
<Directory />
Options None
AllowOverride None
Order deny,allow
Deny from all
</Directory>

# use .htaccess files for overriding,
AccessFileName .htaccess
# and never show them
<Files ~ "^\.ht">
Order allow,deny
Deny from all
</Files>

<Directory "/home/subdir/*">
AllowOverride All
Order allow,deny
Allow from all
</Directory>


DirectoryIndex index.html index.htm index.php index.html.var index.shtml


### 'Main' server configuration #############################################
# (2)
###

Include /etc/apache2/httpd_main.conf

ServerName domain.tld

ServerAdmin webmaster@domain.tld

AddType text/html .shtml

## TESTEINTRAG der den Eintrag der SUSECONFIG ueberschreibt (wie auf alten Server)
UseCanonicalName On


### Virtual server configuration ############################################
#
# You may use the command line option '-S' to verify your virtual host
# configuration.
#

NameVirtualHost xxx.xxx.xxx.xxx:80
NameVirtualHost xxx.xxx.xxx.xxx:443

<VirtualHost xxx.xxx.xxx.xxx:80>
ServerName domain.tld
ServerAlias www.domain.tld
DocumentRoot /home/domain/public_html
ErrorLog /var/log/apache2/domain-error_log
CustomLog /var/log/apache2/domain-access_log common
ServerAdmin webmaster@domain.tld
<IfModule mod_ssl.c>
SSLEngine off
</IfModule>
<Directory "/home/domain/public_html/*">
AllowOverride All
</Directory>
<IfModule sapi_apache2.c>
php_admin_flag engine on
php_admin_value upload_tmp_dir /home/domain/public_html/tmp
</IfModule>
</VirtualHost>

<VirtualHost xxx.xxx.xxx.xxx:80>
ServerName user.domain.tld.de
DocumentRoot /home/subdir/user/public_html
ErrorLog /var/log/apache2/user-error_log
CustomLog /var/log/apache2/user-access_log common
ServerAdmin webmaster@domain.tld
<IfModule mod_ssl.c>
SSLEngine off
</IfModule>
<Directory "/home/subdir/user/public_html/*">
AllowOverride All
</Directory>
<IfModule sapi_apache2.c>
php_admin_flag engine on
</IfModule>
</VirtualHost>

<VirtualHost xxx.xxx.xxx.xxx:80>
ServerName user1.domain.tld.de
DocumentRoot /home/subdir/user1/public_html
ErrorLog /var/log/apache2/user1-error_log
CustomLog /var/log/apache2/user1-access_log common
ServerAdmin webmaster@domain.tld
<IfModule mod_ssl.c>
SSLEngine off
</IfModule>
<Directory "/home/subdir/user1/public_html/*">
AllowOverride All
</Directory>
<IfModule sapi_apache2.c>
php_admin_flag engine on
</IfModule>
</VirtualHost>

<VirtualHost xxx.xxx.xxx.xxx:80>
ServerName domain1.tld.de
ServerAlias www.domain1.tld
DocumentRoot /home/domain1/public_html
ErrorLog /var/log/apache2/domain1-error_log
CustomLog /var/log/apache2/domain1-access_log common
ServerAdmin webmaster@domaina.tld
<IfModule mod_ssl.c>
SSLEngine off
</IfModule>
<Directory "/home/domain1/public_html/*">
AllowOverride All
</Directory>
<IfModule sapi_apache2.c>
php_admin_flag engine on
</IfModule>
</VirtualHost>

....
# weiter VHOSTS gleiches Muster wie oben


httpd_global.conf:


#---------------------------------------------------------------------------
# Userid und Group des Apache
User wwwrun
Group www
#---------------------------------------------------------------------------
# prefork MPM
<IfModule prefork.c>
# number of server processes to start
StartServers 5
# minimum number of server processes which are kept spare
MinSpareServers 5
# maximum number of server processes which are kept spare
MaxSpareServers 10
# highest possible MaxClients setting for the lifetime of the Apache process.
ServerLimit 150
# maximum number of server processes allowed to start
MaxClients 150
# maximum number of requests a server process serves
MaxRequestsPerChild 100
</IfModule>
#---------------------------------------------------------------------------
KeepAlive On
MaxKeepAliveRequests 100
KeepAliveTimeout 15
BrowserMatch "Mozilla/2" nokeepalive
BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0
BrowserMatch "RealPlayer 4\.0" force-response-1.0
BrowserMatch "Java/1\.0" force-response-1.0
BrowserMatch "JDK/1\.0" force-response-1.0
BrowserMatch "Microsoft Data Access Internet Publishing Provider" redirect-carefully
BrowserMatch "^WebDrive" redirect-carefully
BrowserMatch "^WebDAVFS/1.[012]" redirect-carefully
BrowserMatch "^gnome-vfs" redirect-carefully
#---------------------------------------------------------------------------
ErrorLog /var/log/apache2/error_log
#---------------------------------------------------------------------------
# Wird immer von APACHE_MODULES generiert wenn /etc/sysconfig/apache2
# ausgefuehrt wird, NICHT AENDERN!
#Include /etc/apache2/sysconfig.d/loadmodule.conf
LoadModule access_module /usr/lib/apache2-prefork/mod_access.so
LoadModule actions_module /usr/lib/apache2-prefork/mod_actions.so
LoadModule alias_module /usr/lib/apache2-prefork/mod_alias.so
LoadModule auth_module /usr/lib/apache2-prefork/mod_auth.so
LoadModule auth_dbm_module /usr/lib/apache2-prefork/mod_auth_dbm.so
LoadModule autoindex_module /usr/lib/apache2-prefork/mod_autoindex.so
LoadModule cgi_module /usr/lib/apache2-prefork/mod_cgi.so
LoadModule dir_module /usr/lib/apache2-prefork/mod_dir.so
LoadModule env_module /usr/lib/apache2-prefork/mod_env.so
LoadModule expires_module /usr/lib/apache2-prefork/mod_expires.so
LoadModule include_module /usr/lib/apache2-prefork/mod_include.so
LoadModule log_config_module /usr/lib/apache2-prefork/mod_log_config.so
LoadModule mime_module /usr/lib/apache2-prefork/mod_mime.so
LoadModule negotiation_module /usr/lib/apache2-prefork/mod_negotiation.so
LoadModule setenvif_module /usr/lib/apache2-prefork/mod_setenvif.so
LoadModule ssl_module /usr/lib/apache2-prefork/mod_ssl.so
LoadModule suexec_module /usr/lib/apache2-prefork/mod_suexec.so
LoadModule userdir_module /usr/lib/apache2-prefork/mod_userdir.so
LoadModule php4_module /usr/lib/apache2-prefork/libphp4.so
LoadModule perl_module /usr/lib/apache2/mod_perl.so
LoadModule frontpage_module /usr/lib/apache2/mod_frontpage.so
LoadModule rewrite_module /usr/lib/apache2-prefork/mod_rewrite.so
#---------------------------------------------------------------------------
Listen 80
<IfDefine SSL>
<IfDefine !NOSSL>
<IfModule mod_ssl.c>
Listen 443
</IfModule>
</IfDefine>
</IfDefine>
Listen 443
#---------------------------------------------------------------------------
# Formatierung der Logs
# Format string: Nickname:
#
LogFormat "%h %l %u %t \"%r\" %>s %b" common
LogFormat "%v %h %l %u %t \"%r\" %>s %b" vhost_common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent
LogFormat "%h %l %u %t \"%r\" %>s %b \
\"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%v %h %l %u %t \"%r\" %>s %b \
\"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined

# To use %I and %O, you need to enable mod_logio
<IfModule mod_logio.c>
LogFormat "%h %l %u %t \"%r\" %>s %b \
\"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
</IfModule>

# Use one of these when you want a compact non-error SSL logfile on a virtual
# host basis:
<IfModule mod_ssl.c>
Logformat "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \
\"%r\" %b" ssl_common
Logformat "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \
\"%r\" %b \"%{Referer}i\" \"%{User-Agent}i\"" ssl_combined
</IfModule>
#---------------------------------------------------------------------------
# Wird immer von APACHE_MODULES generiert wenn /etc/sysconfig/apache2
# ausgefuehrt wird, NICHT AENDERN!
#Include /etc/apache2/sysconfig.d/global.conf
Timeout 300
ServerSignature on
UseCanonicalName on
ServerTokens OS
LogLevel warn
CustomLog /var/log/apache2/access_log combined
#---------------------------------------------------------------------------
# optional mod_status, mod_info
# Statusmeldungen des laufenden Apache2, nur fuer fuer den Localhost
#Include /etc/apache2/mod_status.conf
#Include /etc/apache2/mod_info.conf
#---------------------------------------------------------------------------
# optional cookie-based user tracking
#<IfModule mod_usertrack.c>
# # This is the default.
# CookieName Apache
#</IfModule>
#---------------------------------------------------------------------------
# Icons die bei Directory-Darstellung benutzt werden.
<IfModule mod_autoindex.c>
IndexOptions FancyIndexing VersionSort NameWidth=*

# Add Last-Modified and ETag values for the listed directory in the HTTP header,
# based on files' modification dates
#IndexOptions +TrackModified

AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip

AddIconByType (TXT,/icons/text.gif) text/*
AddIconByType (IMG,/icons/image2.gif) image/*
AddIconByType (SND,/icons/sound2.gif) audio/*
AddIconByType (VID,/icons/movie.gif) video/*

AddIcon /icons/binary.gif .bin .exe
AddIcon /icons/binhex.gif .hqx
AddIcon /icons/tar.gif .tar
AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv
AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip
AddIcon /icons/a.gif .ps .ai .eps
AddIcon /icons/layout.gif .html .shtml .htm .pdf
AddIcon /icons/text.gif .txt
AddIcon /icons/c.gif .c
AddIcon /icons/p.gif .pl .py
AddIcon /icons/f.gif .for
AddIcon /icons/dvi.gif .dvi
AddIcon /icons/uuencoded.gif .uu
AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl
AddIcon /icons/tex.gif .tex
AddIcon /icons/bomb.gif core

AddIcon /icons/back.gif ..
AddIcon /icons/hand.right.gif README
AddIcon /icons/folder.gif ^^DIRECTORY^^
AddIcon /icons/blank.gif ^^BLANKICON^^

DefaultIcon /icons/unknown.gif

ReadmeName README.html
HeaderName HEADER.html

IndexIgnore .?* *~ *# HEADER* RCS CVS *,v *,t

</IfModule>
#---------------------------------------------------------------------------
# associate MIME types with filename extensions
TypesConfig /etc/apache2/mime.types
DefaultType text/plain
# Catalan (ca) - Croatian (hr) - Czech (cs) - Danish (da) - Dutch (nl)
# English (en) - Esperanto (eo) - Estonian (et) - French (fr) - German (de)
# Greek-Modern (el) - Hebrew (he) - Italian (it) - Japanese (ja)
# Korean (ko) - Luxembourgeois* (ltz) - Norwegian Nynorsk (nn)
# Norwegian (no) - Polish (pl) - Portugese (pt)
# Brazilian Portuguese (pt-BR) - Russian (ru) - Swedish (sv)
# Simplified Chinese (zh-CN) - Spanish (es) - Traditional Chinese (zh-TW)
AddLanguage ca .ca
AddLanguage cs .cz .cs
AddLanguage da .dk
AddLanguage de .de
AddLanguage el .el
AddLanguage en .en
AddLanguage eo .eo
AddLanguage es .es
AddLanguage et .et
AddLanguage fr .fr
AddLanguage he .he
AddLanguage hr .hr
AddLanguage it .it
AddLanguage ja .ja
AddLanguage ko .ko
AddLanguage ltz .ltz
AddLanguage nl .nl
AddLanguage nn .nn
AddLanguage no .no
AddLanguage pl .po
AddLanguage pt .pt
AddLanguage pt-BR .pt-br
AddLanguage ru .ru
AddLanguage sv .sv
AddLanguage zh-CN .zh-cn
AddLanguage zh-TW .zh-tw
<IfModule mod_negotiation.c>
LanguagePriority en ca cs da de el eo es et fr he hr it ja ko ltz nl nn no pl pt pt-BR ru sv zh-CN zh-TW
ForceLanguagePriority Prefer Fallback
</IfModule>
AddCharset ISO-8859-1 .iso8859-1 .latin1
AddCharset ISO-8859-2 .iso8859-2 .latin2 .cen
AddCharset ISO-8859-3 .iso8859-3 .latin3
AddCharset ISO-8859-4 .iso8859-4 .latin4
AddCharset ISO-8859-5 .iso8859-5 .latin5 .cyr .iso-ru
AddCharset ISO-8859-6 .iso8859-6 .latin6 .arb
AddCharset ISO-8859-7 .iso8859-7 .latin7 .grk
AddCharset ISO-8859-8 .iso8859-8 .latin8 .heb
AddCharset ISO-8859-9 .iso8859-9 .latin9 .trk
AddCharset ISO-2022-JP .iso2022-jp .jis
AddCharset ISO-2022-KR .iso2022-kr .kis
AddCharset ISO-2022-CN .iso2022-cn .cis
AddCharset Big5 .Big5 .big5
# For russian, more than one charset is used (depends on client, mostly):
AddCharset WINDOWS-1251 .cp-1251 .win-1251
AddCharset CP866 .cp866
AddCharset KOI8-r .koi8-r .koi8-ru
AddCharset KOI8-ru .koi8-uk .ua
AddCharset ISO-10646-UCS-2 .ucs2
AddCharset ISO-10646-UCS-4 .ucs4
AddCharset UTF-8 .utf8
# not mapped to a specific (iso) standard, but helpful nevertheless:
AddCharset GB2312 .gb2312 .gb
AddCharset utf-7 .utf7
AddCharset utf-8 .utf8
AddCharset big5 .big5 .b5
AddCharset EUC-TW .euc-tw
AddCharset EUC-JP .euc-jp
AddCharset EUC-KR .euc-kr
AddCharset shift_jis .sjis


AddType application/x-compress .Z
AddType application/x-gzip .gz .tgz
AddHandler type-map var

<IfModule mod_mime_magic.c>
MIMEMagicFile /etc/apache2/magic
</IfModule>
AddOutputFilter INCLUDES .shtml
#---------------------------------------------------------------------------
Alias /error/ "/usr/share/apache2/error/"

<IfModule mod_negotiation.c>
<IfModule mod_include.c>
<Directory "/usr/share/apache2/error">
AllowOverride None
Options IncludesNoExec
AddOutputFilter Includes html
AddHandler type-map var
Order allow,deny
Allow from all
LanguagePriority en cs de es fr it nl sv pt-br ro
ForceLanguagePriority Prefer Fallback
</Directory>

ErrorDocument 400 /error/HTTP_BAD_REQUEST.html.var
ErrorDocument 401 /error/HTTP_UNAUTHORIZED.html.var
ErrorDocument 403 /error/HTTP_FORBIDDEN.html.var
ErrorDocument 404 /error/HTTP_NOT_FOUND.html.var
ErrorDocument 405 /error/HTTP_METHOD_NOT_ALLOWED.html.var
ErrorDocument 408 /error/HTTP_REQUEST_TIME_OUT.html.var
ErrorDocument 410 /error/HTTP_GONE.html.var
ErrorDocument 411 /error/HTTP_LENGTH_REQUIRED.html.var
ErrorDocument 412 /error/HTTP_PRECONDITION_FAILED.html.var
ErrorDocument 413 /error/HTTP_REQUEST_ENTITY_TOO_LARGE.html.var
ErrorDocument 414 /error/HTTP_REQUEST_URI_TOO_LARGE.html.var
ErrorDocument 415 /error/HTTP_UNSUPPORTED_MEDIA_TYPE.html.var
ErrorDocument 500 /error/HTTP_INTERNAL_SERVER_ERROR.html.var
ErrorDocument 501 /error/HTTP_NOT_IMPLEMENTED.html.var
ErrorDocument 502 /error/HTTP_BAD_GATEWAY.html.var
ErrorDocument 503 /error/HTTP_SERVICE_UNAVAILABLE.html.var
ErrorDocument 506 /error/HTTP_VARIANT_ALSO_VARIES.html.var
</IfModule>
</IfModule>
#---------------------------------------------------------------------------
<IfDefine SSL>
<IfDefine !NOSSL>
<IfModule mod_ssl.c>

#
# Some MIME-types for downloading Certificates and CRLs
#
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl

# Pass Phrase Dialog:
# Configure the pass phrase gathering process.
# The filtering dialog program (`builtin' is a internal
# terminal dialog) has to provide the pass phrase on stdout.
SSLPassPhraseDialog builtin

# Inter-Process Session Cache:
# Configure the SSL Session Cache: First the mechanism
# to use and second the expiring timeout (in seconds).
# shm means the same as shmht.
# Note that on most platforms shared memory segments are not allowed to be on
# network-mounted drives, so in that case you need to use the dbm method.
#SSLSessionCache none
#SSLSessionCache dbm:/var/lib/apache2/ssl_scache
#SSLSessionCache shmht:/var/lib/apache2/ssl_scache(512000)
SSLSessionCache shmcb:/var/lib/apache2/ssl_scache
SSLSessionCacheTimeout 600

# Semaphore:
# Configure the path to the mutual exclusion semaphore the
# SSL engine uses internally for inter-process synchronization.
#SSLMutex file:/var/lib/apache2/ssl_mutex
SSLMutex sem

# Pseudo Random Number Generator (PRNG):
# Configure one or more sources to seed the PRNG of the
# SSL library. The seed data should be of good random quality.
# WARNING! On some platforms /dev/random blocks if not enough entropy
# is available. This means you then cannot use the /dev/random device
# because it would lead to very long connection times (as long as
# it requires to make more entropy available). But usually those
# platforms additionally provide a /dev/urandom device which doesn't
# block. So, if available, use this one instead. Read the mod_ssl User
# Manual for more details.
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
#SSLRandomSeed startup file:/dev/random 512
#SSLRandomSeed connect file:/dev/random 512
#SSLRandomSeed startup file:/dev/urandom 512
#SSLRandomSeed connect file:/dev/urandom 512

</IfModule>
</IfDefine>
</IfDefine>
#---------------------------------------------------------------------------


httpd_main.conf:


#---------------------------------------------------------------------------
# Root-Verzeichnis des HTTPD
DocumentRoot "/srv/www/htdocs"

<Directory "/srv/www/htdocs">
Options None
AllowOverride None
Order allow,deny
Allow from all
</Directory>
#---------------------------------------------------------------------------
Alias /icons/ "/usr/share/apache2/icons/"

<Directory "/usr/share/apache2/icons">
Options Indexes MultiViews
AllowOverride None
Order allow,deny
Allow from all
</Directory>
#---------------------------------------------------------------------------
#ScriptAlias /cgi-bin/ "/srv/www/cgi-bin/"

#<Directory "/srv/www/cgi-bin">
# AllowOverride None
# Options +ExecCGI -Includes
# Order allow,deny
# Allow from all
#</Directory>
#---------------------------------------------------------------------------
#<IfModule mod_userdir.c>
# UserDir public_html
# <IfModule mod_userdir.c>
# UserDir disabled root
# <Directory /home/*/public_html>
# AllowOverride FileInfo AuthConfig Limit Indexes
# Options MultiViews -Indexes -SymLinksIfOwnerMatch IncludesNoExec
# <Limit GET POST OPTIONS PROPFIND>
# Order allow,deny
# Allow from all
# </Limit>
# <LimitExcept GET POST OPTIONS PROPFIND>
# Order deny,allow
# Deny from all
# </LimitExcept>
# </Directory>
# </IfModule>
#</IfModule>
#---------------------------------------------------------------------------
<Directory "/srv/www/perl-lib">
AllowOverride None
Options None
Order allow,deny
Deny from all
</Directory>

<IfModule mod_perl.c>
PerlRequire "/etc/apache2/mod_perl-startup.pl"

ScriptAlias /perl/ "/srv/www/cgi-bin/"
<Location /perl/>
# mod_perl mode
SetHandler perl-script
PerlResponseHandler ModPerl::Registry
PerlOptions +ParseHeaders
Options +ExecCGI
</Location>

ScriptAlias /cgi-perl/ "/srv/www/cgi-bin/"
<Location /cgi-perl>
# perl cgi mode
SetHandler perl-script
PerlResponseHandler ModPerl::PerlRun
PerlOptions +ParseHeaders
Options +ExecCGI
</Location>

# The /cgi-bin/ ScriptAlias is already set up in httpd.conf

</IfModule>
#---------------------------------------------------------------------------
<IfModule sapi_apache2.c>
AddType application/x-httpd-php .php
AddType application/x-httpd-php .php3
AddType application/x-httpd-php .php4
AddType application/x-httpd-php-source .phps
DirectoryIndex index.php
DirectoryIndex index.php3
DirectoryIndex index.php4
</IfModule>
#---------------------------------------------------------------------------
# Wird immer von APACHE_MODULES generiert wenn /etc/sysconfig/apache2
# ausgefuehrt wird, NICHT AENDERN!
# Im Moment ist dieses File leer
Include /etc/apache2/sysconfig.d/include.conf
#---------------------------------------------------------------------------


Das ist viel Code, sorry, aber ich komme echt nicht weiter. Auch Google bringt nicht viel verwertbares und das was es bringt hängt mit anderen Dingen zusammen.


Gruß Malte

wadesch
14.01.05, 23:01
dann überprüfe mal die Rechte auf das Verzeichnis '/home/subdir' und die darunter liegenden. Der apache sprich user wwwrun sollte da auch rein dürfen.

Multe
15.01.05, 18:02
Die Rechte stimmen ja, das ist das was mich so wundert.

Ich habs vom alten Webserver übernommen und die Rechte genau gleich angepasst.

Gruß Malte

IT-Low
16.01.05, 12:24
#<IfModule mod_userdir.c>
# UserDir public_html
# <IfModule mod_userdir.c>
# UserDir disabled root
# <Directory /home/*/public_html>
# AllowOverride FileInfo AuthConfig Limit Indexes
# Options MultiViews -Indexes -SymLinksIfOwnerMatch IncludesNoExec
# <Limit GET POST OPTIONS PROPFIND>
# Order allow,deny
# Allow from all
# </Limit>
# <LimitExcept GET POST OPTIONS PROPFIND>
# Order deny,allow
# Deny from all
# </LimitExcept>
# </Directory>
# </IfModule>
#</IfModule>


Wieso kommentierst du diesen Abschnitt nicht einfach aus?