Permission denied because search permissions are missing on a component of the path, after chmod and chgrp

linux permissions apache-http-server centos-7

Finally figured out a fix. I ran these 2 functions to recursively file the folder and file permissions of www and within.

find /var/www -type d -exec chmod 755 {} \;
find /var/www -type f -exec chmod 644 {} \;

I read this page here: https://wiki.apache.org/httpd/13PermissionDenied and it basically explained and reminded me that permissions are inherited, "do the same for the directory and each parent directory." So I ran those 2 and everything is working again.


Usually the execute permission for one path is not set, like it was in this question. The easiest way to solve this is the following command:

chmod a+rX -R /var/www

But on using CentOS7 or RHEL7 you might encounter problems with SELinux. If file permission are right and you still get the error, look at the following log:

tail -f /var/log/audit/audit.log

If you get a message like this:

type=AVC msg=audit(1464350432.916:8222): avc:  denied  { getattr } for  pid=17526 comm="httpd" path="/var/www/app/index.html" dev="sda1" ino=42021595 scontext=system_u:system_r:httpd_t:s0 tcontext=unconfined_u:object_r:var_t:s0 tclass=file
type=SYSCALL msg=audit(1464350432.916:8222): arch=c000003e syscall=4 success=no exit=-13 a0=7fde4e450d40 a1=7ffd05e79640 a2=7ffd05e79640 a3=7fde42e43792 items=0 ppid=17524 pid=17526 auid=4294967295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) ses=4294967295 comm="httpd" exe="/usr/sbin/httpd" subj=system_u:system_r:httpd_t:s0 key=(null)

This means: SELinux blocks the access to your document root. You can try a command like this (Recursive and verbose on option -Rv):

chcon  --user system_u --type httpd_sys_content_t -Rv /var/www/app/public

To find the right settings, look into a working directory like /var/www/html with this:

ls -laZ /var/www/

It should look like:

drwxr-xr-x. server server system_u:object_r:httpd_sys_content_t:s0 .
drwxr-xr-x. root   root   system_u:object_r:var_t:s0       ..
drwxr-xr-x. server server system_u:object_r:httpd_sys_script_exec_t:s0 cgi-bin
drwxr-xr-x. server server system_u:object_r:httpd_sys_content_t:s0 html
drwxrwxr-x. server server unconfined_u:object_r:var_t:s0   app

Related

Force bash script to use tee without piping from the command line
How to invoke a program in Windows from command prompt?
Why can I ping google.com, but not nasa.gov?
How do I input Greek characters in Ubuntu?
Why aren't CPUs bigger? [closed]
Keyboard shortcut for moving a window to another screen
Run pip for python3 on Fedora
How can I connect via SSH (Putty) to my VMWare machine (Ubuntu)?
Are Linux commands interchangeable with Unix commands?
I broke the Windows Linux Subsystem (Bash on Ubuntu on Windows 10). Linux Help?
Reaching a device in my LAN from the Internet
Where does WinSCP store site's password?