0

I have a NFS mount at /mnt/web/ on OpenBSD 5.2.

How can I mount this so it's accessible to the web?

Currently I'm soft linking it to /var/www/web

ln -s /mnt/web /var/www/web

I've added an alias directive in the apache config like so:

 Alias /web/ "/var/www/web/" Options Indexes FollowSymLinks AllowOverride None Order allow,deny Allow from all

The ownership shows that everyone should have read and execute. What am I doing wrong? Apache says:

Not Found The requested URL /web was not found on this server.

Is it possible that OpenBSD's default chroot'd apache configuration doesn't allow this?

Additional Info:
I was able to access the NFS share when linked to the /var/www/users directory and apache configured with the "UserDir" option.

UPDATE
It works when Apache is run without chroot enabled ...so, my next question: How can I get this to work within chroot?

UPDATE
I changed the mount location and mount options and now it works [ see my answer below ]. But I'd like advice on optimal permissions. These are static files only. Who should own these files?

Improve this question

2 Answers 2

Reset to default
0

I believe that your alias might be wrong, check out the documentation for the apache website for the difference between an alias such as "/web" and an alias "/web/".

Improve this answer
4
  • No luck changing the alias. Do you think that OpenBSD's default chroot'd apache has anything to do with this? It did work when I set it to use the "users" configuration where it creates public directories for each user. Commented Feb 1, 2013 at 3:15
  • Most definitely, I wish that this fact had been described SPECIFICALLY in the question section. Remember, that any directory you have OUTSIDE a chrooted environment would have to be duplicated in the chroot'd directory to have the same name. Therefore, the RHS of your alias is possibly incorrect. Commented Feb 1, 2013 at 3:19
  • I just tried directly mounting it to the directory instead of linking it and it still does the same thing. Commented Feb 1, 2013 at 3:28
  • It works if I disable run httpd -u ...apache no chroot. Darn. Commented Feb 1, 2013 at 3:36
0

I got it to work in chroot'd Apache on OpenBSD5.2 by mounting the NFS share thusly:

mount -t nfs -o suid,sync nfs-server:/nfs/web/ /var/www/htdocs/web

...then altering the Document root stanza in httpd.conf as follows:

<Directory "/var/www/htdocs"> Options Indexes FollowSymLinks Includes SymLinksifOwnerMatch AllowOverride All Order allow,deny Allow from all </Directory>

So ....now that it "works" * could someone please clarify what permissions I should be seeing when listing the NFS contents?

ls -al /var/www/htdocs/web

 dr-xr-xr-x 10 www www 4096 Dec 3 23:00 . drwxrwxr-x 1012 www www 32768 Feb 1 18:36 .. dr-xr-xr-x 9 www www 4096 Jun 13 2012 subdir1 dr-xr-xr-x 4 www www 73 Jun 13 2012 subdir2 dr-xr-xr-x 15 www www 4096 Jun 13 2012 subdir3 -rwxrwxrwx 1 www www 87161949 Jul 12 2008 file3.mp3

EDIT Everything is A-OK. There was no need for the Apache user 'www' to own these files or directories -- so now he doesn't. There was no need for any write access for anyone other than the owner -- so there isn't. Everything works and is accessible over the web and I believe the security is quite sound -- Ie., the default OpenBSD chroot environment is enabled and the permissions on the NFS share are strict.

755 for directories and 644 for files. I think that's a wrap!

Ie., by works I simply mean: shows up in browser

Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.