0

I have apache2 running on Ubuntu 14.04.2 LTS. The problem is, I keeps getting the following error (tail -f /var/log/apache2/error.log)

 [Wed Jun 10 18:18:56.114203 2015] [core:error] [pid 14802] [client 10.0.0.100:48843] AH00037: Symbolic link not allowed or link target not accessible: /var/www/html/xxxx

In file: /etc/apache2/sites-enabled/000-default.conf I have

    DocumentRoot /var/www/html
    <Directory />
            Options +FollowSymLinks
            AllowOverride None
    </Directory>

In /var/www/html directory, I have a softlink called "xxxx" pointing to /root/xxxx

I restarted the apache by

service apache2 restart

But it didn't help.

Any ideas?

7ochem
  • 280
  • 1
  • 3
  • 12
packetie
  • 129
  • 6

2 Answers2

1

Turns out my /root directory didn't have the right permission for www-data account. Its permission was "drwx------". I did a command chmod a+rx" /root and it works fine now.

packetie
  • 129
  • 6
0

Here are some other possibilities for better security since /root is normally only accessible by root.

If /root/xxxx is a folder, then you don't need to give everyone read access to the /root folder, you can be more restrictive and just give everyone +x which will allow them to traverse the /root folder and get to /root/xxxx since the path is known, but not read other stuff that's in /root.

If /root/xxxx is a file, another approach is to create a script which is only modifiable by root (to be extra safe, use chattr +i command to make it immutable) which performs the operations on it that you want Apache to be able to do (such as reading it). Then, using the sudoers file, allow the Apache user to run that script as root using the sudo command without being prompted for a password.

sa289
  • 1,318
  • 2
  • 18
  • 44