apache httpd 映射 url 到 virtualbox 共享文件夹
apache httpd map url to virtualbox share folder
我在virtualbox中设置了一个centos7,其中运行apache httpd、mariadb、phpmyadmin等,主机是macos
当我尝试将 url 映射到共享文件夹时,我遇到了错误
Forbidden: You don't have permission to access /tutorial/ on this server.
sudo tail -f /var/log/httpd/error_log
[Wed Oct 19 22:48:23.108758 2016] [autoindex:error] [pid 1469] (13)Permission denied: [client 192.168.144.1:51847] AH01275: Can't open directory for index: /php-tutorial/www/
/etc/httpd/conf.d/tutorial.conf
Alias /tutorial "/php-tutorial/www"
<Directory "/php-tutorial/www">
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
</Directory>
文件夹权限为
drwxr-xr-x. 1 vagrant vagrant system_u:object_r:vmblock_t:s0 /php-tutorial/www
drwxr-xr-x. 1 vagrant vagrant system_u:object_r:vmblock_t:s0 /php-tutorial
drwxr-xr-x. root root system_u:object_r:httpd_sys_content_t:s0 /var/www
drwxr-xr-x. root root system_u:object_r:httpd_sys_content_t:s0 /var/www/html
我不确定这是否可行,如果可行,正确的配置方式是什么。
您似乎有 SELinux,查看 SELinux 日志
感谢 ezra-s 指出可能存在的问题。
是的,是因为SELinux,因为SELinux在Centos 7.2中是默认开启的,也就是这里使用的guestOS
这个问题有两种不同的解决方案:
快速解决方案,禁用 SELinux
# vi /etc/selinux/config
SELINUX=enforcing # <= change enforcing to disabled
更好的解决方案,自定义 SELinux 策略
# yum install -y policycoreutils-python
# vi httpd_t.te
module httpd_t 1.0;
require {
type httpd_t;
type vmblock_t;
class file { read getattr open };
}
#============= httpd_t ==============
allow httpd_t vmblock_t:file { read getattr open };
# checkmodule -M -m -o httpd_t.mod httpd_t.te
# semodule_package -o httpd_t.pp -m httpd_t.mod
# semodule -i httpd_t.pp
# systemctl restart httpd
参考文献:
- https://github.com/mitchellh/vagrant/issues/6970,有人遇到同样的问题,一步步找到出路
- https://wiki.centos.org/HowTos/SELinux,对SELinux的介绍不错
我在virtualbox中设置了一个centos7,其中运行apache httpd、mariadb、phpmyadmin等,主机是macos
当我尝试将 url 映射到共享文件夹时,我遇到了错误
Forbidden: You don't have permission to access /tutorial/ on this server.
sudo tail -f /var/log/httpd/error_log
[Wed Oct 19 22:48:23.108758 2016] [autoindex:error] [pid 1469] (13)Permission denied: [client 192.168.144.1:51847] AH01275: Can't open directory for index: /php-tutorial/www/
/etc/httpd/conf.d/tutorial.conf
Alias /tutorial "/php-tutorial/www"
<Directory "/php-tutorial/www">
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
</Directory>
文件夹权限为
drwxr-xr-x. 1 vagrant vagrant system_u:object_r:vmblock_t:s0 /php-tutorial/www
drwxr-xr-x. 1 vagrant vagrant system_u:object_r:vmblock_t:s0 /php-tutorial
drwxr-xr-x. root root system_u:object_r:httpd_sys_content_t:s0 /var/www
drwxr-xr-x. root root system_u:object_r:httpd_sys_content_t:s0 /var/www/html
我不确定这是否可行,如果可行,正确的配置方式是什么。
您似乎有 SELinux,查看 SELinux 日志
感谢 ezra-s 指出可能存在的问题。
是的,是因为SELinux,因为SELinux在Centos 7.2中是默认开启的,也就是这里使用的guestOS
这个问题有两种不同的解决方案:
快速解决方案,禁用 SELinux
# vi /etc/selinux/config SELINUX=enforcing # <= change enforcing to disabled更好的解决方案,自定义 SELinux 策略
# yum install -y policycoreutils-python # vi httpd_t.te module httpd_t 1.0; require { type httpd_t; type vmblock_t; class file { read getattr open }; } #============= httpd_t ============== allow httpd_t vmblock_t:file { read getattr open }; # checkmodule -M -m -o httpd_t.mod httpd_t.te # semodule_package -o httpd_t.pp -m httpd_t.mod # semodule -i httpd_t.pp # systemctl restart httpd
参考文献:
- https://github.com/mitchellh/vagrant/issues/6970,有人遇到同样的问题,一步步找到出路
- https://wiki.centos.org/HowTos/SELinux,对SELinux的介绍不错