adaheem
asked on
Apache & Squid
hi
I want apache to be able to read files from /var/spool/squid/video_cac
I use squid v2.6. what commands needed? to have access of it instead of the Forbidden error .
I want apache to be able to read files from /var/spool/squid/video_cac
I use squid v2.6. what commands needed? to have access of it instead of the Forbidden error .
ASKER
hi
when i used the command su - apache it gives me: This account is currently not available.
when i use usermod -s /sbin/nologin apache , it accepts it
when i put in the browser http://192.186.10.1 it gives me the apache page
still have this forbidden error for http://192.186.10.1/video_cache/
when i used the command su - apache it gives me: This account is currently not available.
when i use usermod -s /sbin/nologin apache , it accepts it
when i put in the browser http://192.186.10.1 it gives me the apache page
still have this forbidden error for http://192.186.10.1/video_cache/
ASKER
where can i see the result of the chown and chmod ???
ls -l /var/spool/ will print all directories in /var/spool/ and their owner/groups and directory mode.
I wrote usermod -s /bin/bash apache <- this enables bash for apache, after this command su - apache will return shell, not that message, to return old shell less apache account you had to write usermod -s /sbin/nologin apache
I wrote usermod -s /bin/bash apache <- this enables bash for apache, after this command su - apache will return shell, not that message, to return old shell less apache account you had to write usermod -s /sbin/nologin apache
ASKER
This was the result:
[root@star squid]# ls -l /var/spool/
total 112
drwxr-xr-x 2 root root 4096 Nov 12 00:48 anacron
drwx------ 3 daemon daemon 4096 Nov 12 00:39 at
drwxrwx--- 2 smmsp smmsp 4096 Mar 15 2007 clientmqueue
drwx------ 2 root root 4096 Nov 10 2007 cron
drwx--x--- 3 root lp 4096 Nov 12 00:38 cups
drwxr-xr-x 2 root root 4096 Mar 29 2007 lpd
drwxrwxr-x 2 root mail 4096 Nov 12 00:39 mail
drwx------ 2 root mail 4096 Mar 15 2007 mqueue
drwxr-xr-x 8 news news 4096 Nov 12 00:40 news
drwxr-xr-x 2 rpm rpm 4096 May 24 21:44 repackage
drwxr-xr-x 2 root root 4096 Jan 7 2007 rwho
drwxrwxrwt 2 root root 4096 May 26 00:41 samba
drwxr-x--- 19 squid squid 4096 Nov 12 03:18 squid
drwxrwxrwt 2 root root 4096 May 24 18:06 vbox
[root@star squid]# usermod -s /bin/bash apache
[root@star squid]# su - apache
-bash-3.2$
-bash-3.2$
[root@star squid]# ls -l /var/spool/
total 112
drwxr-xr-x 2 root root 4096 Nov 12 00:48 anacron
drwx------ 3 daemon daemon 4096 Nov 12 00:39 at
drwxrwx--- 2 smmsp smmsp 4096 Mar 15 2007 clientmqueue
drwx------ 2 root root 4096 Nov 10 2007 cron
drwx--x--- 3 root lp 4096 Nov 12 00:38 cups
drwxr-xr-x 2 root root 4096 Mar 29 2007 lpd
drwxrwxr-x 2 root mail 4096 Nov 12 00:39 mail
drwx------ 2 root mail 4096 Mar 15 2007 mqueue
drwxr-xr-x 8 news news 4096 Nov 12 00:40 news
drwxr-xr-x 2 rpm rpm 4096 May 24 21:44 repackage
drwxr-xr-x 2 root root 4096 Jan 7 2007 rwho
drwxrwxrwt 2 root root 4096 May 26 00:41 samba
drwxr-x--- 19 squid squid 4096 Nov 12 03:18 squid
drwxrwxrwt 2 root root 4096 May 24 18:06 vbox
[root@star squid]# usermod -s /bin/bash apache
[root@star squid]# su - apache
-bash-3.2$
-bash-3.2$
Well squid directory is accessible only by squid (and root) apache doesn't have rights to enter there. There are two solution, change mode to 0755 (chmod 0755 /var/spool/squid), or change group (chown :apache /var/spool/squid). Both solution are not secure, but the second one is better (only apache and squid will be able to read files, not all other user on that server).
If you are using RHEL or centos, please also enter this command:
sestatus
Selinux might block request even after you change directory rights to correct ones.
If you are using RHEL or centos, please also enter this command:
sestatus
Selinux might block request even after you change directory rights to correct ones.
ASKER
hi
still not working
can i type the permission manually somewhere in a file?
still not working
can i type the permission manually somewhere in a file?
Please write output of this commands:
ls -l /var/spool/
sestatus
ls -l /var/spool/squid | grep video_cache
ls -l /var/spool/
sestatus
ls -l /var/spool/squid | grep video_cache
ASKER
[root@star ~]# ls -l /var/spool/
total 112
drwxr-xr-x 2 root root 4096 Nov 12 00:48 anacron
drwx------ 3 daemon daemon 4096 Nov 12 00:39 at
drwxrwx--- 2 smmsp smmsp 4096 Nov 12 04:04 clientmqueue
drwx------ 2 root root 4096 Nov 10 2007 cron
drwx--x--- 3 root lp 4096 Nov 12 00:38 cups
drwxr-xr-x 2 root root 4096 Mar 29 2007 lpd
drwxrwxr-x 2 root mail 4096 Nov 12 04:04 mail
drwx------ 2 root mail 4096 Nov 12 04:04 mqueue
drwxr-xr-x 8 news news 4096 Nov 12 00:40 news
drwxr-xr-x 2 rpm rpm 4096 May 24 21:44 repackage
drwxr-xr-x 2 root root 4096 Jan 7 2007 rwho
drwxrwxrwt 2 root root 4096 May 26 00:41 samba
drwxr-xr-x 19 squid apache 4096 Nov 12 03:18 squid
drwxrwxrwt 2 root root 4096 May 24 18:06 vbox
You have new mail in /var/spool/mail/root
[root@star ~]# sestatus
SELinux status: disabled
[root@star ~]# ls -l /var/spool/squid | grep video_cache
drwxr-xr-x 11 root apache 4096 Nov 12 02:15 video_cache
total 112
drwxr-xr-x 2 root root 4096 Nov 12 00:48 anacron
drwx------ 3 daemon daemon 4096 Nov 12 00:39 at
drwxrwx--- 2 smmsp smmsp 4096 Nov 12 04:04 clientmqueue
drwx------ 2 root root 4096 Nov 10 2007 cron
drwx--x--- 3 root lp 4096 Nov 12 00:38 cups
drwxr-xr-x 2 root root 4096 Mar 29 2007 lpd
drwxrwxr-x 2 root mail 4096 Nov 12 04:04 mail
drwx------ 2 root mail 4096 Nov 12 04:04 mqueue
drwxr-xr-x 8 news news 4096 Nov 12 00:40 news
drwxr-xr-x 2 rpm rpm 4096 May 24 21:44 repackage
drwxr-xr-x 2 root root 4096 Jan 7 2007 rwho
drwxrwxrwt 2 root root 4096 May 26 00:41 samba
drwxr-xr-x 19 squid apache 4096 Nov 12 03:18 squid
drwxrwxrwt 2 root root 4096 May 24 18:06 vbox
You have new mail in /var/spool/mail/root
[root@star ~]# sestatus
SELinux status: disabled
[root@star ~]# ls -l /var/spool/squid | grep video_cache
drwxr-xr-x 11 root apache 4096 Nov 12 02:15 video_cache
Please provide error message from apache error log, and apache configuration part where you configured access to /var/spool/squid/video_cac
ASKER
ok
but httpd.conf cannot be attached ,here is the part:
<Directory "/var/spool/squid/video_ca
Order Allow,Deny
Allow from all
</Directory>
but httpd.conf cannot be attached ,here is the part:
<Directory "/var/spool/squid/video_ca
Order Allow,Deny
Allow from all
</Directory>
What is the documentroot? You can attach httpd.conf if you will rename it to httpd.txt
ASKER
Hi
you can see the setup file at http://www.cachevideos.com
youtube_cache-1.2.tar.gz
i can't upload its extension
httpd.txt
squid.txt
youtube-cache.txt
you can see the setup file at http://www.cachevideos.com
youtube_cache-1.2.tar.gz
i can't upload its extension
httpd.txt
squid.txt
youtube-cache.txt
hmm, in httpd.conf there is no <Directory "/var/spool/squid/video_ca
ASKER
still no luck
Ok, if you want to see your files, then as an experiment change documentroot to /var/spool/squid/video_cac
Btw, what link are you using when you test access to video_cache...
Btw, what link are you using when you test access to video_cache...
ASKER
From your given configuration it is not possible to access that directory, because you simply didn't tell apache to serve from there
Change
DocumentRoot "/var/www/html"
To
DocumentRoot "/var/spool/squid/"
And the use that link.
Change
DocumentRoot "/var/www/html"
To
DocumentRoot "/var/spool/squid/"
And the use that link.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
hi
there was a bug in the software i was using. its author has corrected it and now its working very fine .
thanks for the help
there was a bug in the software i was using. its author has corrected it and now its working very fine .
thanks for the help
ASKER
there was a bug in the software i was using and its corrected by the author. thanks for the help
usermod -s /bin/bash apache
su - apache
cd /var/spool/squid
cd video_cache
exit
usermod -s /sbin/nologin apache
Apache is the user apache is running under, on RHEL or centos (and most redhat based it is apache). If you cannot change dir to /var/spool/squid, then change mode to 0755, or change directory group to apache.