Ich möchte unter Debian 12 und apache 2.4.59-1~deb12u1 die userdir-Funktion aktivieren, so dass ich meine Websites lokal unter http://127.0.0.1/~rainer aufrufen kann und scheitere hartnäckig.
Was ich versucht habe:
Code: Alles auswählen
a2enmod userdir
sudo systemctl restart apache2
chmod 755 ~/public_html/
chmod 755 ~/public_html/index.html
chmod +x ~/public_html/
chmod +x ~/public_html/index.htmlund
Code: Alles auswählen
sudo cat /var/log/apache2/error.logCode: Alles auswählen
[Fri Jun 07 12:42:37.270503 2024] [core:error] [pid 4535] (13)Permission denied: [client 127.0.0.1:50574] AH00035: access to /~rainer denied (filesystem path '/home/rainer/public_html') because search permissions are missing on a component of the pathCode: Alles auswählen
rainer@debian-rainer-laptop:~$ sudo cat /etc/apache2/mods-enabled/userdir.conf
UserDir public_html
UserDir disabled root
<Directory /home/*/public_html>
AllowOverride FileInfo AuthConfig Limit Indexes
Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
Require method GET POST OPTIONS
</Directory>
Code: Alles auswählen
rainer@debian-rainer-laptop:~$ sudo cat /etc/apache2/sites-enabled/000-default.conf
<VirtualHost *:80>
# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request's Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
#ServerName www.example.com
ServerAdmin webmaster@localhost
DocumentRoot /var/www/html
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
# For most configuration files from conf-available/, which are
# enabled or disabled at a global level, it is possible to
# include a line for only one particular virtual host. For example the
# following line enables the CGI configuration for this host only
# after it has been globally disabled with "a2disconf".
#Include conf-available/serve-cgi-bin.conf
</VirtualHost>Ich habe das Gefühl, dass das irgendwie mit Benutzern / Besitzern zu tun hat. Daher hier noch Informationen:
Code: Alles auswählen
rainer@debian-rainer-laptop:~$ namei -m -o ~/public_html/
f: /home/rainer/public_html/
drwxr-xr-x root root /
drwxr-xr-x root root home
drwx------ rainer rainer rainer
drwxr-xr-x rainer rainer public_html
Code: Alles auswählen
rainer@debian-rainer-laptop:~$ ps aux | grep apache
root 4533 0.0 0.4 271736 36832 ? Ss 12:31 0:00 /usr/sbin/apache2 -k start
www-data 4534 0.0 0.2 272384 18300 ? S 12:31 0:00 /usr/sbin/apache2 -k start
www-data 4535 0.0 0.2 272368 17696 ? S 12:31 0:00 /usr/sbin/apache2 -k start
www-data 4536 0.0 0.2 272320 16424 ? S 12:31 0:00 /usr/sbin/apache2 -k start
www-data 4537 0.0 0.2 272320 16424 ? S 12:31 0:00 /usr/sbin/apache2 -k start
www-data 4538 0.0 0.2 272320 16424 ? S 12:31 0:00 /usr/sbin/apache2 -k start
www-data 4553 0.0 0.2 272320 16424 ? S 12:31 0:00 /usr/sbin/apache2 -k start
rainer 7841 0.0 0.0 6352 2372 pts/0 S+ 12:51 0:00 grep apache
Code: Alles auswählen
rainer@debian-rainer-laptop:~$ grep 'www-data' /etc/group
www-data:x:33:rainer,www-data
Code: Alles auswählen
rainer@debian-rainer-laptop:~$ sudo cat /etc/selinux/semanage.conf
# Authors: Jason Tang <jtang@tresys.com>
#
# Copyright (C) 2004-2005 Tresys Technology, LLC
#
# This library is free software; you can redistribute it and/or
# modify it under the terms of the GNU Lesser General Public
# License as published by the Free Software Foundation; either
# version 2.1 of the License, or (at your option) any later version.
#
# This library is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
# Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public
# License along with this library; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
#
# Specify how libsemanage will interact with a SELinux policy manager.
# The four options are:
#
# "source" - libsemanage manipulates a source SELinux policy
# "direct" - libsemanage will write directly to a module store.
# /foo/bar - Write by way of a policy management server, whose
# named socket is at /foo/bar. The path must begin
# with a '/'.
# example.com:4242
# - Establish a TCP connection to a remote policy
# management server at example.com. If there is a colon
# then the remainder is interpreted as a port number;
# otherwise default to port 4242.
module-store = direct
# When generating the final linked and expanded policy, by default
# semanage will set the policy version to POLICYDB_VERSION_MAX, as
# given in <sepol/policydb.h>. Change this setting if a different
# version is necessary.
#policy-version = 19
# expand-check check neverallow rules when executing all semanage commands.
# Large penalty in time if you turn this on.
expand-check=0
# By default, semanage will generate policies for the SELinux target.
# To build policies for Xen, uncomment the following line.
#target-platform = xen
Viele Grüße,
Abt
