• Welcome to Overclockers Forums! Join us to reply in threads, receive reduced ads, and to customize your site experience!

Apache not following symlinks?

Overclockers is supported by our readers. When you click a link to make a purchase, we may earn a commission. Learn More.

bLack0ut

Member
Joined
Dec 21, 2004
I have my apache webserver to chroot into /var/www/htdocs as a home directory. I added a symlink "share" in that directory that links to /files, a completely separate mounted filesystem. When I browse the mapped network drive, it follows the symlink alright, but when I attempt to browse using http, i.e. mysite.com/share, it gives me a 404 error and the log says the file doesn't exist, even though it does(as a symlink).

I have already made sure /var/www/htdocs has followsymlinks on, so I don't know what the problem is.

EDIT: If the mods think this in the wrong spot, feel free to move it.
 
Now, let's think about what the symlink adds to the system.

As of now, what is the point of Apache2? To server files requested to people but make sure that people only get files that they are allowed to get. If you add the symlink into the equation, then they might gain access to some bad places.

The first link on google (apache + symlink) gave the solution. I have never tried it myself, but here is what it says: (from google search)
08-30-2003, 10:54 PM
Assuming the default apache install, you'll have to find the file /etc/httpd/httpd.conf and modify it (as root). Doing a:
sudo pico /etc/httpd/httpd.conf
should work nicely

Find the <Directory /> tag (about 39% of the way through the file, methinks) and add the line
Options FollowSymLinks
so that the code block looks like this:
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
Then you'll have to restart apache from the System Preferences place (go to sharing and turn off/back on the Personal Web Sharing).

Hopefully this'll work for you :)

Also, be sure to take care that the *target* of the symlink, and any directory containing it, has read (and execute, for directory) permissions for "other." I won't tell you how long it took before I realized the default OS X permissions for the ~/Documents folder was 700 :)
 
Yep that's actually the default Apache config, so I've already done that the symlinks change. I've also checked permissions.

Let me elaborate on my setup:

On my server, apache serves web documents from /var/www/htdocs. Within htdocs all I have is an index.php page atm.

On that same server, I have some files mounted under /share. I want apache to be able to serve those files. Thus, I did

Code:
cd /var/www/htdocs
ln -s /share sharez

This created a symlink within the htdocs folder, which I could see when I browsed the samba share mapped network drive. It worked fine while browsing with explorer.

Then I attempted to connect to my server (remotely, not locally) through port 80, and the index page worked fine. However, although www.mysite.com worked fine, www.mysite.com/sharez did not resolve. I have both directory browsing and follow symlinks on.

Does apache need some special permissions to serve files from a different mount? I feel like its more a problem with URLs than symlinks themselves, but I'm not really sure.


EDIT: Btw, its on OpenBSD.
 
Ok, I'm an idiot for not realizing that Apache has a built in safety feature that disallows access to anything outside of Document Root. Basically, it read my symlinks as null since they pointed outside of the document root.
 
Back