Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

403 Forbidden on Extracted tar/zip files

Status
Not open for further replies.
jitspoe

jitspoe

Programmer
Jan 4, 2007
7
US
I can't make any sense of this. I just set up a new server and configured it like my old one (which worked perfectly). Whenever I download and extract something to /var/ (phpMyAdmin, for example), I get a 403 forbidden to it, even though it has the same permissions and owner as everything else. I've even tried to recursively chown everything to apache and chmod 777 everything. Always forbidden.

What's strange is if I create a fresh directory (same permissions, just created with mkdir instead of extracted from a tar), and *copy* the files over, they work. If I move them from the extracted directory or create new files in the extracted directory, they are forbidden. The only workaround I've found is to re-tar everything locally and then un-tar it again. This creates "fresh" copies of the files and even though all the permissions and owners are the same, the forbidden error goes away. It's like there's some hidden flag somewhere that doesn't show up with an "ls -la". I've compared two directories side by side and everything is identical, yet one will be forbidden and the other not. Directory and file names do not matter, and there are no .htaccess files.

It's not just files downloaded from web sites, either. I tar.gz'd some data off of my old server and copied it to the new one. Usernames, permissions, and everything are configured the same on both servers, but extracted files result in a forbidden. I have to tar/untar them locally (or use some other method to copy them) to get them to work.

I'm using CentOS 4 with Apache 2.0.59.
 
Sort by date Sort by votes
What OS is this new server running? Does it use SE linux?
 
Upvote 0 Downvote
To help clarify the situation a bit more, here's an example of a forbidden directory, and one that is not.

This directory was extracted from a tar file and results in a forbidden:
Code: 
[admin@dpserverscom script3]$ ls -al
total 228
drwxrwxr-x  2 admin admin  4096 Apr 28 23:41 .
drwxr-xr-x  7 admin root   4096 Apr 29 00:14 ..
-rw-r--r--  1 admin admin  1813 Apr 23 23:06 check_lang.php
-rwxr-xr-x  1 admin admin   400 Apr 23 23:06 convertcfg.pl
-rwxr-xr-x  1 admin admin  8421 Apr 23 23:06 create-release.sh
-rw-r--r--  1 admin admin  6081 Apr 23 23:06 create_tables_mysql_4_1_2+.sql
-rw-r--r--  1 admin admin  5203 Apr 23 23:06 create_tables.sql
-rw-r--r--  1 admin admin  2737 Apr 23 23:06 decode_bug.php
-rwxr-xr-x  1 admin admin  1090 Apr 23 23:06 find_unused_messages.sh
-rw-rw-r--  1 admin admin     9 Apr 28 23:41 index.php
-rwxr-xr-x  1 admin admin  2125 Apr 23 23:06 lang-cleanup.sh
-rwxr-xr-x  1 admin admin   392 Apr 23 23:06 remove_control_m.sh
-rw-r--r--  1 admin admin 75819 Apr 23 23:06 setup.php
-rw-r--r--  1 admin admin  1728 Apr 23 23:06 signon.php
-rwxr-xr-x  1 admin admin  5017 Apr 23 23:06 upgrade.pl
-rw-r--r--  1 admin admin  6316 Apr 23 23:06 upgrade_tables_mysql_4_1_2+.sql

This is a fresh directory created in the same location as the above (both in the html root directory) and with the above data copied over to it. This directory is readable from apache:
Code: 
[admin@dpserverscom script2]$ ls -al
total 228
drwxrwxr-x  2 admin admin  4096 Apr 28 23:40 .
drwxr-xr-x  7 admin root   4096 Apr 29 00:14 ..
-rw-r--r--  1 admin admin  1813 Apr 28 23:40 check_lang.php
-rwxr-xr-x  1 admin admin   400 Apr 28 23:40 convertcfg.pl
-rwxr-xr-x  1 admin admin  8421 Apr 28 23:40 create-release.sh
-rw-r--r--  1 admin admin  6081 Apr 28 23:40 create_tables_mysql_4_1_2+.sql
-rw-r--r--  1 admin admin  5203 Apr 28 23:40 create_tables.sql
-rw-r--r--  1 admin admin  2737 Apr 28 23:40 decode_bug.php
-rwxr-xr-x  1 admin admin  1090 Apr 28 23:40 find_unused_messages.sh
-rw-rw-r--  1 admin admin     9 Apr 28 23:39 index.php
-rwxr-xr-x  1 admin admin  2125 Apr 28 23:40 lang-cleanup.sh
-rwxr-xr-x  1 admin admin   392 Apr 28 23:40 remove_control_m.sh
-rw-r--r--  1 admin admin 75819 Apr 28 23:40 setup.php
-rw-r--r--  1 admin admin  1728 Apr 28 23:40 signon.php
-rwxr-xr-x  1 admin admin  5017 Apr 28 23:40 upgrade.pl
-rw-r--r--  1 admin admin  6316 Apr 28 23:40 upgrade_tables_mysql_4_1_2+.sql

As you can see, the owner, permissions, and contents are identical, yet one results in a forbidden and the other not.
 
Upvote 0 Downvote
The issue was with SELinux. "ls -Z" shows the differences. To fix it, I had to use the following command:

chcon -R -h -t httpd_sys_content_t <directory>
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

spamjim
  • Locked
  • Question
Sorting out NTFS filesystem issues
Replies
0
Views
131
spamjim
spamjim
bhuv560
  • Locked
  • Question
Postfix Installation on EC2 AWS Linux
Replies
0
Views
86
bhuv560
bhuv560
gregor weertman
  • Locked
  • Question
set samba &quot;template shell&quot; dependent on group
Replies
0
Views
77
gregor weertman
gregor weertman
lslamp
  • Locked
  • Question
Bash Onliner ... 1
Replies
2
Views
145
lslamp
lslamp
daniel.warner
  • Locked
  • Question
Desperately need help setting up wildcard certs on Apache/Tomcat
Replies
2
Views
148
daniel.warner
daniel.warner

Part and Inventory Search

Sponsor

Back
Top