Why can't I replace my Apache2 /www folder with a symlink?

Question

I installed Apache 2.4.6 on Ubuntu 13.10 and put some html files in /var/www/, the default base folder. I then needed to share those html files to a synced Dropbox folder, so I moved the www folder into my Dropbox folder and replaced it with a symlink of the same name. Note that the www folder in Dropbox has read permission. Now, when I refresh my website, Chrome reads

You don't have permission to access / on this server

Why won't moving the www folder to my synced Dropbox folder work (after replacing the original folder with a symlink)? I didn't think that Apache would notice the difference between the link to the www folder and the actual www folder. And how do I make Apache follow the www symlink and display properly? Is it a Dropbox issue or an Apache issue?

Also, my /etc/apache2/apache2.conf file originally said:

<Directory /> 
Option FollowSymLinks 
AllowOverride None 
Require all denied 
</Directory>

And changing it to...

<Directory /> 
Option +FollowSymLinks 
AllowOverride None 
Require all denied 
</Directory>

(Adding a plus) didn't make any difference.

Oh, and apache2 -k restart throws me:

"Config variable ${APACHE_LOG_DIR} is not defined"

and:

"Invalid Mutex directory in argument file:${APACHE_LOCK_DIR}"

Restarting and stop/start didn't work. Also, changing the permissions to Other:read_only for the folder and subfolder made no difference (although the Dropbox folder originally did not grant such permission)

Any other ideas?

I tried undoing what I had done and replacing the symlink to the www folder with the actual www folder. The website is able to display again. But I still want the actual www folder to by in my Dropbox syncing folder :-( — John-Michael Reed, Mar 27 '14 at 00:52
Are you sure about `Require all denied` ? what about `Require all granted` ? — krisFR, Mar 27 '14 at 01:34
OK, so I tried "apache2 -k restart, apache2 -k stop, and apache2 -k start" and for all of there, I get "Invalid Mutex directory in argument file:${APACHE_LOCK_DIR}". This happens whether I try it remotely or at the server directly. Also, I still can't access my site via the symlink. Lemme check the permissions. — John-Michael Reed, Mar 27 '14 at 01:39
Okay, so it still doesn't work after checking all the permissions. — John-Michael Reed, Mar 27 '14 at 01:42

krisFR · Answer 1 · 2014-03-27T09:16:14.773

1

You have to make sure that all directories on the path to /path/to/your/folder/www have the x bit set, either for others or for www-data user.

edited Mar 27 '14 at 09:16

answered Mar 27 '14 at 03:02

krisFR

13,280
4
36
42

EEAA · Answer 2 · 2014-03-27T01:29:23.330

0

By default, Apache will not follow symlinks. To enable this behavior, you need to add the following to the <Directory> section of your vhost configuration:

Options +FollowSymLinks

That said, I'd highly recommend against using Dropbox for this. There are plenty of other much more secure options out there to accomplish easy file deployment.

Another thing to verify is that the apache user has permissions to read files in your web root. If your Dropbox folder is in your home directory, the apache user most likely does not have read permissions. (Yet another reason to not use Dropbox)

edited Mar 27 '14 at 01:29

answered Mar 27 '14 at 00:53

EEAA

109,363
18
175
245

I'm sorry to be asking such a basic question, but where is that folder located? And do I just copy and paste that line on the bottom of the file? – John-Michael Reed Mar 27 '14 at 00:55
Also, it's just a school project and Dropbox works really well for it. Syncs easier than GitHub. – John-Michael Reed Mar 27 '14 at 00:56
1

You're running an apache server. No offense, but you owe it to yourself to know where its configuration files are stored. Do some research and figure it out. This is a site for professionals and we expect professional-level effort to be applied by all parties. – EEAA Mar 27 '14 at 00:57
2

Dropbox is a consumer-grade file syncing tool. It has no place on a professionally-run web server. I understand this is a school project, but you asked on Serverfault, so you're getting the *right* answer whether you like it or not. – EEAA Mar 27 '14 at 00:58
You owe it to yourself to learn how deployment is done *now*, as opposed to having to scramble and learn it when you get your first job. I guaranty you, you will not find Dropbox being used in this manner in any professional setting. – EEAA Mar 27 '14 at 01:02
I apologize if I'm coming off as harsh - that's not my intention. I'm just trying to deliver the message that 1) this is a broken solution as proposed, 2) there are much better tools out there that are much more secure and reliable and 3) you're going to need to learn the other tools anyway, so why not do it now and get a jump on your peers? – EEAA Mar 27 '14 at 01:04
@EEAA ok, that is enough, i think... – krisFR Mar 27 '14 at 01:04
@user2196728 Hello there, peanut gallery. :) – EEAA Mar 27 '14 at 01:05
You're not making the friendliest impression on prospective future computer people. But you know your stuff. Now I'm going to spend the next fifteen minutes Googling "Apache location of vhost.conf file". Here's best answer to you. – John-Michael Reed Mar 27 '14 at 01:09
Like I said, not trying to be harsh, just realistic. It's much better for you to learn these things for yourself now, early in your career. If I spoon-fed you an answer (which as a rule, we don't do here), you wouldn't learn as much as you will about apache through the process you're going to go though now. By all means, come back and ask questions as they come to you, but know that we expect a certain level of personal research, and will give answers appropriate in a professional-level environment. Cheers! – EEAA Mar 27 '14 at 01:13
`apache2ctl -S` will tell you the vhosts you have running and the location of their config files – LinuxDevOps Mar 27 '14 at 01:14
Oh, virtual host is in the apache2.conf file! I looked at that file about five times before I realized that there was no vhost.conf file. – John-Michael Reed Mar 27 '14 at 01:16
And it already says "Option FollowSymlinks". EEAA just added one character - the "+" - to make the file say "Option +FollowSymlinks". Oh wait, that change didn't fix anything. – John-Michael Reed Mar 27 '14 at 01:18
Who is "he"? Please edit your question and add the contents of your vhost declaration. – EEAA Mar 27 '14 at 01:19
@EEAA I guess "he" is you :) – krisFR Mar 27 '14 at 01:20
@John-Michael Reed This starts to become interesting : you mean that adding `+` still does not work ? – krisFR Mar 27 '14 at 01:23
The file apache2.conf is in /etc/apache2/ and it says: Option +Follow SymLinks AllowOverride None Require all denied – John-Michael Reed Mar 27 '14 at 01:23
@John-MichaelReed Please, edit your question with that info. That way it can benefit from proper formatting and it won't get nuked if a mod decides to remove these comments (which does happen). Comments on SE are ephemeral. – EEAA Mar 27 '14 at 01:25
Will do. Also, I took off best answer. – John-Michael Reed Mar 27 '14 at 01:27
The Apache user (Other) does have read only permission. Looks like we're all out of ideas. – John-Michael Reed Mar 27 '14 at 01:49

Why can't I replace my Apache2 /www folder with a symlink?

2 Answers2