1

I'm running CentOS 6.3 and Apache 2.2.15.

I'm using the defaults setup for apache. The files I'm serving are in

/var/www/html

Here are two of them 

[root@gisele html]# ls -l *-production-1.0.6.pdf 
-r--r--r--. 1 root root 171769 Jan  1 21:12 copy-installation-production-1.0.6.pdf
-r--r--r--. 1 root root 171769 Jan  1 20:59 installation-production-1.0.6.pdf

The copy file is a file created by doing 

cp installation-production-1.0.6.pdf copy-installation-production-1.0.6.pdf

Through a virtual host mapping I'm accessing these documents.

copy-installation-production-1.0.6.pdf will serve. installation-production-1.0.6.pdf returns a 403 forbidden.

The only difference, is that the original file was copied onto the server from another machine.

Any idea why this original file will not serve but the copy will?

Will
  • 362
  • 1
  • 3
  • 11

2 Answers2

3

Well, disabling SELinux it's just a temporary workaround, not a solution. We don't wan't to make Dan Walsh cry ;)

Try one of these options:

chcon --reference=/var/www/html/FileThatCanBeServed /var/www/html/FileWithError403

or

chcon -R --reference=/var/www/html /var/www/html/

or

chcon -R -t httpd_sys_content_t /var/www/html/

Always check the SELinux context of the files that are accessible with ls -lZ, then use chcon with the --reference option to copy the context to other files.

Gabriel Talavera
  • 1,367
  • 1
  • 11
  • 18
2

Gah, SELinux. Same probalem as this question: Apache serves some files, others get 403

Turn off SELinux being the solution.

http://www.crypt.gen.nz/selinux/disable_selinux.html

There should be a prompt in the CentOS installation

Is this machine primarily a 
Server (1) / Desktop (2)
1/2...? 1

Would you like to run into bizarre errors later on?
Y/N...? y

Installing SELinux.
Community
  • 1
Will
  • 362
  • 1
  • 3
  • 11