Permissions Apache2-符号链接不允许或不可访问
我有一个简单的VHost设置,如下所示:Permissions Apache2-符号链接不允许或不可访问,permissions,apache2,symlink,Permissions,Apache2,Symlink,我有一个简单的VHost设置,如下所示: <VirtualHost *:443> ServerName my.server.com # SSL setup DocumentRoot /srv/www/htdocs/ HostnameLookups Off UseCanonicalName Off ServerSignature Off <Directory "/srv/www/htdocs">
<VirtualHost *:443>
ServerName my.server.com
# SSL setup
DocumentRoot /srv/www/htdocs/
HostnameLookups Off
UseCanonicalName Off
ServerSignature Off
<Directory "/srv/www/htdocs">
Options +Indexes +FollowSymLinks
AllowOverride None
Require all granted
</Directory>
</VirtualHost>
这是输出namei-om/srv/www/htdocs/releases
:
f: /srv/www/htdocs/releases
drwxr-xr-x root root /
drwxr-xr-x root root srv
drwxr-xr-x root root www
drwxr-xr-x jenkins root htdocs
lrwxrwxrwx root root releases -> /relstore
drwxr-xr-x root root /
drwxrwxrwx root root relstore
因此,我们可以清楚地看到,符号链接可以被解析,并且所有目录都具有world r-x权限。可以排除SELinux,因为这是禁用的(通过getenforce
检查)
怎么了?Apache 2.4.x默认情况下似乎会验证符号链接的所有者,并且该所有者必须与符号链接目标的所有者匹配。要禁用此行为,请将
-symlinksFownerMatch
指定为附加的选项
指令,即
<Directory "/srv/www/htdocs">
Options +Indexes +FollowSymLinks -SymLinksIfOwnerMatch
...
</Directory>
选项+索引+后续符号链接-符号链接所有者匹配
...
<Directory "/srv/www/htdocs">
Options +Indexes +FollowSymLinks -SymLinksIfOwnerMatch
...
</Directory>