You don't have permission to access /pipermail/ on this server.

Paul Howarth paul at city-fan.org
Mon Apr 24 13:35:54 UTC 2006


On Sat, 2006-04-22 at 15:44 -0800, Noah wrote:
> > > > > mailman-2.1.7
> > > > > apache 2.2.0
> > > > > 
> > > > > Okay I just upgrade from apache 1.3.x to apache 2.2.0 and arriving at a
> > > > > permissions problem when viewing pipermail mailman directories.  
> > > > > 
> > > > > 
> > > > > 
> > > > > --- Browser error message ---
> > > > > 
> > > > > You don't have permission to access /pipermail/list/ on this server.
> > > > > Additionally, a 403 Forbidden error was encountered while trying to use an
> > > > > ErrorDocument to handle the request.
> > > > > 
> > > > > --- snip ---
> > > > > 
> > > > > Here is what apache places in the error_log:
> > > > > 
> > > > > --- snip ---
> > > > > 
> > > > > Symbolic link not allowed or link target not accessible:
> > > > > /usr/home/mailman/archives/public/list, referer:
> > > > > http://hostname.garbled.com/mailman/listinfo/list
> > > > > 
> > > > > ---- snip ----
> > > > > 
> > > > > 
> > > > > Here is what I've done so far:
> > > > > 
> > > > > ---- apache httpd.conf file ----
> > > > > 
> > > > > in the virtual host stanza
> > > > > 
> > > > >         ScriptAlias /mailman/ /usr/home/mailman/cgi-bin/
> > > > >         Alias /pipermail/ /usr/home/mailman/archives/public/
> > > > >         Alias /icons/ /usr/home/mailman/icons/
> > > > >         <Directory /usr/home/mailman/archives/public/>
> > > > >                   Options +FollowSymlinks
> > > > >                   Allow from all 
> > > > >         </Directory>
> > > > > 
> > > > > --- snip ---
> > > > > 
> > > > > then restarted apache.
> > > > > 
> > > > > --- snip ---
> > > > > 
> > > > > looks like the directories have proper permissions:
> > > > > typhoon# ls -ld /usr/local/mailman/archives/private
> > > > > drwxrws---  103 mailman  mailman  2560 Apr 21 21:49
> > > > > /usr/local/mailman/archives/private
> > > > > typhoon# ls -ld /usr/local/mailman/archives/public/
> > > > > drwxrwsr-x  2 mailman  mailman  1536 Apr 21 21:49
> > > > > /usr/local/mailman/archives/public/
> > > > > typhoon# ls -ld /usr/local/mailman/archives/public/list
> > > > > lrwxr-xr-x  1 root  mailman  54 Apr 21 19:00
> > > > > /usr/local/mailman/archives/public/list ->
> > > > > /usr/local/mailman/archives/private/list
> > > > > typhoon# ls -ld /usr/local/mailman/archives/private/list
> > > > > drwxrwsr-x  50 www  mailman  4096 Apr 21 18:34
> > > > > /usr/local/mailman/archives/private/list
> > > > > 
> > > > > --- snip ---
> > > > > 
> > > > > 
> > > > > 
> > > > > what else could be the problem here?
> > > > 
> > > > 1. Are you running SELinux? If yes, see my response to your previous
> > > > posting on this subject.
> > > 
> > > 
> > > nope - FC
> > > 
> > > > 
> > > > 2. Is the apache user a member of the mailman group? If not, how is the
> > > > web server (usually running as user apache, group apache) supposed to
> > > > read things under /usr/local/mailman/archives/private, which has no
> > > > permissions open for anyone other than user and group apache?
> > > 
> > > 
> > > hmmm - that didnt fix it.
> > > 
> > > I did this:
> > > mailman:*:89:www
> > > 
> > > also a side note - my private archieves are viewable.  its only the public
> > > archives that are getting the 403 error.
> > 
> > The next oddity I notice is that your virtual host configuration
> > specifies /usr/home/mailman yet your files live
> > under /usr/local/mailman. I'm guessing you've got a symlink somewhere
> > but you may need a <Directory> section for the directory containing the
> > symlink too.
> 
> 
> Hey Paul,
> 
> great points.  I am still seeing things not working properly.
> 
> Here is the apache error:
> 
> --- snip ---
> 
> Symbolic link not allowed or link target not accessible:
> /usr/local/mailman/archives/public/list, referer:
> http://hostname.garbled.com/mailman/listinfo/list
> 
> --- snip ---
> 
> 
> here is how my httpd.lists.conf file looks now - I have it places in the
> /usr/local/etc/apache/Includes directory
> 
> --- snip ---
> 
>         <Directory /usr/local/mailman/archives/public/>
>                 Options All
>                 Order allow,deny
>                 Allow from all
>         </Directory>
> 
>         <Directory /usr/home/mailman/archives/public/>
>                 Options All
>                 Order allow,deny
>                 Allow from all
>         </Directory>
> 
>         <Directory /usr/local/mailman/archives/private/>
>                 Options +FollowSymLinks
>                 Order allow,deny
>                 Allow from all
>         </Directory>
> 
> 
> --- snip ---

Where is your symlink?

Does the <Directory> stanza for the place where the symlink is have the
FollowSymLinks option set?

Paul.




More information about the fedora-list mailing list