I need to change the document root in LAMP, I use Ubuntu 15.
Since I want to have the same www folder for Linux as I have in Windows, I'll be using a mounted location.
To achieve that I ran the following command in Terminal (ALT+SHIFT+T -> to open Terminal):
sudo nano /etc/apache2/apache2.conf
Inside the editor I added the following code to the file:
<Directory /media/my_user_name/WORK/www/>
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
Then I ran sudo nano /etc/apache2/sites-available/000-default.conf
and edited the line containing DocumentRoot to:
DocumentRoot /media/my_user_name/WORK/www
In the end I run sudo service apache2 restart
Now everytime I access localhost I get the following error:
Forbidden
You don't have permission to access / on this server.
Apache/2.4.12 (Ubuntu) Server at localhost Port 80
Looks like I was missing 3 more steps:
1. As suggested by #Ferendevelop I should set permission to 755 running:
sudo chmod 755 /media/my_user_name/WORK/www/
2 Do a chmod +x on the user dir by running:
cd /media/
sudo chmod +x my_user_name
3 Restart Apache2 service by running:
sudo service apache2 restart
Now it works!
PS: Thanks!
Run the following command.
chmod 755 /media/my_user_name/WORK/www/
Related
I'm struggling in creating an FTP user on a Linux server using the command line.
I installed vsftpd
Then i created a user using multiple commands for multiple times like
sudo adduser --home /home/testuser testuser --no-create-home
Added password to it,
Edited etc/vsftpd.conf file,
enabled chroot_local_user=YES,
Added user name to config files, etc etc. But none seems to work.
They are getting created as SFTP users. I disabled the SSH access and then it stopped for FTP too.
What all I need is to do is simply set up an FTP user and jail them to a path without SSH access.
Can anyone help?
I had gone through a lot of posts. But still no solution.
There are lot more FTP serves like vsftpd, ProFTP, and PureFTP.
But with vsftpd there are known issues. That's right. You can use ProFTP and I followed the same method using ProFTP. It worked.
Instead of trying vsftpd,
I used ProFTP and it worked. I followed the below steps and it worked.
ProFTP Setup in Linux:
Document Link
https://www.digitalocean.com/community/tutorials/how-to-set-up-proftpd-on-ubuntu-12-04
sudo apt-get install proftpd (to install)
sudo apt-get remove proftpd (to uninstall)
Edit the ProFTP configuration file located at /etc/proftpd/proftpd.conf to update specific settings
sudo vi /etc/proftpd/proftpd.conf
Make sure the ServerName and MasqueradeAddress are set to the current machine’s Public or Elastic IP Address.
Set RequireValidShell to false. Set DefaultRoot to ~ to jail users to their home directories only.
ServerName "54.187.75.250"
ServerType standalone
MasqueradeAddress 54.187.75.250
RequireValidShell off
DefaultRoot ~
PassivePorts 50000 51000
<IfModule mod_facts.c>
FactsAdvertise off
</IfModule>
Creating an ftp user
Add a ftp user to the system
sudo useradd -m ftpuser (the -m option is to create a home directory for the user)
Set user’s password
sudo passwd ftpuser
At a later time, you may delete the user by executing
sudo deluser ftpuser
Test if FTP server is up and running from a remote machine, login using the id/pwd of the newly created ftpuser
Transfer files back and forth.
Restart FTP server
sudo service proftpd restart
sudo /etc/init.d/proftpd start
I have for some time been manually switching my www/html directory user ownership on my EC2 Instance between apache and EC2-user for some time to allow me switch between installing and updating wordpress plugins or using Coda 2 to upload and update files via FTP.
I have finally reached a point of frustration and am wondering what is the best way to set up my ownership settings on the server to cater for both users having access without having to constantly change the settings.
Here are the commands I use to switch between users:
sudo chown -R apache:apache /var/www/html
sudo chown -R ec2-user /var/www/html
Can someone please advise the safest configurations to avoid constantly switching for the foreseeable future?
add your user to the same user group of apache.
sudo usermod -a -G apache ec2-user
then exit your account then change ownership that include ec2-user in the path
sudo chown -R ec2-user:apache /var/www
I am attempting to make a LAMP box using Vagrant. I have been told that it is quite simple to use. I am completely new to networks and virtual machines and have very little experience with Linux/Ubuntu. I have currently tried following the tutorial on the official documentation page: http://docs.vagrantup.com/v2/getting-started/networking.html.
I have gotten up to the networking article in the documentation and can't seem to get it working.
Now the problem is, due to my inexperience with networking and linux based OS's I have no idea where to begin trouble shooting. I will try to give as much information I can.
I'm running the latest version of Vagrant with the latest version of Virtualbox with Windows 8.1.
As per the tutorial, my current Vagrantfile looks like this:
Vagrant.configure(2) do |config|
config.vm.box = "hashicorp/precise32"
config.vm.provision :shell, path: "bootstrap.sh"
config.vm.network :forwarded_port, host: 4567, guest: 80
end
My bootstrap.sh file looks like this:
#!/usr/bin/env bash
apt-get update
apt-get install -y apache2
if ! [ -L /var/www ]; then
rm -rf /var/www
ln -f /vagrant /var/www
fi
When I went to http://127.0.0.1:4567, it displayed an error page containing this message:
Not Found
The requested URL / was not found on this server.
===================================================
Apache/2.2.22 (Ubuntu) Server at 127.0.0.1 Port 4567
I would rather not edit any config files, unless there was an explanation, as I feel that would be a workaround. But regardless, ANY help would be appreciated. If I need to open up a port, then how do I'm at the point where I'm just considering using XAMPP.
I had same problem. I tried to restart apache from the vagrant box, I got following warning on my terminal.
vagrant#vagrant-ubuntu-trusty-64:~$ sudo service apache2 restart
* Restarting web server apache2
AH00112: Warning: DocumentRoot [/var/www/html] does not exist
AH00558: apache2: Could not reliably determine the server's fully qualified
domain name, using 10.0.2.15. Set the 'ServerName' directive globally to suppress this message
Create a DocumentRoot to fix the 404 issue by creating a directory called /var/www/html
The issue is on /etc/apache2/sites-enabled 000-default file.
Apache2 is pointing to var/www/html and vagrant example to var/www just remove de /html and make a sudo service apache2 restart.
Can you access your web server from inside your virtual machine ?
For example, try curl localhost:80
if curl is not installed, use sudo apt-get install curl on Ubuntu and try again.
Also, have you checked your apache virtual hosts ?
Is there a 000-default file in /etc/apache2/sites-available ?
There are two issues in bootstrap.sh
You need start the web service. You can also vagrant ssh to manually start it
You need make soft link, not hard link.
So the script will be updated as
$ cat bootstrap.sh
#!/usr/bin/env bash
apt-get update
apt-get install -y apache2
if ! [ -L /var/www ]; then
rm -rf /var/www
ln -s /vagrant /var/www
fi
service apache2 start
I've experimented two working solutions:
The first is to change the file /etc/apache2/sites-enabled/000-default.conf modifing DocumentRoot in /var/www instead of /var/www/html
The second is to change the Vagrant file bootstrap.sh in the following way:
#!/usr/bin/env bash
apt-get update
apt-get install -y apache2
if ! [ -L /var/www/html ]; then
rm -rf /var/www/html
ln -fs /vagrant /var/www/html
fi
Beside that, for some reason I've had to change also the configuration of port forwarding in the Vagrantfile, adding the host_ip key, like this:
Vagrant.configure(2) do |config|
config.vm.box = "hashicorp/precise32"
config.vm.provision :shell, path: "bootstrap.sh"
config.vm.network :forwarded_port, host: 4567, guest: 80, host_ip: "127.0.0.1"
end
I'm running into a permissions problem with Cherokee+uWSGI on Ubuntu Server 13.10 intended for a Django production environment. When I start uWSGI manually as root user prior to launching cherokee, everything goes smooth:
sudo uwsgi --ini /home/instytut21/instytut21l/instytut21/uwsgi.ini
But when I try to access the site through the server (running as www-data) without that, I keep getting a 503 Service Unavailable response and the following message in the logs:
sudo cat /var/log/cherokee/instytut21.error.log
realpath() of /home/instytut21/instytut21.pl/instytut21/uwsgi.ini failed:
[core/utils.c line 3574]
I've spent a good while trying to figure out what causes the problem. I've tried giving ownership to $USER:www-data and www-data:www-data with all kinds of file permissions ranging from 600 to 777.
I don't want to run the server as root for security reasons. How can I make the ini file accessible to cherokee?
I finally found a solution to a similar problem at www-data permissions? . I slightly modified it and solved my problem by executing the following commands.
Own the whole directory by me and group www-data:
sudo chown -R $USER:www-data /home/instytut21/instytut21.pl/
Grant all permissions to the group:
sudo chmod -R g+rwx /home/instytut21/instytut21.pl/
Ensure all uploaded filed get the same permissions:
sudo chmod -R g+s /home/instytut21/instytut21.pl/
I have installed apache 2.2 in centos 6. Everything worked fine when the apache folder was at its default location /var/www/html. Then I configured a Virtual host inside my users home folder. After that apache started showing Forbidden You don't have permission error when I tried to go to localhost or 127.0.0.1 from browser.
this is the code i used in httpd.conf
<VirtualHost *:80>
DocumentRoot "/home/anjan/workspace/mfs"
ServerName anjan-centOS
<Directory "/home/anjan/workspace/mfs">
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order Deny,Allow
Allow from all
</Directory>
</VirtualHost>
I also disabled SElinux as was mentioned in some articles but in vain. If anyone could help me out it would be much appreciated.
I solved the problem. After meddling with the permission of the system I found out that the user "anjan" who is owner of /home/anjan had read/write/execute permission on /home/anjan but the group "anjan", created when user "anjan" was created didn't have any permission at all.
ls -l /home/
showed
drwx------. 28 anjan anjan 4096 Jan 21 13:19 anjan
so I changed the permission with this command
chmod -R 770 /home/anjan
ls -l /home/
drwxrwx---. 28 anjan anjan 4096 Jan 21 13:19 anjan
i found out under which user my apache is running from this thread. It was running under user "apache"
so I added user "apache" to group "anjan" with this command.
usermod -G anjan,apache apache
after that voila. No more Forbidden error.
P.S. I did everything as the root user.
UPDATE
It seems the provided link is broken now. Heres another one.
Just to be safe(to avoid future broken links), copying the command here. In terminal type -
ps axo user,group,comm | grep apache
This is (for me at least) a doubtful design. It basically means that the Apache user has WRITE access to all that user's files including secrets for example ssh-keys.
Not fun if a cracker attacks apache.
A simple modification would be while running as 'anjan':
chmod -R g-rwx ~ # undo the unsafe -R first
chmod g+rx ~ ~/workspace
chmod -R g+rx ~/workspace/mfs
If apache is a member of the 'anjan' group.
My recommendation is to use ACL:s if the filesystem supports that.
Is SELinux running now ? It should be so and if is still the case that the SELinux policy blocks apache's access to workspace/mfs a number of messages from sealert should be evident in var/log/messages.
This problem is usually fixed with a judicious usage of setsebol.
Disabling SELinux because something isn't working and recommending that method is njaa....
The original problem is that apache runs as itself and because of that is slumped in the other category when calculating permissions.
chmod o+rx ~anjan/ ~anjan/workspace/ ~anjan/workspace/mfs
should be enough.
CentOS 6 is a free (as in free beer) version of RedHat Enterprise Linux and as such RedHat's document https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Managing_Confined_Services/ is a necessity.