httpd.conf - access denied error whilst trying to auto index a location

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

httpd.conf - access denied error whilst trying to auto index a location

techay
Hello,

I'm using 6.1 + all updates (system and packages)

I am trying to list a particular directory exactly as shown within the https://www.jp.openbsd.org/papers/httpd-slides-asiabsdcon2015.pdf presentation:

location "/download/*" {
directory auto index
log style combined
}

This just results in an error from the browser - 'Access Denied'.  I have checked the permissions of the 'download' directory, even given them permissions of 777 just to see if I can get this to work but nope.  Same error.

My http.conf file:

ext_addr="192.168.1.2"

types { include "/usr/share/misc/mime.types" }

chroot "/"
logdir "/var/www/logs"

server "default" {

        listen on $ext_addr port 80

        location "*.php" {
                fastcgi socket "/var/www/run/php-fpm.sock"
        }

        location "/phpMyAdmin*" {
                root { "/var/www/htdocs/phpMyAdmin", strip 1 }
        }

        location "/download/*" {
                directory auto index
                log style combined
        }

        root "/var/www/htdocs/"

        directory index "index.php"

        location "*/db_structure.xml" { block }
        location "*/.ht*"             { block }
        location "*/README"           { block }
        location "*/data*"           { block }
        location "*/config*"         { block }
        location "*/*.php.*"         { block }

}

# ls -alht /var/www/htdocs/download
total 12
drwxr-xr-x  5 root  daemon   512B Sep 15 03:49 ..
drwxrwxrwx  2 root  daemon   512B Sep 15 03:07 .
-rwxr-xr-x  1 root  daemon     8B Sep 15 03:07 notes.txt

# cat /var/www/logs
default 192.168.1.3 - - [15/Sep/2017:03:51:21 +0200] "GET /download/ HTTP/1.1" 403 0

Everything else runs smoothly on my server, but I cannot get a listing of the files for some reason when I go to 192.168.1.2/download.  I can access the notes.txt file though through the browser at http://192.168.1.2/download/notes.txt

I just can't figure it out, restarted the server so many times and now I've given up and looking to see if anyone knows what the problem could be.  More than likely I'm doing something silly here.  Before someone points out that I have disabled the chroot, yes I know.. and I have done this for a very specific reason so please don't even bother asking me reasons why I have done this, okay? Okay.

Any help will be massively appreciated, thanks for reading!
Reply | Threaded
Open this post in threaded view
|

Re: httpd.conf - access denied error whilst trying to auto index a location

Alexander Hall


On September 15, 2017 4:06:37 AM GMT+02:00, "[hidden email]" <[hidden email]> wrote:

>Hello,
>
>I'm using 6.1 + all updates (system and packages)
>
>I am trying to list a particular directory exactly as shown within the
>https://www.jp.openbsd.org/papers/httpd-slides-asiabsdcon2015.pdf
>presentation:
>
>location "/download/*" {
>directory auto index
>log style combined
>}
>
>This just results in an error from the browser - 'Access Denied'.  I
>have checked the permissions of the 'download' directory, even given
>them permissions of 777 just to see if I can get this to work but nope.

1. I'm not convinced this will Target the directory itself
2. Did you check the permissions on all intermediate directories?

/Alexander

> Same error.
>
>My http.conf file:
>
>ext_addr="192.168.1.2"
>
>types { include "/usr/share/misc/mime.types" }
>
>chroot "/"
>logdir "/var/www/logs"
>
>server "default" {
>
>        listen on $ext_addr port 80
>
>        location "*.php" {
>                fastcgi socket "/var/www/run/php-fpm.sock"
>        }
>
>        location "/phpMyAdmin*" {
>                root { "/var/www/htdocs/phpMyAdmin", strip 1 }
>        }
>
>        location "/download/*" {
>                directory auto index
>                log style combined
>        }
>
>        root "/var/www/htdocs/"
>
>        directory index "index.php"
>
>        location "*/db_structure.xml" { block }
>        location "*/.ht*"             { block }
>        location "*/README"           { block }
>        location "*/data*"           { block }
>        location "*/config*"         { block }
>        location "*/*.php.*"         { block }
>
>}
>
># ls -alht /var/www/htdocs/download
>total 12
>drwxr-xr-x  5 root  daemon   512B Sep 15 03:49 ..
>drwxrwxrwx  2 root  daemon   512B Sep 15 03:07 .
>-rwxr-xr-x  1 root  daemon     8B Sep 15 03:07 notes.txt
>
># cat /var/www/logs
>default 192.168.1.3 - - [15/Sep/2017:03:51:21 +0200] "GET /download/
>HTTP/1.1" 403 0
>
>Everything else runs smoothly on my server, but I cannot get a listing
>of the files for some reason when I go to 192.168.1.2/download.  I can
>access the notes.txt file though through the browser at
>http://192.168.1.2/download/notes.txt
>
>I just can't figure it out, restarted the server so many times and now
>I've given up and looking to see if anyone knows what the problem could
>be.  More than likely I'm doing something silly here.  Before someone
>points out that I have disabled the chroot, yes I know.. and I have
>done this for a very specific reason so please don't even bother asking
>me reasons why I have done this, okay? Okay.
>
>Any help will be massively appreciated, thanks for reading!

Reply | Threaded
Open this post in threaded view
|

Re: httpd.conf - access denied error whilst trying to auto index a location

techay
The permissions on directories are fine.  I have achieved this before with no problems, but it was on 5.7 / 5.8 / 5.9.

Is this a bug introduced by changing the chroot? I mean I'm following the creators own slides on this, except for the fact I have disabled the chroot in mines.

Thanks for reading.

> On September 15, 2017 4:06:37 AM GMT+02:00, "[hidden email]" <[hidden email]> wrote:
>>Hello,
>>
>>I"m using 6.1 + all updates (system and packages)
>>
>>I am trying to list a particular directory exactly as shown within the
>>https://www.jp.openbsd.org/papers/httpd-slides-asiabsdcon2015.pdf
>>presentation:
>>
>>location "/download/*" {
>>directory auto index
>>log style combined
>>}
>>
>>This just results in an error from the browser - "Access Denied". I
>>have checked the permissions of the "download" directory, even given
>>them permissions of 777 just to see if I can get this to work but nope.
>
> 1. I"m not convinced this will Target the directory itself
> 2. Did you check the permissions on all intermediate directories?
>
> /Alexander
>
>> Same error.
>>
>>My http.conf file:
>>
>>ext_addr="192.168.1.2"
>>
>>types { include "/usr/share/misc/mime.types" }
>>
>>chroot "/"
>>logdir "/var/www/logs"
>>
>>server "default" {
>>
>> listen on $ext_addr port 80
>>
>> location "*.php" {
>> fastcgi socket "/var/www/run/php-fpm.sock"
>> }
>>
>> location "/phpMyAdmin*" {
>> root { "/var/www/htdocs/phpMyAdmin", strip 1 }
>> }
>>
>> location "/download/*" {
>> directory auto index
>> log style combined
>> }
>>
>> root "/var/www/htdocs/"
>>
>> directory index "index.php"
>>
>> location "*/db_structure.xml" { block }
>> location "*/.ht*" { block }
>> location "*/README" { block }
>> location "*/data*" { block }
>> location "*/config*" { block }
>> location "*/*.php.*" { block }
>>
>>}
>>
>># ls -alht /var/www/htdocs/download
>>total 12
>>drwxr-xr-x 5 root daemon 512B Sep 15 03:49 ..
>>drwxrwxrwx 2 root daemon 512B Sep 15 03:07 .
>>-rwxr-xr-x 1 root daemon 8B Sep 15 03:07 notes.txt
>>
>># cat /var/www/logs
>>default 192.168.1.3 - - [15/Sep/2017:03:51:21 +0200] "GET /download/
>>HTTP/1.1" 403 0
>>
>>Everything else runs smoothly on my server, but I cannot get a listing
>>of the files for some reason when I go to 192.168.1.2/download. I can
>>access the notes.txt file though through the browser at
>>http://192.168.1.2/download/notes.txt
>>
>>I just can"t figure it out, restarted the server so many times and now
>>I"ve given up and looking to see if anyone knows what the problem could
>>be. More than likely I"m doing something silly here. Before someone
>>points out that I have disabled the chroot, yes I know.. and I have
>>done this for a very specific reason so please don"t even bother asking
>>me reasons why I have done this, okay? Okay.
>>
>>Any help will be massively appreciated, thanks for reading!
Reply | Threaded
Open this post in threaded view
|

Re: httpd.conf - access denied error whilst trying to auto index a location

techay
In reply to this post by Alexander Hall
Ok, I got it to work.  Strangely, it required closing my browser down and starting it again. I can't think why that would have caused an 'Access Denied' error but it's gone now.  Who knows.

> On September 15, 2017 4:06:37 AM GMT+02:00, "[hidden email]" <[hidden email]> wrote:
>>Hello,
>>
>>I"m using 6.1 + all updates (system and packages)
>>
>>I am trying to list a particular directory exactly as shown within the
>>https://www.jp.openbsd.org/papers/httpd-slides-asiabsdcon2015.pdf
>>presentation:
>>
>>location "/download/*" {
>>directory auto index
>>log style combined
>>}
>>
>>This just results in an error from the browser - "Access Denied". I
>>have checked the permissions of the "download" directory, even given
>>them permissions of 777 just to see if I can get this to work but nope.
>
> 1. I"m not convinced this will Target the directory itself
> 2. Did you check the permissions on all intermediate directories?
>
> /Alexander
>
>> Same error.
>>
>>My http.conf file:
>>
>>ext_addr="192.168.1.2"
>>
>>types { include "/usr/share/misc/mime.types" }
>>
>>chroot "/"
>>logdir "/var/www/logs"
>>
>>server "default" {
>>
>> listen on $ext_addr port 80
>>
>> location "*.php" {
>> fastcgi socket "/var/www/run/php-fpm.sock"
>> }
>>
>> location "/phpMyAdmin*" {
>> root { "/var/www/htdocs/phpMyAdmin", strip 1 }
>> }
>>
>> location "/download/*" {
>> directory auto index
>> log style combined
>> }
>>
>> root "/var/www/htdocs/"
>>
>> directory index "index.php"
>>
>> location "*/db_structure.xml" { block }
>> location "*/.ht*" { block }
>> location "*/README" { block }
>> location "*/data*" { block }
>> location "*/config*" { block }
>> location "*/*.php.*" { block }
>>
>>}
>>
>># ls -alht /var/www/htdocs/download
>>total 12
>>drwxr-xr-x 5 root daemon 512B Sep 15 03:49 ..
>>drwxrwxrwx 2 root daemon 512B Sep 15 03:07 .
>>-rwxr-xr-x 1 root daemon 8B Sep 15 03:07 notes.txt
>>
>># cat /var/www/logs
>>default 192.168.1.3 - - [15/Sep/2017:03:51:21 +0200] "GET /download/
>>HTTP/1.1" 403 0
>>
>>Everything else runs smoothly on my server, but I cannot get a listing
>>of the files for some reason when I go to 192.168.1.2/download. I can
>>access the notes.txt file though through the browser at
>>http://192.168.1.2/download/notes.txt
>>
>>I just can"t figure it out, restarted the server so many times and now
>>I"ve given up and looking to see if anyone knows what the problem could
>>be. More than likely I"m doing something silly here. Before someone
>>points out that I have disabled the chroot, yes I know.. and I have
>>done this for a very specific reason so please don"t even bother asking
>>me reasons why I have done this, okay? Okay.
>>
>>Any help will be massively appreciated, thanks for reading!