Apache – Httpd – SELinux – Permission denied – File Permissions Deny Server Access
As mentioned in an earlier post, I have been actively working on melikedrinks.com, as such I am constantly adding new drink inventory which means I have to generate a new sitemap on a fairly regular basis. Today I generated a new sitemap and tried to submit it via Google Webmaster Tools, but upon submission I received a 403 (forbidden error). At first I couldn’t figure out why this was happening, the permission on the sitemap file (and associated dirs) was 664 (775), so apache definitely had access to the file. So I check the apache error log and noticed the; Permission denied: file permissions deny server access: entry. So after a few minutes of rechecking the file permissions, I remembered that I have SELinux enabled and enforcing, so I do a `ls -lZa` and sure enough, the permission type was user_tmp_t when it should have been httpd_sys_rw_content_t. Then I had the aha moment, when the sitemap file is generated it is dropped in the /tmp dir, so I just did a copy from /tmp to the production path, but forgot to change the permission type.
Heres the command I ran to change the permission type:
$ -> sudo chcon -R -v -t httpd_sys_rw_content_t sitemap.xml
Now when I do `ls -lZa`, the permission type is correctly set to httpd_sys_rw_content_t, and when I resubmitted the sitemap to Google Webmaster Tools, everything worked as expected.
- virsh – Refusing to undefine while domain managed save image exists
- Git – Revert Multiple Locally Changed Files
- Linux – SELinux – SEModule – Compile .pp module from .te file
- Linux – Using Curl to Test Response Headers
- CentOS – sealert – Convert audit messages into human readable (and understandable) format
- MySQL – Percona – Release Notes – Identifying Changes Between Versions
- Linux – CentOS – Install Mycrypt
- Linux – CentOS – GIT – Version Mismatch – CentOS5 CentOS6
- Linux – PHP – Apache – HTTP Error 500
- Linux – CentOS6 – Git – fatal – Where do you want to fetch from today?