Quirky Linux Permissions Errors

Question

I am getting some quirky permissions errors with apache, I can access documents under by apache home directory but not under any other directory.

When I view my Apache error_log it shows

[error] (13)Permission denied: access to / denied

I have file and folder permission set to 777 and I know my httpd.conf is setup correctly.

Here is the odd thing

when I execute this for a file in apache's directory it works fine

su -s /bin/bash -c "cat /usr/local/apache2/htdocs/index.html" apache
<html><body><h1>It works!</h1></body></html>

When I execute this for an outside file with the same permissions I get

su -s /bin/bash -c "cat /var/www/html/index.html" apache
cat: /var/www/html/index.html: Permission denied

I thought this must be an selinux thing so I turned that off by setting SELINUX=disabled in /etc/selinux/config and restarting the server but that didn't work.

I am using a fresh install of CentOS 4.8 and my web directories are rsync'ed over from my primary web server.

Update

 ls -lZ
Sorry, this option can only be used on a SELinux kernel.

 id apache
uid=48(apache) gid=48(apache) groups=48(apache)

ls -l /var /var/www /var/www/html /var/www/html/index.html

-rwxrwxrwx   1 apache apache    7 Jan 18 15:36 /var/www/html/index.html

/var:
total 192
drwxr-xr-x   2 root    root    4096 Dec 28 09:04 account
drwxr-xr-x   9 root    root    4096 Dec 28 09:04 cache
drwxr-xr-x   3 netdump netdump 4096 Dec 28 09:04 crash
drwxr-xr-x   3 root    root    4096 Dec 28 09:04 db
drwxr-xr-x   2 root    root    4096 Dec 29 13:31 doc
drwxr-xr-x   3 root    root    4096 Dec 28 09:04 empty
drwxr-xr-x   3 root    root    4096 Dec 28 09:06 ftp
drwxr-xr-x   7 root    root    4096 Jan 15 10:24 httpdocs
drwxr-xr-x   7 root    root    4096 Dec 29 13:31 installed_packages
drwxr-xr-x  24 root    root    4096 Jan  4 09:54 lib
drwxr-xr-x   2 root    root    4096 Feb 21  2005 local
drwxrwxr-x   6 root    lock    4096 Jan 19 04:02 lock
drwxr-xr-x  12 root    root    4096 Jan 19 07:50 log
lrwxrwxrwx   1 root    root      10 Dec 28 09:03 mail -> spool/mail
drwxr-x---   5 root    named   4096 Jul 29 14:10 named
drwxr-xr-x   2 root    root    4096 Feb 21  2005 nis
drwxr-xr-x   2 root    root    4096 Feb 21  2005 opt
drwxr-xr-x   2 root    root    4096 Feb 21  2005 preserve
drwxr-xr-x  22 root    root    4096 Jan 19 07:44 run
drwxr-xr-x  14 root    root    4096 Dec 28 09:04 spool
drwxrwxrwt   2 root    root    4096 Jan 15 04:30 tmp
drwx------   2 root    root    4096 Feb 21  2005 tux
drwxr-xr-x   8 root    root    4096 Nov 12 05:56 www
drwxr-xr-x   2 root    root    4096 Jan 19 10:26 www2
drwxr-xr-x   3 root    root    4096 Dec 28 09:04 yp

/var/www:
total 48
drwxr-xr-x   2 root      root 4096 Nov 12 05:56 cgi-bin
drwxr-xr-x   3 root      root 4096 Dec 28 09:16 error
drwxr-xr-x   2 root      root 4096 Jan 18 15:36 html
drwxr-xr-x   3 root      root 4096 Dec 28 09:16 icons
drwxr-xr-x  13 root      root 4096 Dec 28 09:16 manual
drwxr-xr-x   2 webalizer root 4096 Jan 19 04:02 usage

/var/www/html:
total 8
-rwxrwxrwx  1 apache apache 7 Jan 18 15:36 index.html

Answer 1

From what you've posted I'd say you need to give apache permissions to access /var.

Answer 2

[error] (13)Permission denied: access to / denied

A CGI or plugin may be trying to create a file in /. See if you can track down exactly what operation is creating the error.