Apache: Isn't chmod 755 enough to set up symlink or alias on Apache httpd on Mac OS 10.5?
On my Mac OS 10.5 machine, I would like to set up a subfolder of ~/Documents
like ~/Documents/foo/html
to be http://localhost/foo.
The first thing I thought of doing is using Alias as follows:
Alias /foo /Users/someone/Documents/foo/html
<Directory "/Users/someone/Documents/foo/html">
Options Indexes FollowSymLinks MultiViews
Order allow,deny
Allow from all
</Directory>
This got me 403 Forbidden. In the error_log I got:
[error] [client ::1] (13)Permission denied: access to /foo denied
The subfolder in question has chmod 755 access. I've tried specifying likes like http://localhost/foo/test.php, but that didn't work either. Next, I tried the symlink route.
Went into /Library/WebServer/Documents
and made a symlink to ~/Documents/foo/html
. The document root has
Options Indexes FollowSymLinks MultiViews
This still got me 403 Forbidden:
Symbolic link not allowed or link target not accessible: /Library/WebServer/Documents/foo
What else do I need to set this up?
Solution:
$ chmod 755 ~/Documents
In general, the folder to be shared and all of its ancestor folder needs to be viewable by the www
service user.
I'll bet that some directory above the one you want to access doesn't have permissions to allow Apache to traverse it. Become the user that Apache is running as (sudo -i -u apache
or whatever), then try to change into the directory of interest and ls
it. If you can't (as expected), then try getting into the directories above it, one by one, until one lets you in. The subdirectory of that is that one that needs to have o+x
set. Lather, rinse, repeat as required.
Use +FollowSymlinks
Alias /foo /Users/someone/Documents/foo/html
<Directory "/Users/someone/Documents/foo/html">
Options +Indexes +FollowSymLinks +MultiViews
Order allow,deny
Allow from all
</Directory>
Check to ensure that file vault isn't enabled. I had the same problem. I tried everything else I could find. Nothing worked. But after an hour of trying to figure this out, I recalled that I had file vault enabled.
Disabling it resolved the problem.
Check the symlink ownership. Since you're on Mac OS X, then symlink owners can be changed.
In /Library/WebServer/Documents
do ls -l
If your symlink to ~/Documents/foo/html
is called foo
and has permissions like
lrwxr-xr-- 1 root wheel 27 2 Nov 17:00 foo -> /Users/username/Documents/foo/html
Then by default on OS X Apache runs as the _www user and _www group, so in the above mentioned case it won't be able to traverse the symlink to ~/Documents/foo/html
Run man 8 chown
on your system terminal, or look at it online man chown
You will see that using the -h
option will change the ownership of the symlink itself, rather than the file it points to (it's source).
Then you can do something like
sudo chown -h :_www foo
This will change the simlink to
lrwxr-xr-- 1 root _www 27 2 Nov 17:02 foo -> /Users/username/Documents/foo/html
and the Apache _www group will be able to traverse the link.