read content ouside /home/user folder

frog9394

frog9394

Verified User
Joined
Jun 27, 2008
Messages
26
Dear All,

I have an nfs volume mounted to /mnt/nfs. A symbolic link /home/user/public_html/image -> /mnt/nfs/image has created. But I can't get https://www.domain.com/image/test.jpg to work (Forbidden) because apache seems restricted. It can only read content inside /home/user. How can I solved this problem.
I have already get php to work with add /mnt/nfs to open_basedir but no luck with apache.

Errorlog
[Wed Apr 21 03:27:07.918863 2021] [core:error] [pid 2439004:tid 140276112312384] [client 1.1.1.1:55644] AH00037: Symbolic link not allowed or link target not accessible: /home/user/domains/www.test.com/public_html/image

Thanks everybody!!

OS: Cloudlinux 7
Directadmin ver: 1.61.5
Apache ver: 2.4
 
Last edited:
try chown -h user.user /home/user/public_html/image , to change the owner of the symlink.
 
Thanks for your reply. The symlink already owned by user:user.

$ ls -l image
lrwxrwxrwx 1 user user 15 Apr 21 02:19 image -> /mnt/nfs/image/
 
If you enable the ssh access for the user and login or su to the account, can you access to the files directly in the filesystem?

i'm thinking about file permissions or a cagefs possible issue.
 
Yes. I can read the file from ssh without problem.

$ cat image/test.txt
12345
 
The message is clear 'Symbolic link not allowed'. This is because apache wants access to all the directories above the mounted dir. That would be a pretty big security issue. So you can chmod +x every directory above but... well... you might not want that.
Or.. you can mount the nfs share direct at /home/user/public_html/images.

Edit: You did enable the 'FollowSymLinks' I presume?
 
sysdev said:
The message is clear 'Symbolic link not allowed'. This is because apache wants access to all the directories above the mounted dir. That would be a pretty big security issue. So you can chmod +x every directory above but... well... you might not want that.
Or.. you can mount the nfs share direct at /home/user/public_html/images.

Edit: You did enable the 'FollowSymLinks' I presume?
Click to expand...


Thanks for your reply. We are using Cloudlinux cagefs, so we cannot mount it directly to the user's image folder told by Cloudlinux support. The /mnt/nfs is a vitural directory using https://docs.cloudlinux.com/cloudlinux_os_components/#per-user-virtual-mount-points method helped by Cloudlinux support.

Of course "FollowSymLinks" enabled. Any symlinks inside /home/user working flawlessly
 
You must log in or register to reply here.
Back
Top