RE: [users@httpd] Permission Still Denied with Moodle
Hi, Just thought I'd give an update in case anyone else is having server problems on Fedora 19 now that it uses FirewallD and sees this thread later. A permanent solution is to copy the zone file you want from /usr/lib/firewalld/zones/ to /etc/firewalld/zones/ then edit that file to add a service and a port:service name=http/port port=80 protocol=tcp|udp/Reboot and the site is served. A zone is a settings profile. The one active by default on my system was public.xml, which is described as For use in public areas. You do not trust the other computers on networks to not harm your computer. Only selected incoming connections are accepted. I'm not sure how secure this is, as many people still use iptables and consider FirewallD too new for their security, so if anyone has any ideas about safer settings, I'd be willing to listen.I didn't try Paul's advice to set my residential router to a static IP as I connect to the internet through a cable modem that changes the IP if it gets turned off, and since the router works for other boxes and I found a solution with FirewallD, I went with that. Thanks again for all the help, Timothy Curchod. Date: Tue, 15 Oct 2013 12:32:39 -0400 To: users@httpd.apache.org From: storm...@stormy.ca Subject: Re: [users@httpd] Permission Still Denied with Moodle At 10:00 PM 10/14/2013 -0400, Yehuda Katz wrote: On Mon, Oct 14, 2013 at 6:06 AM, Timothy Curchod timof...@hotmail.com wrote: The bad news is that in the error log there is nothing when going to http://192.186.1.100/info.php or http://*my*.*ip*.*goes*.*here*/info.php. Localhost works fine. So if there is no error in the httpd error_log, then I am on the wrong mailing list now, right? It's not an Apache problem, it's a network setup/hardware issue. To recap, the problem now is that requests through localhost work properly and other requests time out. Is that correct? To me this really indicates that either Apache is not listening on other IPs (which we went through already) or (not sure why I did not mention this sooner) you might have a firewall in the way. Can you check if you have a firewall (like iptables) running on the system? I *could* be way off track, but, as I wrote previously, this user has a Linksys WRT54C router using Automatic Configuration DHCP -- this is quite an old residential item, and istr that these were problematic. I can't even remember if it's a modem as well as a router. In any case, try setting it to static IP (or particularly if it's a modem, set to straight through, disable any IP intervention and rely on your server set up for routing and firewall.) Best - Paul
RE: [users@httpd] Permission Still Denied with Moodle
Hi again Yehuda, Where is the iptables firewall configuration? Oh, that's no longer the default firewall in Fedora. Let me introduce you to FirewallD:#firewall-cmd --staterunning#firewall-cmd get-default-zonepublic#systemctl stop firewalld.service Webservice on port 80 restored. Success. Now all ip addresses are accessible!The two boxes here, one running Fedora 10, and this one running Fedora 19 can't be more different. The desktop, Gnome, screensavers, etc, and now the firewall are completely different. Thankfully the terminal and gedit are still the same.Yehuda, Eric, Stormy, and anyone who read my e-mails, thanks for the help.Now it's time to read the huge document at http://fedoraproject.org/wiki/FirewallD to figure out how to work this thing. Timothy. From: yeh...@ymkatz.net Date: Mon, 14 Oct 2013 22:00:43 -0400 To: users@httpd.apache.org Subject: Re: [users@httpd] Permission Still Denied with Moodle On Mon, Oct 14, 2013 at 6:06 AM, Timothy Curchod timof...@hotmail.com wrote: The bad news is that in the error log there is nothing when going to http://192.186.1.100/info.php or http://*my*.*ip*.*goes*.*here*/info.php. Localhost works fine. So if there is no error in the httpd error_log, then I am on the wrong mailing list now, right? It's not an Apache problem, it's a network setup/hardware issue. To recap, the problem now is that requests through localhost work properly and other requests time out. Is that correct? To me this really indicates that either Apache is not listening on other IPs (which we went through already) or (not sure why I did not mention this sooner) you might have a firewall in the way. Can you check if you have a firewall (like iptables) running on the system?
RE: [users@httpd] Permission Still Denied with Moodle
Hi Yehuda and all, I set the timezone correctly, that's the good news. The bad news is that in the error log there is nothing when going to http://192.186.1.100/info.php or http://*my*.*ip*.*goes*.*here*/info.php. Localhost works fine. The network card I have nforce or marvell. That's what the computer guy said. Since it's not actually a 'card' I have no idea. There are two jacks in the motherboard, but only one appears to work. So if there is no error in the httpd error_log, then I am on the wrong mailing list now, right? It's not an Apache problem, it's a network setup/hardware issue.Here is the clean error log:[Mon Oct 14 18:11:02.104234 2013] [suexec:notice] [pid 2597] AH01232: suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)[Mon Oct 14 18:11:02.145561 2013] [auth_digest:notice] [pid 2597] AH01757: generating secret for digest authentication ...[Mon Oct 14 18:11:02.146653 2013] [lbmethod_heartbeat:notice] [pid 2597] AH02282: No slotmem from mod_heartmonitor[Mon Oct 14 18:11:02.266021 2013] [mpm_prefork:notice] [pid 2597] AH00163: Apache/2.4.6 (Fedora) PHP/5.5.4 configured -- resuming normal operations[Mon Oct 14 18:11:02.266092 2013] [core:notice] [pid 2597] AH00094: Command line: '/usr/sbin/httpd -D FOREGROUND'[Mon Oct 14 18:32:16.913085 2013] [mpm_prefork:notice] [pid 2597] AH00170: caught SIGWINCH, shutting down gracefully[Mon Oct 14 18:37:21.337310 2013] [suexec:notice] [pid 899] AH01232: suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)[Mon Oct 14 18:37:21.568712 2013] [auth_digest:notice] [pid 899] AH01757: generating secret for digest authentication ...[Mon Oct 14 18:37:21.574499 2013] [lbmethod_heartbeat:notice] [pid 899] AH02282: No slotmem from mod_heartmonitor[Mon Oct 14 18:37:34.205132 2013] [mpm_prefork:notice] [pid 899] AH00163: Apache/2.4.6 (Fedora) PHP/5.5.4 configured -- resuming normal operations[Mon Oct 14 18:37:34.205218 2013] [core:notice] [pid 899] AH00094: Command line: '/usr/sbin/httpd -D FOREGROUND'Any hints about how to debug this problem, or where I should ask? Timothy. From: yeh...@ymkatz.net Date: Sun, 13 Oct 2013 13:36:26 -0400 To: users@httpd.apache.org Subject: Re: [users@httpd] Permission Still Denied with Moodle On Sun, Oct 13, 2013 at 10:37 AM, Timothy Curchod timof...@hotmail.com wrote: Hi again Yehuda, I pasted that Listen 192.0.2.100:80 number from some code example and didn't notice that it wasn't localhost. I'm getting tired here. However, that using 192.168.1.100:80 didn't work. And, if that value is in the config file, the localhost option wont work either! Also, I forgot to say that I tried to access 192.186.1.100/info.php from the other box and it failed. Do you have the exact error? Does it say the port is in use or some other error? I got an Invalid date.timezone value 'KST' error for Korean Standard Time! I will have to find the right setting.See the PHP timezone list: http://php.net/manual/en/timezones.php: I am guessing you want Asia/Seoul. - Y
RE: [users@httpd] Permission Still Denied with Moodle
Hello everyone, Hope you're all having a good weekend. The good news here is that I've solved the localhost problem. The moodle config file, when set with this value $CFG-wwwroot = 'localhostmoodle'; and then going to 'http://localhost/moodle' works and is fully functional. However, changing that value to '$CFG-wwwroot = 'http://*my*.*ip*.*goes*.*here*:80/moodle'; and going to http://*my*.*ip*.*goes*.*here*:80/moodle doesn't. Google Chrome removes the :80 for some reason from the address bar (Firefox doesn't) and it takes almost a minute to come back with the Oops! message, as if the server is not on. But if I change the config.php file for moodle to respond to localhost, it responds right away with the index.php. Another test file works on localhost, but again is not served from the web. The full httpd error log for the problem can be seen here: http://pastebin.com/WuF1xsD3The first error from which is:[autoindex:error] [pid 4396] [client 127.0.0.1:40388] AH01276: Cannot serve directory /var/www/html/: No matching DirectoryIndex (index.html,index.php) found, and server-generated directory index forbidden by Options directive, referer: http://localhost/moodle/login/index.php Why is it then forbidden to serve something to the web that is OK for localhost? Is the router a problem? Is Tomcat listening on Port 8080 on a different box causing a problem with this box listening on port 80? The Apache config file is set to listen to 80. I tried some other values for this, changing them in the router and the config file and none worked. The Linksys WRT54C router using Automatic Configuration DHCP is set as follows:Port RangeApplicationStart End Protocol IP Address EnableApache httpd 80 to 80 Both 192.168.1.100 Check Apache Tomcat 8080 to 8080Both 192.168.1.126 Check (Both means TCP and UDP) Taking moodle out of the picture and running strace on http://211.220.31.50/test.html cuases the same error. So it's not a Moodle problem. Here are some more details I may or may not have posted in earlier e-mails: netstat -ln | grep 80tcp6 0 0 :::80 :::* LISTEN unix 2 [ ACC ] STREAM LISTENING 18068 @/tmp/.ICE-unix/1205unix 2 [ ACC ] STREAM LISTENING 18069 /tmp/.ICE-unix/1205 httpd -SVirtualHost configuration:ServerRoot: /etc/httpdMain DocumentRoot: /var/www/htmlMain ErrorLog: /etc/httpd/logs/error_logMutex proxy: using_defaultsMutex authn-socache: using_defaultsMutex default: dir=/run/httpd/ mechanism=default Mutex mpm-accept: using_defaultsMutex authdigest-opaque: using_defaultsMutex proxy-balancer-shm: using_defaultsMutex rewrite-map: using_defaultsMutex authdigest-client: using_defaultsPidFile: /run/httpd/httpd.pidDefine: DUMP_VHOSTSDefine: DUMP_RUN_CFGUser: name=apache id=48Group: name=apache id=48 Date: Thu, 10 Oct 2013 19:11:17 -0400 To: users@httpd.apache.org From: storm...@stormy.ca Subject: RE: [users@httpd] Permission Still Denied with Moodle At 10:17 AM 10/10/2013 +, you wrote: [snip] /sbin/ifconfig em1: flags=4163UP,BROADCAST,RUNNING,MULTICAST mtu 1500 inet 192.168.1.100 netmask 255.255.255.0 broadcast 192.168.1.255 ^^ Have you got a router set up for DHCP? [snip] Something funny is going on with the ip address however. When I go to localhost, like I said before, it prints this message: Incorrect access detected, this server may be accessed only through http://*.*.*.30:80/moodle; address, sorry. Best - Paul - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
RE: [users@httpd] Permission Still Denied with Moodle
Yehuda, Thanks for you replies. I will set the timezone as you suggest. I also disabled mod_autoindex by commenting out the Options Indexes FollowSymLinks line in the httpd.conf file. However, it doesn't help the situation. You may be right about the IP4 IPv6 idea. I have a strange network card that has two ports with cables leading to the motherboard, the likes of which I've never used before. I ran nestat on the two boxes behind my router and got this.On my other box running Fedoa 11, the netstat command says TCP 0 0 :::8080 :::*LISTEN 5418:javaOn the Fedora 19 box:tcp6 0 0 :::80 :::*LISTEN 11739/httpd Does that tcp6 mean IPv6? I'm not sure. Then I read this on Apache about IPv4 and IPv6: If you want Apache to handle IPv4 connections only, regardless of what your platform and APR will support, specify an IPv4 address on all Listen directives, as in the following examples:Listen 0.0.0.0:80Listen 192.0.2.1:80If your platform supports it and you want Apache to handle IPv4 and IPv6 connections on separate sockets (i.e., to disable IPv4-mapped addresses), specify the --disable-v4-mapped configure option.(http://httpd.apache.org/docs/2.2/en/bind.html) SO I tried:#Listen 80Listen 192.0.2.100:80 But got this error and Apache failed to start. Active: failed (Result: exit-code) since Sun 2013-10-13 22:42:53 KST; 1min 4s ago Process: 12488 ExecStop=/usr/sbin/httpd $OPTIONS -k graceful-stop (code=exited, status=0/SUCCESS) Process: 3893 ExecReload=/usr/sbin/httpd $OPTIONS -k graceful (code=exited, status=0/SUCCESS) Process: 12487 ExecStart=/usr/sbin/httpd $OPTIONS -DFOREGROUND (code=exited, status=1/FAILURE) Status: Total requests: 1; Current requests/sec: 0; Current traffic: 0 B/secOct 13 22:42:53 localhost.localdomain httpd[12487]: (99)Cannot assign requested address: AH00072: make_sock: could not bind to address 192.0.2.100:80 I'm not sure how to use that configure option '--disable-v4-mapped'. Where does that go? It seems like a start up script flag, but I use systemctl to start httpd. I couldn't find an example of how to use that. Will that add IPv4 address listening? Timothy Curchod. From: yeh...@ymkatz.net Date: Sun, 13 Oct 2013 09:47:30 -0400 To: users@httpd.apache.org Subject: Re: [users@httpd] Permission Still Denied with Moodle Now that I am at the computer, a more in-depth reply. On Sun, Oct 13, 2013 at 8:17 AM, Timothy Curchod timof...@hotmail.com wrote: However, changing that value to '$CFG-wwwroot = 'http://*my*.*ip*.*goes*.*here*:80/moodle'; and going to http://*my*.*ip*.*goes*.*here*:80/moodle doesn't. Google Chrome removes the :80 for some reason from the address bar (Firefox doesn't) Because the :80 is redundant according to Chrome because 80 is the well-known port for http. and it takes almost a minute to come back with the Oops! message, as if the server is not on. That is because the request is not rejected or accepted, it just times out. The full httpd error log for the problem can be seen here: http://pastebin.com/WuF1xsD3 The first error from which is: [autoindex:error] [pid 4396] [client 127.0.0.1:40388] AH01276: Cannot serve directory /var/www/html/: No matching DirectoryIndex (index.html,index.php) found, and server-generated directory index forbidden by Options directive, referer: http://localhost/moodle/login/index.php Server generated directory index is talking about mod_autoindex and for a production system, it should be disabled unless you specifically need it.You need to see why the login page is redirecting you to the wrong place. I imagine that after login, you should be redirected to /moodle, not / as the error log indicated is happening. Also, I recommend you set your timezone in php.ini as mentioned in the error log. It will save you from some odd situations where date functions don't work properly. Why is it then forbidden to serve something to the web that is OK for localhost? The error log does not indicate that this is the case. To the contrary, every entry in the log that references a client says the source is 127.0.0.1 (a.k.a. localhost). The Linksys WRT54C router using Automatic Configuration DHCP is set as follows: Port RangeApplication Start End Protocol IP Address Enable Apache httpd80 to 80 Both 192.168.1.100 Check Apache Tomcat 8080 to 8080Both 192.168.1.126 Check (Both means TCP and UDP) Can you take the linksys out of the picture by accessing 192.168.1.100 from another computer inside your network? Taking moodle out of the picture and running strace on http://211.220.31.50/test.html cuases the same error. So it's not a Moodle problem. Since this thread has mentioned several different errors (permissions, DirectoryIndex, timeout) which one are you referring to? netstat -ln | grep 80 tcp6 0 0
RE: [users@httpd] Permission Still Denied with Moodle
Hi again Yehuda, I pasted that Listen 192.0.2.100:80 number from some code example and didn't notice that it wasn't localhost. I'm getting tired here.However, that using 192.168.1.100:80 didn't work. And, if that value is in the config file, the localhost option wont work either! Also, I forgot to say that I tried to access 192.186.1.100/info.php from the other box and it failed. I got an Invalid date.timezone value 'KST' error for Korean Standard Time! I will have to find the right setting. Speaking of timezones, it's time to switch off here.I definitely won't be building Apache from source tonight! I will pick up with this problem tomorrow. Timothy. From: yeh...@ymkatz.net Date: Sun, 13 Oct 2013 10:20:58 -0400 To: users@httpd.apache.org Subject: Re: [users@httpd] Permission Still Denied with Moodle On Sun, Oct 13, 2013 at 10:10 AM, Timothy Curchod timof...@hotmail.com wrote: SO I tried: #Listen 80Listen 192.0.2.100:80 But got this error and Apache failed to start. Active: failed (Result: exit-code) since Sun 2013-10-13 22:42:53 KST; 1min 4s ago Process: 12488 ExecStop=/usr/sbin/httpd $OPTIONS -k graceful-stop (code=exited, status=0/SUCCESS) Process: 3893 ExecReload=/usr/sbin/httpd $OPTIONS -k graceful (code=exited, status=0/SUCCESS) Process: 12487 ExecStart=/usr/sbin/httpd $OPTIONS -DFOREGROUND (code=exited, status=1/FAILURE) Status: Total requests: 1; Current requests/sec: 0; Current traffic: 0 B/secOct 13 22:42:53 localhost.localdomain httpd[12487]: (99)Cannot assign requested address: AH00072: make_sock: could not bind to address 192.0.2.100:80 Why did you choose 192.0.2.100? You need to use an address that is already bound to your network card. I'm not sure how to use that configure option '--disable-v4-mapped'. Where does that go? It seems like a start up script flag, but I use systemctl to start httpd. I couldn't find an example of how to use that. Will that add IPv4 address listening? You need to do that is you build the server from source. It does not apply to you if you are using a packaged version. - Y
RE: [users@httpd] Permission Still Denied with Moodle
don't want to suggest anything you already tried. Did you try changing the SELinux context (I think the correct one should be httpd_sys_content_t)? - Y On Wed, Oct 9, 2013 at 7:34 PM, Timothy Curchod timof...@hotmail.com wrote: Thanks for the reply Yehuda. Here is the info you asked about. ls -l lrwxrwxrwx. 1 root root 7 Oct 8 17:13 bin - usr/bin dr-xr-xr-x. 5 root root 1024 Oct 8 17:31 boot drwxr-xr-x 19 root root 3440 Oct 10 07:02 dev drwxr-xr-x. 144 root root 12288 Oct 10 07:02 etc drwxr-xr-x. 4 root root 4096 Jul 8 17:56 home lrwxrwxrwx. 1 root root 7 Oct 8 17:13 lib - usr/lib lrwxrwxrwx. 1 root root 9 Oct 8 17:13 lib64 - usr/lib64 drwx--. 2 root root 16384 Jun 28 02:09 lost+found drwxr-xr-x. 2 root root 4096 Jul 8 17:56 media drwxr-xr-x. 3 root root 4096 Jul 8 17:56 mnt drwxr-xr-x. 3 root root 4096 Oct 8 18:42 opt dr-xr-xr-x 166 root root 0 Oct 10 07:02 proc dr-xr-x---. 5 root root 4096 Oct 9 22:42 root drwxr-xr-x 39 root root 1180 Oct 10 07:02 run lrwxrwxrwx. 1 root root 8 Oct 8 17:13 sbin - usr/sbin drwxr-xr-x. 2 root root 4096 Jul 8 17:56 srv dr-xr-xr-x 13 root root 0 Oct 10 07:02 sys drwxrwxrwt 13 root root 280 Oct 10 07:03 tmp drwxr-xr-x. 13 root root 4096 Oct 8 17:13 usr drwxr-xr-x. 23 root root 4096 Oct 9 12:21 var Also, moodle requires a data folder which I put in var with 777 permissions: drwxrwxrwx. 6 root root 4096 Oct 9 12:55 moodledata httpd -S VirtualHost configuration: ServerRoot: /etc/httpd Main DocumentRoot: /var/www/html Main ErrorLog: /etc/httpd/logs/error_log Mutex proxy: using_defaults Mutex authn-socache: using_defaults Mutex default: dir=/run/httpd/ mechanism=default Mutex mpm-accept: using_defaults Mutex authdigest-opaque: using_defaults Mutex proxy-balancer-shm: using_defaults Mutex rewrite-map: using_defaults Mutex authdigest-client: using_defaults PidFile: /run/httpd/httpd.pid Define: DUMP_VHOSTS Define: DUMP_RUN_CFG User: name=apache id=48 not_used Group: name=apache id=48 not_used I have a Linksys router which has settings as such: StartEndProtocolIP Address 80 80 both 192.168.1.100 80808080 both192.168.1.126 -- used with Tomcat which runs fine on another box. This is in the httpd.config file: # # Listen: Allows you to bind Apache to specific IP addresses and/or # ports, instead of the default. See also the VirtualHost # directive. # # Change this to Listen on specific IP addresses as shown below to # prevent Apache from glomming onto all bound IP addresses. # #Listen 12.34.56.78:80 Listen 80 What am I doing wrong? Notice that info.php is in the documents directory and I can access it fine. -rw-r--r--. 1 apache root 20 Oct 9 11:32 info.php I tried to create the page as my regular user, but was unable to save in that directory, so I ended up creating it as root. How am I going to be able to work on Moodle development if I can’t modify files in the www/html folder as a regular user? This is a development server with one user, myself. Should I make all the files match the permissions on info.php and do all my work as root? Thanks for any help, Timothy. From: yeh...@ymkatz.net Date: Wed, 9 Oct 2013 12:18:56 -0400 To: users@httpd.apache.org Subject: Re: [users@httpd] Permission Still Denied with Moodle AH00035: access to /moodle/ denied (filesystem path '/var/www/html/moodle') because search permissions are missing on a component of the path This implies that the x permission is missing. You posted for every directory except /var . What are its permissions?I have no idea if selinux could get in the way or if setenforce 0 really gets rid of it. Incorrect access detected, this server may be accessed only through http://*my ip*/moodle address, sorry. Please notify server administrator. Does Moodle modify the default 403 error page? That is probably what this is. If I use http://*my ip*/moodle or http://*my ip*:80/moodle I get this error: Oops! Google Chrome could not connect to *my ip*Is apache set to listen to an IP besides 127.0.0.1?Run httpd -S for the list of active vhosts. - Y On Wed, Oct 9, 2013 at 4:19 AM, Timothy Curchod timof...@hotmail.com wrote: Hi, I've tried a few times to setup moodle on LAMP but failed each time with the following errors: If I use localhost/moodle, I get this error: Incorrect access detected, this server may be accessed only through http://*my ip*/moodle address, sorry. Please notify server administrator. If I use http://*my ip*/moodle or http://*my ip*:80/moodle I get this error: Oops! Google Chrome could not connect to *my ip* If I look in the /etc/httpd/logs/error_log I see: [Wed Oct 09 14:59:46.240266 2013] [core:error] [pid 2279] (13)Permission denied: [client 127.0.0.1:43084] AH00035: access to /moodle/ denied (filesystem path '/var/www/html
RE: [users@httpd] Permission Still Denied with Moodle
Hi again. Stormy, I don't know if it's set to use DHCP. I believe so, but I will check when I can this evening. How would that affect my situation? Tomcat is running fine behind the router on a different box... And the 'strange behavior' was because I had set the wrong ip during moodle installation. I fixed that, but still, localhost and the ip are denied with the details listed below. Eric, I don't know what ITK MPM is. I don't use it intentionally at least. It says (Multi-Processing Module) for the Apache web server. mpm-itk allows you to run each of your vhost under a separate uid and gid. When I installed php, I also added these modules, when really I only needed mysql, as far as I know for moodle. After seeing all those magickwand statements in the strace, I'm thinking I should uninstall that if it's not needed. Here was the list: yum install php-mysqlnd php-gd php-imap php-ldap php-odbc php-pear php-xml php-xmlrpc php-magickwand php-mbstring php-mcrypt php-mssql php-shout php-snmp php-soap php-tidy In your second email, I assume you’re talking about the /etc/httpd/logs/error_log message access to /moodle/ denied (filesystem path '/var/www/html/moodle') because search permissions are missing on a component of the path message? That was in the Apache error log. Here is exactly what I did: # service httpd stop# strace -f -o /tmp/strace.out apachectl -XGo to localhost/moodle.See the “Incorrect access detected, this server may be accessed only through http://*.*.*.50:80/moodle; address, sorry. Please notify server administrator. This page should automatically redirect. If nothing is happening please use the continue link below.”Get redirected to that address. See the Chrome “Oops “message.Here is the httpd is the end of the /etc/httpd/logs/error_log http://pastebin.com/0HuwTVRE Here is the /tmp/strace.out file with all the mentions of moodle pasted (there was no EACCES string this time). http://pastebin.com/3F9nhyTG Date: Thu, 10 Oct 2013 19:11:17 -0400 To: users@httpd.apache.org From: storm...@stormy.ca Subject: RE: [users@httpd] Permission Still Denied with Moodle At 10:17 AM 10/10/2013 +, you wrote: [snip] /sbin/ifconfig em1: flags=4163UP,BROADCAST,RUNNING,MULTICAST mtu 1500 inet 192.168.1.100 netmask 255.255.255.0 broadcast 192.168.1.255 ^^ Have you got a router set up for DHCP? [snip] Something funny is going on with the ip address however. When I go to localhost, like I said before, it prints this message: Incorrect access detected, this server may be accessed only through http://*.*.*.30:80/moodle; address, sorry. Best - Paul - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
[users@httpd] Permission Still Denied with Moodle
Hi, I've tried a few times to setup moodle on LAMP but failed each time with the following errors: If I use localhost/moodle, I get this error: Incorrect access detected, this server may be accessed only through http://*my ip*/moodle address, sorry. Please notify server administrator. If I use http://*my ip*/moodle or http://*my ip*:80/moodle I get this error: Oops! Google Chrome could not connect to *my ip* If I look in the /etc/httpd/logs/error_log I see: [Wed Oct 09 14:59:46.240266 2013] [core:error] [pid 2279] (13)Permission denied: [client 127.0.0.1:43084] AH00035: access to /moodle/ denied (filesystem path '/var/www/html/moodle') because search permissions are missing on a component of the path The wiki says this is an error 13 which indicates a filesystem permissions problem but I can't see where. I've looked at a lot of questions relating to permission problems that people have had and it all seems to show that I have things set up correctly, or have tried the things that should work. /etc/httpd/conf/httpd.conf contains...User apacheGroup apache...Directory / AllowOverride noneRequire all denied/Directory...Directory /var/www AllowOverride None# Allow open access:Require all granted/Directory...Directory /var/www/htmlOptions Indexes FollowSymLinks#AllowOverride Noneall Require all granted/Directory My directory permissions are: drwxrwxr-x. 4 apache apache 4096 Oct 9 08:23 www drwxrwxr-x. 2 apache apache 4096 Jul 31 15:50 cgi-bindrwxrwxr-x. 3 apache apache 4096 Oct 9 14:07 html -rw-r--r--. 1 apache root 20 Oct 9 11:32 info.phpdrwxr-xr-x. 44 apache apache 4096 Oct 9 14:18 moodle -rw-r-. 1 apache apache690 Oct 9 14:18 config.php-rwxr-xr-x. 1 apache timothy 35147 Oct 4 11:43 COPYING.txtdrwxr-xr-x. 7 apache timothy 4096 Oct 9 14:06 course-rwxr-xr-x. 1 apache timothy 2594 Oct 4 11:43 draftfile.phpdrwxr-xr-x. 17 apache timothy 4096 Oct 9 14:06 enroldrwxr-xr-x. 2 apache timothy 4096 Oct 9 14:06 error-rwxr-xr-x. 1 apache timothy 3923 Oct 4 11:43 file.phpdrwxr-xr-x. 3 apache timothy 4096 Oct 9 14:06 filesdrwxr-xr-x. 14 apache timothy 4096 Oct 9 14:06 filter-rwxr-xr-x. 1 apache timothy 953 Oct 4 15:14 githash.phpdrwxr-xr-x. 8 apache timothy 4096 Oct 9 14:06 gradedrwxr-xr-x. 3 apache timothy 4096 Oct 9 14:06 group-rwxr-xr-x. 1 apache timothy 1423 Oct 4 11:43 help_ajax.php-rwxr-xr-x. 1 apache timothy 1761 Oct 4 11:43 help.php-rwxr-xr-x. 1 apache timothy 13203 Oct 4 11:43 index.php * tried setenforce 0. The ls -alZ command returns -rwxr-xr-x. apache timothy unconfined_u:object_r:user_home_t:s0 index.php * tried chown -R root on all files as well.* ran the moodle setup script as such: # sudo -u apache /usr/bin/php install.php I am using the following setup:Fedora 19Apache 2.4.6PHP 5.5.4moodle 2.5MariaDB 5.5.32 Since the Moodle docs indicate this is a permissions problem with apache, I thought I should ask here first. Any suggestions or solutions would be much welcomed. Thanks, Timothy Curchod.
RE: [users@httpd] Permission Still Denied with Moodle
Thanks for the reply Yehuda. Here is the info you asked about. ls -llrwxrwxrwx. 1 root root 7 Oct 8 17:13 bin - usr/bindr-xr-xr-x. 5 root root 1024 Oct 8 17:31 bootdrwxr-xr-x 19 root root 3440 Oct 10 07:02 devdrwxr-xr-x. 144 root root 12288 Oct 10 07:02 etcdrwxr-xr-x. 4 root root 4096 Jul 8 17:56 homelrwxrwxrwx. 1 root root 7 Oct 8 17:13 lib - usr/liblrwxrwxrwx. 1 root root 9 Oct 8 17:13 lib64 - usr/lib64drwx--. 2 root root 16384 Jun 28 02:09 lost+founddrwxr-xr-x. 2 root root 4096 Jul 8 17:56 mediadrwxr-xr-x. 3 root root 4096 Jul 8 17:56 mntdrwxr-xr-x. 3 root root 4096 Oct 8 18:42 optdr-xr-xr-x 166 root root 0 Oct 10 07:02 procdr-xr-x---. 5 root root 4096 Oct 9 22:42 rootdrwxr-xr-x 39 root root 1180 Oct 10 07:02 runlrwxrwxrwx. 1 root root 8 Oct 8 17:13 sbin - usr/sbindrwxr-xr-x. 2 root root 4096 Jul 8 17:56 srvdr-xr-xr-x 13 root root 0 Oct 10 07:02 sysdrwxrwxrwt 13 root root 280 Oct 10 07:03 tmpdrwxr-xr-x. 13 root root 4096 Oct 8 17:13 usrdrwxr-xr-x. 23 root root 4096 Oct 9 12:21 var Also, moodle requires a data folder which I put in var with 777 permissions:drwxrwxrwx. 6 root root 4096 Oct 9 12:55 moodledata httpd -SVirtualHost configuration:ServerRoot: /etc/httpdMain DocumentRoot: /var/www/htmlMain ErrorLog: /etc/httpd/logs/error_logMutex proxy: using_defaultsMutex authn-socache: using_defaultsMutex default: dir=/run/httpd/ mechanism=default Mutex mpm-accept: using_defaultsMutex authdigest-opaque: using_defaultsMutex proxy-balancer-shm: using_defaultsMutex rewrite-map: using_defaultsMutex authdigest-client: using_defaultsPidFile: /run/httpd/httpd.pidDefine: DUMP_VHOSTSDefine: DUMP_RUN_CFGUser: name=apache id=48 not_usedGroup: name=apache id=48 not_used I have a Linksys router which has settings as such:StartEndProtocol IP Address80 80 both 192.168.1.10080808080 both 192.168.1.126 -- used with Tomcat which runs fine on another box. This is in the httpd.config file: ## Listen: Allows you to bind Apache to specific IP addresses and/or# ports, instead of the default. See also the VirtualHost# directive.## Change this to Listen on specific IP addresses as shown below to # prevent Apache from glomming onto all bound IP addresses.##Listen 12.34.56.78:80Listen 80 What am I doing wrong? Notice that info.php is in the documents directory and I can access it fine.-rw-r--r--. 1 apache root 20 Oct 9 11:32 info.phpI tried to create the page as my regular user, but was unable to save in that directory, so I ended up creating it as root. How am I going to be able to work on Moodle development if I can’t modify files in the www/html folder as a regular user? This is a development server with one user, myself. Should I make all the files match the permissions on info.php and do all my work as root? Thanks for any help, Timothy. From: yeh...@ymkatz.net Date: Wed, 9 Oct 2013 12:18:56 -0400 To: users@httpd.apache.org Subject: Re: [users@httpd] Permission Still Denied with Moodle AH00035: access to /moodle/ denied (filesystem path '/var/www/html/moodle') because search permissions are missing on a component of the path This implies that the x permission is missing. You posted for every directory except /var . What are its permissions?I have no idea if selinux could get in the way or if setenforce 0 really gets rid of it. Incorrect access detected, this server may be accessed only through http://*my ip*/moodle address, sorry. Please notify server administrator. Does Moodle modify the default 403 error page? That is probably what this is. If I use http://*my ip*/moodle or http://*my ip*:80/moodle I get this error: Oops! Google Chrome could not connect to *my ip*Is apache set to listen to an IP besides 127.0.0.1?Run httpd -S for the list of active vhosts. - Y On Wed, Oct 9, 2013 at 4:19 AM, Timothy Curchod timof...@hotmail.com wrote: Hi, I've tried a few times to setup moodle on LAMP but failed each time with the following errors: If I use localhost/moodle, I get this error: Incorrect access detected, this server may be accessed only through http://*my ip*/moodle address, sorry. Please notify server administrator. If I use http://*my ip*/moodle or http://*my ip*:80/moodle I get this error: Oops! Google Chrome could not connect to *my ip* If I look in the /etc/httpd/logs/error_log I see: [Wed Oct 09 14:59:46.240266 2013] [core:error] [pid 2279] (13)Permission denied: [client 127.0.0.1:43084] AH00035: access to /moodle/ denied (filesystem path '/var/www/html/moodle') because search permissions are missing on a component of the path The wiki says this is an error 13 which indicates a filesystem permissions problem but I can't see where. I've looked at a lot of questions relating to permission problems that people have had and it all seems to show that I have things set up correctly, or have tried the things