So I'm having this really weird problem that I've worked around, but I don't understand why it's happening.
I have a file I'm hosting via httpd. Below is a list of things I've tested/thought of to try to explain what's going on:
- When I try to access the file, I get a 403.
- When I do an Index listing in Apache, it doesn't even show up but other files do
- Other files in the directory that are 644 show up in Indexes and I can access them
- Set permissions to 777 and still get 403 and no index listing
- if I try to access a bogus file in the same directory, I get a 404
- I create a hardlink to the file and the hardlink doesn't show up in index and I can't access it
- I create a copy of the file and it shows up in the listing and I can access it
- I move the original to .bak and move the copy to the same file name as the original and I can still access the copy but not the original
- I try to su - apache to head the original and I am able to
- stat seems to show everything being the same between the two except the time and inode values
- access_log and error_log shows the correct file is being accessed and I'm getting a 403 in both [Tue Apr 22 14:27:14 2014] [error] [client XXX.XXX.XXX.XXX] (13) Permission denied: access to /PATH/ACE+TAO-6.2.0-1.el6.x86_64.rpm denied
Is there anything anyone else can think of that I should try to explain what is going on here? I'm inclined to think it's an httpd issue since I can cp, stat, and head the file without issues. But I don't know how to go about testing it.
$ getfacl ACE+TAO-6.2.0-1.el6.x86_64.rpm
# file: ACE+TAO-6.2.0-1.el6.x86_64.rpm
# owner: root
# group: root
user::rw-
group::r--
other::r--
$ ls -lZ ACE+TAO-6.2.0-1.el6.x86_64.rpm
-rw-r--r--. root root unconfined_u:object_r:admin_home_t:s0 ACE+TAO-6.2.0-1.el6.x86_64.rpm
