(13)Permission denied

This apache error is the bane of my existence. It is sometimes nearly impossible to figure out even though I know the fundamentals of the httpd web server. On mountain lion, you should generally debug this like so:

  1. Make sure the user/group specified in httpd.conf is www/www
  2. Make sure the directory has execute permissions for www
  3. Make sure the directory has a default (index.php or index.html)
  4. Make sure that default is readable by www
  5. Make sure that ALL encapsulating directories are executable by www (readable)

It is this last point that I want the emphasize because I had this issue moving to Mountain Lion (OS X 10.8). Your user Documents directory is 700 and is owned by you. If you try to serve a file anywhere below this directory, you’ll have problems. So there are two things you can do to find out if the error is due to parent permissions:

  1. go to the web root and do `ls -leahG` on that directory, cd ../, rinse, repeat; taking note of all permissions.
  2. use the spectacular parsepath.pl tool. Throw this into /usr/local/bin and give it execute permissions and run it on your default index file.

From number 2 above, you’ll get something like this:

d 0755 root:wheel /
d 0755 root:admin /Users
d 0755 beetle:staff /Users/beetle
d 0700 beetle:staff /Users/beetle/Documents
d 0755 beetle:staff /Users/beetle/Documents/Projects
d 0755 beetle:staff /Users/beetle/Documents/Projects/aaa
d 0755 beetle:staff /Users/beetle/Documents/Projects/aaa/bbb
d 0755 beetle:staff /Users/beetle/Documents/Projects/aaa/bbb/web
f 0644 beetle:staff /Users/beetle/Documents/Projects/aaa/bbb/web/index.php

Boom. /Users/beetle/Documents has 700 permissions and www is denied. chmod this to 755 and everything should be good. You could also modify the parsepath.pl file to give you `ls -leahG` info as well.

Another thing I learned during this process is /etc/paths is a fine location to store your path info. Update this file and source /etc/bashrc will get you on your way. Neato.


Leave a Reply

Your email address will not be published. Required fields are marked *