I missed a slash in that regular expression (/.*)? rather than (.*)? On Sun, Oct 28, 2018, 07:26 Jonathon Koyle <literea...@gmail.com> wrote:
> It may be getting denied by SELinux, I suspect the label on your aliased > directory die not allow httpd access. You will likely need to look into > semanage, something like this may do what you need, but I'm not an expert > at SELinux myself... redhat provides some explanation here: > https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/selinux_users_and_administrators_guide/sect-security-enhanced_linux-troubleshooting-top_three_causes_of_problems#sect-Security-Enhanced_Linux-Top_Three_Causes_of_Problems-Labeling_Problems > > > # semanage fcontext -a -t httpd_sys_content_t > '/opt/repository/rhel_updates(.*)?' > # restorecon -R -v /opt/repository/rhel_updates > > > On Sat, Oct 27, 2018, 06:08 Leam Hall <leamh...@gmail.com> wrote: > >> On 10/27/18 7:49 AM, Eric Covener wrote: >> > On Sat, Oct 27, 2018 at 7:29 AM Leam Hall <leamh...@gmail.com> wrote: >> >> >> >> The only fix seems to be making the "<Directory />" more open than we >> >> want. It seems like Apache can't handle a more open sub-directory than >> >> whatever is allowed for the root directory. >> > >> > Apache can handle that just fine. Show the smallest verbatim >> > configuration that demonstrates something unexpected along w/ the >> > logs. >> >> >> Hey Eric, I appreciate the help! Here's what I have, though it is >> transcribed. >> >> Set locally required limited OS access. >> >> <Directory /> >> Options None >> Order deny,allow >> Deny from all >> </Directory> >> >> We use Apache as a yum repo, and store the rpms outside of the >> DocumentRoot. >> >> Alias "/rhel/updates" "/opt/repository/rhel_patch_updates" >> <Directory "/opt/repository/rhel_patch_updates"> >> Options All >> Order allow,deny >> Allow from all >> </Directory> >> >> >> When we hit 'http://myserver/rhel/updates' the error_log says it is >> denied by server configuration. I've set the LogLevel to "debug" and >> that's all I get. The log is at work, sorry. I'm the one who did the >> server configuration so my bet is "operator error", just not sure how to >> fix it. >> >> Appreciate any help you can provide. Thanks! >> >> Leam >> >> >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org >> For additional commands, e-mail: users-h...@httpd.apache.org >> >>
