httpd(13)权限被拒绝:访问/被拒绝

httpd(13)权限被拒绝:访问/被拒绝

我的问题是“如何使我的 httpd 工作?”

每当我尝试访问我的 http 服务器时,我都会收到访问被拒绝 403消息。关于该主题描述的消息在日志文件中获取:

/var/log/httpd/错误日志

让我先发布某些事物的输出。

首先是我的 httpd.conf。(通过 yum 提供的默认服务)

http://pastebin.com/yQCr7GTz

没有任何虚拟主机。conf 中的相关行如下:

ServerTokens OS

ServerRoot "/etc/httpd"

PidFile run/httpd.pid

Timeout 60

KeepAlive Off

MaxKeepAliveRequests 100

KeepAliveTimeout 15


<IfModule prefork.c>
StartServers       8
MinSpareServers    5
MaxSpareServers   20
ServerLimit      256
MaxClients       256
MaxRequestsPerChild  4000
</IfModule>

<IfModule worker.c>
StartServers         4
MaxClients         300
MinSpareThreads     25
MaxSpareThreads     75 
ThreadsPerChild     25
MaxRequestsPerChild  0
</IfModule>
Listen 80
Include conf.d/*.conf
User apache
Group apache
ServerAdmin root@localhost
UseCanonicalName Off
DocumentRoot "/var/www/html"
<Directory />
    Options FollowSymLinks
    AllowOverride None
</Directory>


<Directory "/var/www/html">
    Options Indexes FollowSymLinks
    AllowOverride None
    Order allow,deny
    Allow from all
</Directory>

<IfModule mod_userdir.c>
    #
    # UserDir is disabled by default since it can confirm the presence
    # of a username on the system (depending on home directory
    # permissions).
    #
    UserDir disabled

    #
    # To enable requests to /~user/ to serve the user's public_html
    # directory, remove the "UserDir disabled" line above, and uncomment
    # the following line instead:
    # 
    #UserDir public_html

</IfModule>


DirectoryIndex index.html index.html.var

AccessFileName .htaccess

<Files ~ "^\.ht">
    Order allow,deny
    Deny from all
    Satisfy All
</Files>

TypesConfig /etc/mime.types

DefaultType text/plain

<IfModule mod_mime_magic.c>
    MIMEMagicFile conf/magic
</IfModule>

HostnameLookups Off



ErrorLog logs/error_log
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent

CustomLog logs/access_log combined
ServerSignature On
Alias /icons/ "/var/www/icons/"
<Directory "/var/www/icons">
    Options Indexes MultiViews FollowSymLinks
    AllowOverride None
    Order allow,deny
    Allow from all
</Directory>

<IfModule mod_dav_fs.c>
    DAVLockDB /var/lib/dav/lockdb
</IfModule>

ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"
<Directory "/var/www/cgi-bin">
    AllowOverride None
    Options None
    Order allow,deny
    Allow from all
</Directory>

IndexOptions FancyIndexing VersionSort NameWidth=* HTMLTable Charset=UTF-8

AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip

AddIconByType (TXT,/icons/text.gif) text/*
AddIconByType (IMG,/icons/image2.gif) image/*
AddIconByType (SND,/icons/sound2.gif) audio/*
AddIconByType (VID,/icons/movie.gif) video/*

AddIcon /icons/binary.gif .bin .exe
AddIcon /icons/binhex.gif .hqx
AddIcon /icons/tar.gif .tar
AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv
AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip
AddIcon /icons/a.gif .ps .ai .eps
AddIcon /icons/layout.gif .html .shtml .htm .pdf
AddIcon /icons/text.gif .txt
AddIcon /icons/c.gif .c
AddIcon /icons/p.gif .pl .py
AddIcon /icons/f.gif .for
AddIcon /icons/dvi.gif .dvi
AddIcon /icons/uuencoded.gif .uu
AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl
AddIcon /icons/tex.gif .tex
AddIcon /icons/bomb.gif core

AddIcon /icons/back.gif ..
AddIcon /icons/hand.right.gif README
AddIcon /icons/folder.gif ^^DIRECTORY^^
AddIcon /icons/blank.gif ^^BLANKICON^^

DefaultIcon /icons/unknown.gif


ReadmeName README.html
HeaderName HEADER.html

IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t

AddLanguage ca .ca
AddLanguage cs .cz .cs
AddLanguage da .dk
AddLanguage de .de
AddLanguage el .el
AddLanguage en .en
AddLanguage eo .eo
AddLanguage es .es
AddLanguage et .et
AddLanguage fr .fr
AddLanguage he .he
AddLanguage hr .hr
AddLanguage it .it
AddLanguage ja .ja
AddLanguage ko .ko
AddLanguage ltz .ltz
AddLanguage nl .nl
AddLanguage nn .nn
AddLanguage no .no
AddLanguage pl .po
AddLanguage pt .pt
AddLanguage pt-BR .pt-br
AddLanguage ru .ru
AddLanguage sv .sv
AddLanguage zh-CN .zh-cn
AddLanguage zh-TW .zh-tw

LanguagePriority en ca cs da de el eo es et fr he hr it ja ko ltz nl nn no pl pt pt-BR ru sv zh-CN zh-TW

ForceLanguagePriority Prefer Fallback

AddDefaultCharset UTF-8



AddType application/x-compress .Z
AddType application/x-gzip .gz .tgz

AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl    .crl



AddHandler type-map var

AddType text/html .shtml
AddOutputFilter INCLUDES .shtml
Alias /error/ "/var/www/error/"

<IfModule mod_negotiation.c>
<IfModule mod_include.c>
    <Directory "/var/www/error">
        AllowOverride None
        Options IncludesNoExec
        AddOutputFilter Includes html
        AddHandler type-map var
        Order allow,deny
        Allow from all
        LanguagePriority en es de fr
        ForceLanguagePriority Prefer Fallback
    </Directory>


</IfModule>
</IfModule>

BrowserMatch "Mozilla/2" nokeepalive
BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0
BrowserMatch "RealPlayer 4\.0" force-response-1.0
BrowserMatch "Java/1\.0" force-response-1.0
BrowserMatch "JDK/1\.0" force-response-1.0

BrowserMatch "Microsoft Data Access Internet Publishing Provider" redirect-carefully
BrowserMatch "MS FrontPage" redirect-carefully
BrowserMatch "^WebDrive" redirect-carefully
BrowserMatch "^WebDAVFS/1.[0123]" redirect-carefully
BrowserMatch "^gnome-vfs/1.0" redirect-carefully
BrowserMatch "^XML Spy" redirect-carefully
BrowserMatch "^Dreamweaver-WebDAV-SCM1" redirect-carefully

DocumentRoot(/var/www/html)及其父目录中的权限似乎没有问题。

[root@MSSPUPPET2 ~]# ls -la /var/www
total 16
drwxr-xr-x 2 apache apache 4096 Aug 13 17:30 cgi-bin
drwxr-xr-x 3 apache apache 4096 Nov 22 09:37 error
drwxr-xr-x 5 apache apache 4096 Aug 13 17:30 html
drwxr-xr-x 3 apache apache 4096 Nov 22 09:39 icons

[root@MSSPUPPET2 ~]# ll /var/www/html
total 16
-rw-r--r--  1 apache apache   15 Nov 22 09:12 index.html
drwxr-xr-x 11 apache apache 4096 Nov 21 11:16 phabricator
drwxr-xr-x  7 apache apache 4096 Nov 21 14:16 varnish
drwxr-xr-x  4 apache apache 4096 Nov  7 07:04 varnish-interface

[root@MSSPUPPET2 ~]# cat /var/www/html/index.html 
<html>
</html>

SELinux 已禁用。

[root@MSSPUPPET2 var]# getenforce
Disabled

Httpd 以 apache 用户身份运行

[root@MSSPUPPET2 var]# ps auxww | grep apache
apache    1358  0.0  0.2 246296  5392 ?        S    04:18   0:00 /usr/sbin/httpd
apache    1359  0.0  0.2 246296  5392 ?        S    04:18   0:00 /usr/sbin/httpd
apache    1360  0.0  0.2 246296  5392 ?        S    04:18   0:00 /usr/sbin/httpd
apache    1361  0.0  0.2 246296  5392 ?        S    04:18   0:00 /usr/sbin/httpd
apache    1362  0.0  0.2 246296  5392 ?        S    04:18   0:00 /usr/sbin/httpd
apache    1363  0.0  0.2 246296  5388 ?        S    04:18   0:00 /usr/sbin/httpd
apache    1364  0.0  0.2 246296  5392 ?        S    04:18   0:00 /usr/sbin/httpd
apache    1365  0.0  0.2 246296  4988 ?        S    04:18   0:00 /usr/sbin/httpd
root      1903  0.0  0.0 103236   860 pts/0    S+   04:29   0:00 grep apache

httpd -S 的输出

[root@MSSPUPPET2 var]# httpd -S
httpd: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1 for ServerName
VirtualHost configuration:
Syntax OK

答案1

好的伙计们,问题解决了。

我的问题是在这里:

[root@MSSPUPPET2 var]# ls -laZ /
drw-r--r--. root root system_u:object_r:root_t:s0      .
drw-r--r--. root root system_u:object_r:root_t:s0      ..
-rw-r--r--  root root ?                                .autofsck
dr-xr-xr-x. root root system_u:object_r:bin_t:s0       bin
dr-xr-xr-x. root root system_u:object_r:boot_t:s0      boot
drwxr-xr-x  root root ?                                BUILD
drwxr-xr-x  root root ?                                dev
drwxr-xr-x. root root system_u:object_r:etc_t:s0       etc
drwxr-xr-x. root root system_u:object_r:home_root_t:s0 home
dr-xr-xr-x. root root system_u:object_r:lib_t:s0       lib
dr-xr-xr-x. root root system_u:object_r:lib_t:s0       lib64
drwx------. root root system_u:object_r:lost_found_t:s0 lost+found
drwxr-xr-x. root root system_u:object_r:mnt_t:s0       media
drwxr-xr-x. root root system_u:object_r:mnt_t:s0       mnt
drwxr-xr-x. root root system_u:object_r:usr_t:s0       opt
dr-xr-xr-x  root root ?                                proc
drw-r--r--. root root system_u:object_r:admin_home_t:s0 root
drwxr-xr-x. root root system_u:object_r:bin_t:s0       sbin
drwxr-xr-x. root root system_u:object_r:root_t:s0      selinux
drwxr-xr-x. root root system_u:object_r:var_t:s0       srv
drwxr-xr-x  root root ?                                sys
drwxrwxrwt. root root system_u:object_r:tmp_t:s0       tmp
drwxr-xr-x. root root system_u:object_r:usr_t:s0       usr
drwxr-xr-x. root root system_u:object_r:var_t:s0       var

/ 目录没有 +x 权限。

答案2

那么问题是什么......?你只是担心你得到:

httpd:无法可靠地确定服务器的完全限定域名,使用 127.0.0.1 作为 ServerName

只需在您的 httpd.conf 中添加一个条目,内容为 Servername your.fqdn.com。您可以通过从命令行运行“hostname”来找到它。如果您得到“localhost”,则需要在框上设置主机名/域名,以便正确地作为互联网上的节点工作。

相关内容