I've got a brand new CentOS 6 installation, which has a symlink in the document root to my development files:
[root@localhost html]# ls -l
total 4
-rwxrwxrwx. 1 root root 0 Sep 18 20:16 index.html
-rwxrwxrwx. 1 root root 17 Sep 18 20:16 index.php
lrwxrwxrwx. 1 root root 24 Sep 18 20:19 refresh-app -> /home/billy/refresh-app/
My httpd.conf has this:
<Directory "/">
Options All
AllowOverride None
Order allow,deny
Allow from all
</directory>
The target of the symbolic link has permissions which should allow apache to read anything it wants:
[root@localhost billy]# ls -l
total 40 (Some entries were omitted because the list was too long
drwxr-xr-x. 7 billy billy 4096 Sep 18 20:03 refresh-app
I've also tried disabling SELinux by changing /etc/selinux/conf:
SELINUX=disabled
Yet no matter what I do, when someone tries to go to that link, http://localhost/refresh-app/, I get a 403 FORBIDDEN error page and this is written in the /var/log/httpd/error_log:
Symbolic link not allowed or link target not accessible
Why can't Apache access the target of the symlink?
Best Answer
Found the issue. Turns out, Apache wants access to not just the directory I'm serving,
/home/billy/refresh-app/, but also every directory above that, namely/home/billy/,/home, and/. (I have no idea why... giving someone access to a subdirectory shouldn't require giving away permissions to everything above that subdirectory....)I would guess it's looking for
.htaccessor something, or perhaps *nix being strange about how it treats permissions for directory transversal.