Friday, June 29, 2012

First post! Configuring Apache 2 for use with user directories (UserDir)

Several people have mentioned that I need to have a blog to enhance my online technical presence, or something like that.  So here goes...

I'm teaching myself how to setup and use a LAMP (Linux/Apache/MySQL/PHP) stack.  I've already learned a little PHP but I wanted to try my hand at making a sub-directory of a user's home directory available as a place to access web pages (and PHP code).  After setting up Apache in a virtual machine (VM) running on my my laptop (VirtualBox running on Fedora 14), I took a look at the configuration file to see how to do this.  The instructions were clear about how to do all this.  So after I created the directory public_html and changing the permissions of everything from my home directory down to my test file, I restarted Apache and put the URL for the test page into my browser...  And got the dreaded 403 Forbidden message.  I'd seen this before but had never solved it in the past.  This time I did a Google search (and I really use Google!) on the error and found that the problem may be with Security-Enhanced Linux (SELinux).  The first thing that the helpful sight suggested was to turn off SELinux and try again.  With SELinux off it showed me the test page, which was a little three line PHP script:

echo "Hello Web!";

So now I know that I was being blocked SELinux.  I turned SELinux back on and took another look at the website where I found the suggestion to see what I had to do next.  It mentioned the chcon (change context) command to set the correct context for the file, and the directories involved.  The issue was the file type needed to be httpd_sys_content_t for my home directory, content directory (public_html), and the content files.  The command was something like:

chcon -t httpd_sys_content_t <filename>

After make this change I restarted Apache again, just to be sure, and tried the URL one more time.  Success!  I now had a functioning web server on a "remote" machine (remember that it is running in a VM) that allowed me to put the content for users in their home directories.

The only part of this that concerns me is the the user's home directory (i.e. /home/<username>) has to have the SELinux file type mentioned above if the content is accessible to others.  If some other application needs the home directory to have a specific file type, can more than one be applied to the directory?  That's a Google search for another time.

My lessons continue.  I'm slowly approaching the part of the book (see info below) that describes how to access a database from a web page.  After I finish learning from this book, I will try these scripts again but accessing a PostgreSQL database instead.  And then I will try Perl instead of PHP.

For completeness, here is the hardware and software I'm using to do all of this:

Laptop: Toshiba Satellite E205-S1904
Host OS: Fedora 14
Virtualization software: Oracle VirtualBox
Guest OS: CentOS 6.2
Web Server: Apache 2
Book: Sams Teach Yourself PHP, MySQL and Apache All in One (3rd Edition)

Coming soon: Setting up a DNS server (in a VM); Installing Puppet Master on an unsupported system; Learning how to manage a consulting business; and much more!

1 comment:

  1. With the help of your article,I learn the new concepts of post configuring in apache 2.Please share more article related to this.I am eagerly waiting for your new article.hire mobile app developer