问题
I have what is almost certainly a newbie question. I expected to find the issue while writing this question, but I am still stuck.
I want to change the DocumentRoot for apache, but I keep getting the error message "DocumentRoot must be a directory".
Situation:
- The code is running in a virtual VMWare machine 4.0.4 build-744019
- The version of linux is Scientific Linux release 6.4 (Carbon)
- The version of apache is Apache/2.2.15 (Unix) (this is a yum install with nothing special)
In the httpd.conf
DocumentRoot "/home/stave/www"
When I restart, I get the message
Starting httpd: Syntax error on line 292 of /etc/httpd/conf/httpd.conf:
DocumentRoot must be a directory
Steps taken so far:
I ensured that the directory exists:
ls -asl /home/stave
4 drwxrwxrwx. 2 stave stave 4096 Feb 9 09:08 www
It even has a file in it "index.html", so I am very sure that the directory exists
I considered that it might be a priviledges issue so (this is a virtual development machine isolated from the internet, and I am troubleshooting so I am not too worried about security) as you can see I set the priviledges to 777.
I even changed the user that apache is running as (and confirmed that the change worked with ps) to stave to ensure that priviledges just shouldn't be an issue.
Stackoverflow
There are a few stack overflow answers, but most of them say "read the error message. It is saying that the directory doesn't actually exist". Others implied that there might a trailing slash at the end which would be bad.
Other websites
The most useful I found was this that advised
You probably got "DocumentRoot must be a directory" error even it is really a directory because of SELinux extensions. Run system-config-securitylevel (or redhat-config-securitylevel) to disable SELinux for httpd or give SELinux permissions to that directory: chcon -R -h -t httpd_sys_content_t /path/to/directory*
My version of linux isn't Security Enhanced Linux, so without understanding I tried it anyway: no effect.
Current situation
I have run out of ideas to try, so any diagnostic questions or advice would be greatly appreciated
回答1:
The link you posted under "Other websites" highlights the root cause of your problem, which is Selinux.
Unless the server is part of a super secure environment, I would simply disable Selinux.
On RedHat / CentOS / Scientific Linux this can easily be done by editing /etc/sysconfig/selinux - find the parameter "selinux" and change the option "enforcing" to "disabled" as per the extract below:
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=disabled
It is probably wise to reboot the server after making this change.
回答2:
You shouldn't just disable SELinux.
You need to set httpd_enable_homedirs to on.
yum -y install policycoreutils-python
setsebool -P httpd_enable_homedirs on
回答3:
I ran into this problem today as well and it was because I moved my DocumentRoot from /var/www/html to /srv/www/html. As part of our security policies, we do not have the option to just Disable SELinux.
SO my fix, as I discovered was to change the SELinux file context for /srv to match /var. A compromise yes, but still better than disabling it altogether. Other than that... I made sure /srv/www and all subfolders had the httpd_sys_content_t to match the folders under /var/www and all is well now.
回答4:
This is basically the same answer as David's, but just a little clearer, http serving directory has wrong SELinux security context set.
The full explanation to fix this is here, http://mybroadband.co.za/vb/showthread.php/588183-Fix-403-Forbidden-on-newly-configured-CentOS-6-5-httpd-server-(or-13-10-Ubuntu-LAMP)
My issue was that I was housing my websites inside a different directory than the documentroot path of /var/www/, so I had to follow the 3rd option in the link above to correct. I set the same file context of my /websites/ directory to match that of the /var/www/. What was odd is earlier versions of CentOS 5.5 must not have had the SELinux installed/enabled, because my other servers had no issue with this and when running the ls -Z at the command prompt displayed those folders as 'unlabeled'.
I'm running CentOS 6.5 on AWS from the official marketplace minimal install. So when I ran the ls -Z command on my folders I saw exactly what the link above shows as a possible issue.
Running the chcon command fixed my issue!
Just replace html/ with the directory you want to use!
chcon -Rv --type=httpd_sys_content_t html/
chcon -Rv --user=system_u html/
On a side note I also had to disable iptables to get the routing working, the defaults were serving up blank pages.
service iptables stop
Hope that helps anyone with the same issue.
回答5:
Envirnoment: Linux - root file system on a SSD DocumentRoot on a HDD and mounted via fstab Restarting apache2 after boot - no problem Seems to be a timing problem that apache is started before the fstab mounts are completed.
Workaround: Define the DocumentRoot directory on the root file system with the correct owner, group and permissions. The directory may be empty.
回答6:
Firstly, there is no reason at all to turn off selinux to fix this issue, just change the selinux file context.
Secondly, when changing selinux file context, you should to set up a permanent rule for that path, such that when new files are copied in and/or replace existing files, restorecon actually fixes the problem, instead of breaking it, as is the case when you only use chcon.
Thus, for a symlink'ed DocumentRoot (let's give the actual full path to the directory as '/media/myDoc' for this example), run these two commands:
semanage fcontext -a -t httpd_sys_content_t "/media/myDoc(/.*)?"
restorecon -R /media/myDoc
Note, the full path is required when using semanage this way. You will not only fix the problem, but it won't break again when you run restorecon (or auto-relabel) in the future.
来源:https://stackoverflow.com/questions/14786881/apache-restart-causes-documentroot-must-be-a-directory-even-though-it-is-a-dire