1

I am installing moodle in rhel instance. I want to keep the directory 'moodle' outside of the /var/www/http. I followed this documentation. In order to define the moodle directory, I updated the /etc/httpd/conf/httpd.conf file as following: 

<Directory "/usr/moodle_dir/moodle">
DirectoryIndex index.php
AcceptPathInfo on
AllowOverride None
Options None
Order allow,deny
Allow from all
</Directory>
Alias /moodle "/usr/moodle_dir/moodle"

All moodle contents are in the moodle directory. I disabled the SELinux by setenforce 0.

I set the file permission as : 

chown -R apache:apache /usr/moodle_dir

When I hit the URL in the browser it says

You don't have permission to access /moodle on this server.

Can anyone let me know please where the issue is ? (when I put the moodle directory inside www/http, then moodle page was loaded in browser.) Php version 7.3, rhel: 7.7. Moodle 3.8.2 [ the latest]

UPDATE: I added created a directory inside /var/www/html/test and updated the <Directory entry and Alias accordingly. Then it worked. That means, the directory reference is working. There is something else blocking httpd to access an outside www/html directory.

Débora
  • 157
  • 1
  • 7
  • You did restart Apache after the configuration update? Who owns www/html ? You do have an index.php in /usr/moodle_dir/moodle ? The tutorial you referenced, talks about /usr/moodle_data and /usr/moodle, not /usr/moodle_dir. – Gerard H. Pille Apr 27 '20 at 11:38
  • @GerardH.Pille, Thanks for your attention. I restarted httpd every time I make changes. Regarding directory structure: I changed the names for my easiest and my prefered reference pattern. But Just Followed the tutorial's directory structure. – Débora Apr 28 '20 at 06:33
  • Who owns www/html? Are selinux or acl's in play? – Gerard H. Pille Apr 28 '20 at 06:36
  • drwxrwxrwx. 3 apache apache 29 Apr 24 11:50 html .. I have disabled selinux to ease all these configs. – Débora Apr 28 '20 at 06:48
  • Could you add the rest of your Apache configuration concerning php to your question? – Gerard H. Pille Apr 28 '20 at 08:10
  • Did you reboot since disabling selinux? – Gerard H. Pille Apr 28 '20 at 10:40
  • Yes. when I run command "getenforce", it returns "Disabled" – Débora Apr 28 '20 at 10:44
  • I've tried this myself, with /usr/moodle/moodle and /usr/moodle_data/moodle, Apache 2.4 & PostgreSQL. Got it working. What have you got for wwwroot and dataroot in your config.php? Did you try cleaning out /usr/moodle_data/moodle? Why is the html folder drwxrwxrwx? Is Apache not run by user apache? – Gerard H. Pille Apr 28 '20 at 14:28
  • I m sorry, can you explain bit: " What have you got for wwwroot and dataroot in your config.php? " . I tested a different directory also rather than cleaning. But no luck. Apache is run by apache user. I gave full permission just in case an issue of a permission. But still it didn't work. – Débora Apr 28 '20 at 14:36
  • I have /etc/php.ini file but I haven't made any special config in it. it has default settings. – Débora Apr 28 '20 at 14:47
  • My Apache version: Server version: Apache/2.4.6 (Red Hat Enterprise Linux) – Débora Apr 28 '20 at 15:04
  • But it says Apache-2.2 in the tags!! Order and Allow should be replaced by 'Required all granted" ! I was talking about /usr/moodle/moodle/config.php (for the wwwroot and wwwdata). – Gerard H. Pille Apr 28 '20 at 15:09
  • when I did this: Order and Allow should be replaced by 'Required all granted" , I couldn't restart httpd as it failed. Since I sticked to default settings, there is no config.php files.It only has config-dist.php. When I install by putting directly into the www/html, it worked without this config.php – Débora Apr 28 '20 at 15:35
  • Why did you skip "Setup config.php" from the RedHat Linux Installation guide? If "Required all granted" was not accepted, perhaps mod_authz_host module wasn't loaded? – Gerard H. Pille Apr 28 '20 at 15:58
  • @GerardH.Pille. Thank you so much for all the way you supported so far. finally IT WORKED. The solution is what you meant: Require all granted. The letter 'd' not valid, that is why earlier it failed :) . ( Just to answer your question, I skipped that setup because I simply wanted the page get loaded, once loaded, I can setup the rest. Finally, it worked. I mark your answer as accepted. but edit your answer below as your solution is 'Require all granted" . (without 'd' ) so that it will be useful to anyone else in future. . You are highly appreciated. – Débora Apr 28 '20 at 16:05
  • This was a challenge, wasn't it? ;-) Please change the tag to Apache 2.4. And sorry for the typo! – Gerard H. Pille Apr 28 '20 at 16:10
  • Yes it was. I changed the tag. Still I can't see your answer updated. If you can update, it will be useful for others too. Usually people don't read comments. Thanks once again. Life safely – Débora Apr 28 '20 at 16:14
  • I live safely, always carrying a mask in my pocket. 't Was a pleasure working with you. – Gerard H. Pille Apr 28 '20 at 16:16

1 Answers1

1

With Apache 2.4,

Order allow,deny
Allow from all

Should be replaced by

Require all granted

Check your php.ini, if open_basedir has not been set to /var/www/html/...

; open_basedir, if set, limits all file operations to the defined directory
; and below.  This directive makes most sense if used in a per-directory
; or per-virtualhost web server configuration file.
; http://php.net/open-basedir
;open_basedir =

Also, would you be using fpm-php, check the process owner and if chroot has been set in its configuration, eg. /etc/php/7.0/fpm/pool.d/www.conf:

; Chroot to this directory at the start. This value must be defined as an
; absolute path. When this value is not set, chroot is not used.
; Note: you can prefix with '$prefix' to chroot to the pool prefix or one
; of its subdirectories. If the pool prefix is not set, the global prefix
; will be used instead.
; Note: chrooting is a great security feature and should be used whenever
;       possible. However, all PHP paths will be relative to the chroot
;       (error_log, sessions.save_path, ...).
; Default Value: not set
;chroot =
Gerard H. Pille
  • 2,569
  • 1
  • 13
  • 11
  • Thanks Gerard, There is no any chroot set in www.conf. ;open_basedir = nothing was set. Then I set to /var/www/html , but no luck . then I changed to my /usr/moodle_dir . It has no luck. Still the page says "You don't have permission to access /moodle on this server." When I simply put my moodle folder into /html, then it worked. but I want it to be outside of default /var/www/html. However, I haven't changed my default settings before. – Débora Apr 28 '20 at 09:31
  • As you said, the directory entry mofication " Require all granted" worked. Thanks so much. – Débora Apr 28 '20 at 16:07