Home > Net >  httpd (apache server) on fedora, symbolic links work but unable to see/access files inside?
httpd (apache server) on fedora, symbolic links work but unable to see/access files inside?

Time:05-19

I'm running httpd on fedora server 35 and want to use it to serve files on my local network. It works fine for files stored under the /var/www/html directory directly (e.g. /var/www/html/videos/video.mp4 can be accessed with http://IP/videos/video.mp4 on any local device).

I want to serve files stored in other locations in the file system. My plan was to create symbolic links to those locations. When I do that, I run into forbidden errors when trying to access the files (e.g. A video file /files/videos/video.mp4 linked with a sym link /var/www/html/videos-link -> /files/videos/ so that I would (theoretically) access it with http://IP/videos-link/video.mp4

I can navigate to http://IP/videos-link fine (an Index of DIRECTORY page, but no files are listed), but trying to access the file (http://IP/videos-link/video.mp4) gives me 403 forbidden.

My config (/etc/httpd/conf/httpd.conf) looks like this (it's a bit messy since I've been trying to fix this myself):

<Directory />
    Options FollowSymLinks Indexes
    AllowOverride All
    Require all granted
</Directory>

...

<Directory "/var/www">
    Options  FollowSymLinks  Indexes
    AllowOverride All
    Require all granted
</Directory>

...

<Directory "/var/www/html">
    Options Indexes FollowSymLinks
    AllowOverride All
    Require all granted
</Directory>

...

<Directory "/files/videos">
    Options Indexes FollowSymLinks
    AllowOverride All
    Require all granted
</Directory>

In attempts to make it work I've made sure the sym link and all the directories have the same owner and that their all 777 so ownership/read perms shouldn't be an issue. Would greatly appreciate some help, thanks.

CodePudding user response:

My issue was with SELinux. To get it working immediately I was able to set SELinux to permissive mode with

# setenforce 0

That refreshes on boot and is probably insecure, so the permanent fix (to just let httpd through) would be:

# semanage permissive -a httpd_t

More details on SELinux in Fedora can be found here: https://docs.fedoraproject.org/en-US/quick-docs/getting-started-with-selinux/

  • Related