> On 18 Jun2021, at 8:00 AM, Bill Cole <[email protected]>wrote:
>
>
> I?m at a loss what to do in response to the reply, below, from Bill Cole.
>
> I note that to the best of my knowledge, nothing changed as to the attributes
> or permissions of any of the user doc folders listed in my httpd-vhosts.conf
> file except as may have been done without my knowledge in an update to macOS
> 11.3 or 11.4, or in case of some change in the MacPorts files supporting
> apache ? but I believe I?m still using the very same configuration files,
> including httpd.conf, httpd-vhosts.conf, and httpd-userdir.conf (and
> /private/etc/hosts) as I have in the past!
>
> 1. What should I do with respect to extended attributes? I get:
>
> [~] % ls -le Sites
> total 32 [some results omitted from list]
> drwxr-xr-x@ 23 me staff 736 Jul 31 2020 Math421Blog
> drwxr-xr-x@ 92 me staff 2944 Apr 10 2015 MyHomePage
> drwxr-xr-x 32 me staff 1024 Jun 12 15:32 RapidWeaver
> drwxr-xr-x@ 20 me staff 640 Jun 17 10:23 html
> drwxr-xr-x 10 me staff 320 Aug 27 2017 newsite
>
> And:
>
> [~] % ls -le Sites/MyHomePage
> total 541576 [I show only a couple of the files & folders]
> drwxr-xr-x@ 73 me staff 2336 Jan 31 2015 Math_127
> drwxr-xr-x@ 146 me staff 4672 Jan 31 2015 Math_131
> -rw-r--r--@ 1 me staff 8331 Apr 10 2015 index.html
> -rw-r--r--@ 1 me staff 39890 Jun 2 2010 me.jpg
> -rw-r--r--@ 1 me staff 695 Feb 24 2011 site.css
> -rw-r--r--@ 1 me staff 1385 Feb 24 2011 style.css
>
> 2. In the vhost-specific error log
> /opt/local/var/log/apache2/me-MyHomePageerror_log I?m finding entries like
> this:
> [Thu Jun 17 15:17:10.509589 2021] [core:error] [pid 13543] (13)Permission
> denied: [client 127.0.0.1:53851] AH00035: access to / denied (filesystem path
> '/Users/me/Sites') because search permissions are missing on a component of
> the path
> [Thu Jun 17 15:17:10.551868 2021] [core:error] [pid 13543] (13)Permission
> denied: [client 127.0.0.1:53851] AH00035: access to /favicon.ico denied
> (filesystem path '/Users/me/Sites') because search permissions are missing on
> a component of the path, referer: http://myhomepage.local/
> [Thu Jun 17 15:19:00.531386 2021] [core:error] [pid 13498] (13)Permission
> denied: [client 127.0.0.1:53909] AH00035: access to / denied (filesystem path
> '/Users/me/Sites') because search permissions are missing on a component of
> the path
> 3. File httpd.conf includes the lines:
> DocumentRoot "/opt/local/www/apache2/html"
> <Directory "/opt/local/www/apache2/html">
> Options Indexes FollowSymLinks
> AllowOverride None
> Require all granted
> </Directory>
> I don?t think that?s changed.
> 4. The errors are occurring with Opera as well as with Safari. I don?t know
> if there?s any browser setting that?s upgrading http to https; I am
> explicitly using the ?http:? prefix in ?http://MyHomePage.local
> <http://myhomepage.local/>"
> On June 13 at 16:21 UTC 2021, Bill Cole <[email protected]> wrote:
>
> On 2021-06-13 at 11:47:53 UTC-0400 (Sun, 13 Jun 2021 11:47:53 -0400)
> Murray Eisenberg <murrayeisenberg at gmail.com
> <https://lists.macports.org/mailman/listinfo/macports-users>>
> is rumored to have said:
>
>> ls -ld Sites
>> drwxr-xr-x@ 18 me staff 576 Feb 27 10:37 Sites
>
> 4 thoughts:
>
> 1. The '@' indicating the existence of extended attributes could be
> overriding the '+' that is shown on files with extended ACLs, so any
> level in the directory tree COULD have an ACL blocking the webserver
> from reading the files or scanning the directories. Check with 'ls -le'
> to be sure. This would be a simple but unlikely cause of the problem.
>
> 2. Check the error logs for details of the failure. There is a
> vhost-specific error log defined, but there should also be a server-wide
> error log which may contain illuminating entries.
>
> 3. Check the main httpd.conf for Directory or Location directives that
> may be interfering with the Directory directives in the VirtualHost
> definition.
>
> 4. Make sure you don't have anything automatically 'upgrading' you to
> HTTPS. This can be in the server config or in a browser setting.
>
>>> On 12 Jun2021, at 8:37 PM, Jeff Greenberg
>>> <listmail.ayendesigns at gmail.com
>>> <https://lists.macports.org/mailman/listinfo/macports-users>> wrote:
>>>
>>> How about the permissions on the Sites folder?
>>>
>>> On Jun 12, 2021, at 20:24, Murray Eisenberg
>>> <murrayeisenberg at gmail.com
>>> <https://lists.macports.org/mailman/listinfo/macports-users>> wrote:
>>>
>>> ?For the Macports apache2 installation, I?m using a non-default
>>> location for my web sites. The httpd.conf includes a
>>> httpd-vhosts.conf file, and the latter includes entries such as:
>>>
>>> <VirtualHost *:80>
>>> DocumentRoot "/Users/me/Sites/MyHomePage"
>>> ServerName MyHomePage.local
>>> ServerAlias www.MyHomePage.local <http://www.myhomepage.local/
>>> <http://www.myhomepage.local/>>
>>> ErrorLog "var/log/apache2/me-MyHomePageerror_log"
>>> CustomLog "var/log/apache2/me-MyHomePage-access_log" common
>>> <Directory /Users/me/Sites/MyHomePage>
>>> Options Indexes FollowSymLinks
>>> Require all granted
>>> </Directory>
>>> </VirtualHost>
>>>
>>> And in my /private/etc/hosts I include the lines:
>>>
>>> 127.0.0.1 localhost
>>> 255.255.255.255 broadcasthost
>>> ::1 localhost
>>> fe80::1%lo0 localhost
>>> 127.0.0.1 me-html.local
>>> 127.0.0.1 MyHomePage.local
>>>
>>> When I start apache and try to open the site MyHomePage.local, i get
>>> error:
>>>
>>> Forbidden You don't have permission to access this resource.
>>>
>>> The permissions on /Users/me/Sites/MyHomePage are:
>>>
>>> drwxr-xr-x@ 92 me staff 2944 Apr 10 2015 MyHomePage
>>>
>>> and the permissions for /Users/me/Sites/MyHomePage/index.html are:
>>>
>>> -rw-r--r--@ 1 me staff 8331 Apr 10 2015 index.html
>>>
>>> What?s wrong?
>
>
>
> On 2021-06-17 at 15:32:38 UTC-0400 (Thu, 17 Jun 2021 15:32:38 -0400)
> Murray Eisenberg <[email protected]>
> is rumored to have said:
>
>> I?m at a loss what to do in response to the reply, below, from Bill
>> Cole….
>>
>> 1. What should I do with respect to extended attributes? I get:
>>
>> [~] % ls -le Sites
>> total 32 [some results omitted from list]
>> drwxr-xr-x@ 23 me staff 736 Jul 31 2020 Math421Blog
>> drwxr-xr-x@ 92 me staff 2944 Apr 10 2015 MyHomePage
>> drwxr-xr-x 32 me staff 1024 Jun 12 15:32 RapidWeaver
>> drwxr-xr-x@ 20 me staff 640 Jun 17 10:23 html
>> drwxr-xr-x 10 me staff 320 Aug 27 2017 newsite
>>
>> And:
>>
>> [~] % ls -le Sites/MyHomePage
>> total 541576 [I show only a couple of the files & folders]
>> drwxr-xr-x@ 73 me staff 2336 Jan 31 2015 Math_127
>> drwxr-xr-x@ 146 me staff 4672 Jan 31 2015 Math_131
>> -rw-r--r--@ 1 me staff 8331 Apr 10 2015 index.html
>> -rw-r--r--@ 1 me staff 39890 Jun 2 2010 me.jpg
>> -rw-r--r--@ 1 me staff 695 Feb 24 2011 site.css
>> -rw-r--r--@ 1 me staff 1385 Feb 24 2011 style.css
>
> That's fine as is. If extended ACLs were your issue, the 'e' option to
> ls would have displayed them.
>
>
>> 2. In the vhost-specific error log
>> /opt/local/var/log/apache2/me-MyHomePageerror_log I?m finding
>> entries like this:
>> [Thu Jun 17 15:17:10.509589 2021] [core:error] [pid 13543]
>> (13)Permission denied: [client 127.0.0.1:53851] AH00035: access to /
>> denied (filesystem path '/Users/me/Sites') because search permissions
>> are missing on a component of the path
>> [Thu Jun 17 15:17:10.551868 2021] [core:error] [pid 13543]
>> (13)Permission denied: [client 127.0.0.1:53851] AH00035: access to
>> /favicon.ico denied (filesystem path '/Users/me/Sites') because search
>> permissions are missing on a component of the path, referer:
>> http://myhomepage.local/
>> [Thu Jun 17 15:19:00.531386 2021] [core:error] [pid 13498]
>> (13)Permission denied: [client 127.0.0.1:53909] AH00035: access to /
>> denied (filesystem path '/Users/me/Sites') because search permissions
>> are missing on a component of the path
>
> There's the critical clue!
>
> Your home directory is probably not world-searchable. To eliminate the
> reported error definitively:
>
> sudo chmod a+x /Users /Users/me /Users/me/Sites
>
> ...
>
>> On June 13 at 16:21 UTC 2021, Bill Cole <[email protected]> wrote:
>>
>> On 2021-06-13 at 11:47:53 UTC-0400 (Sun, 13 Jun 2021 11:47:53 -0400)
>> Murray Eisenberg <murrayeisenberg at gmail.com
>> <https://lists.macports.org/mailman/listinfo/macports-users>>
>> is rumored to have said:
>>
>>> ls -ld Sites
>>> drwxr-xr-x@ 18 me staff 576 Feb 27 10:37 Sites
>>
>> 4 thoughts:
>>
>> 1. The '@' indicating the existence of extended attributes could be
>> overriding the '+' that is shown on files with extended ACLs, so any
>> level in the directory tree COULD have an ACL blocking the webserver
>> from reading the files or scanning the directories. Check with 'ls
>> -le'
>> to be sure. This would be a simple but unlikely cause of the problem.
>>
>> 2. Check the error logs for details of the failure. There is a
>> vhost-specific error log defined, but there should also be a
>> server-wide
>> error log which may contain illuminating entries.
>>
>> 3. Check the main httpd.conf for Directory or Location directives that
>> may be interfering with the Directory directives in the VirtualHost
>> definition.
>>
>> 4. Make sure you don't have anything automatically 'upgrading' you to
>> HTTPS. This can be in the server config or in a browser setting.
>>
>>>> On 12 Jun2021, at 8:37 PM, Jeff Greenberg
>>>> <listmail.ayendesigns at gmail.com
>>>> <https://lists.macports.org/mailman/listinfo/macports-users>> wrote:
>>>>
>>>> How about the permissions on the Sites folder?
>>>>
>>>> On Jun 12, 2021, at 20:24, Murray Eisenberg
>>>> <murrayeisenberg at gmail.com
>>>> <https://lists.macports.org/mailman/listinfo/macports-users>> wrote:
>>>>
>>>> ?For the Macports apache2 installation, I?m using a non-default
>>>> location for my web sites. The httpd.conf includes a
>>>> httpd-vhosts.conf file, and the latter includes entries such as:
>>>>
>>>> <VirtualHost *:80>
>>>> DocumentRoot "/Users/me/Sites/MyHomePage"
>>>> ServerName MyHomePage.local
>>>> ServerAlias www.MyHomePage.local <http://www.myhomepage.local/
>>>> <http://www.myhomepage.local/>>
>>>> ErrorLog "var/log/apache2/me-MyHomePageerror_log"
>>>> CustomLog "var/log/apache2/me-MyHomePage-access_log" common
>>>> <Directory /Users/me/Sites/MyHomePage>
>>>> Options Indexes FollowSymLinks
>>>> Require all granted
>>>> </Directory>
>>>> </VirtualHost>
>>>>
>>>> And in my /private/etc/hosts I include the lines:
>>>>
>>>> 127.0.0.1 localhost
>>>> 255.255.255.255 broadcasthost
>>>> ::1 localhost
>>>> fe80::1%lo0 localhost
>>>> 127.0.0.1 me-html.local
>>>> 127.0.0.1 MyHomePage.local
>>>>
>>>> When I start apache and try to open the site MyHomePage.local, i get
>>>> error:
>>>>
>>>> Forbidden You don't have permission to access this resource.
>>>>
>>>> The permissions on /Users/me/Sites/MyHomePage are:
>>>>
>>>> drwxr-xr-x@ 92 me staff 2944 Apr 10 2015 MyHomePage
>>>>
>>>> and the permissions for /Users/me/Sites/MyHomePage/index.html are:
>>>>
>>>> -rw-r--r--@ 1 me staff 8331 Apr 10 2015 index.html
>>>>
>>>> What?s wrong?
Indeed,
sudo chmod a+x /Users /Users/me /Users/me/Sites
fixed the permissions access problem.
Is there some alternative way to fix this — by changing the owner of just
/Users/me/Sites and its tree of descendents and/or by changing settings in the
entries of
/opt/local/etc/apache2/extra/httpd-vhosts.conf ?
And if there is no such alternative, then why would permissions on /Users,
/Users/me, and /Users/me/Sites have changed away from a+x, seemingly without my
own intervention, during some macOS upgrade?
---
Murray Eisenberg [email protected]
503 King Farm Blvd #101
Rockville, MD 20850-6667 Mobile (413)-427-5334
