macOS security update has changed some permissions for apache2 server...?

Tue Feb 2 16:35:34 UTC 2021


> On Feb 2, 2021, at 11:22 AM, Marius Schamschula <lists at schamschula.com> wrote:
> 
> OK. It isn’t by default.
> 
> Are you using extra/httpd-manual.conf, i.e. have it included from http.conf, or are you using the default settings?
> 
> The only other thing I can think of is that somewhere in the /opt/local/www/apache2/manual path there are some incorrect permissions.

in httpd.conf I have:

# Local access to the Apache HTTP Server Manual
Include /private/etc/apache2/extra/httpd-manual.conf

and this is what my httpd-manual.conf looks like:


AliasMatch ^/manual(?:/(?:da|de|en|es|fr|ja|ko|pt-br|ru|tr|zh-cn))?(/.*)?$ "/Library/WebServer/share/httpd/manual$1"

<Directory "/Library/WebServer/share/httpd/manual">
    Options Indexes
    AllowOverride None
    Require all granted

    <Files *.html>
        SetHandler type-map
    </Files>

    # .tr is text/troff in mime.types!
    RemoveType tr

    # Traditionally, used .dk filename extension for da language
    AddLanguage da .da

    SetEnvIf Request_URI ^/manual/(da|de|en|es|fr|ja|ko|pt-br|ru|tr|zh-cn)/ prefer-language=$1
    RedirectMatch 301 ^/manual(?:/(da|de|en|es|fr|ja|ko|pt-br|ru|tr|zh-cn)){2,}(/.*)?$ /manual/$1$2

    # Reflect the greatest effort in translation (most content available),
    # inferring greater attention to detail (potentially false assumption,
    # counting translations presently in-sync would be more helpful.)
    # Use caution counting; safest pattern is '*.xml.XX'. Recent .xml source
    # document count: 266 214 110 94 82 25 22    18     4  1  1
    LanguagePriority   en  fr  ko ja tr es de zh-cn pt-br da ru
    ForceLanguagePriority Prefer Fallback
</Directory>


> 
>> On Feb 2, 2021, at 10:16 AM, Carlo Tambuatco <oraclmaster at gmail.com> wrote:
>> 
>> 
>> 
>>> On Feb 2, 2021, at 11:10 AM, Marius Schamschula <lists at schamschula.com> wrote:
>>> 
>>> Did you check if all required modules are active?
>>> 
>>> I just installed apache2 on a Catalina system. I couldn’t view the manual until I edited http.conf and enabled mod_negotiation
>>> 
>> 
>> in httpd.conf
>> 
>> LoadModule negotiation_module libexec/apache2/mod_negotiation.so
>> 
>> is uncommented.
>> 
>> 
>> 
>> 
>>>> On Feb 2, 2021, at 9:50 AM, Carlo Tambuatco <oraclmaster at gmail.com> wrote:
>>>> 
>>>> 
>>>> 
>>>>> On Feb 2, 2021, at 10:37 AM, Marius Schamschula <lists at schamschula.com> wrote:
>>>>> 
>>>>> Let’s step back one step.
>>>>> 
>>>>> You are running which version of macOS?
>>>> 
>>>> 
>>>> 10.15.7 updated last night.
>>>> 
>>>> 
>>>>>> On Feb 2, 2021, at 9:25 AM, Carlo Tambuatco <oraclmaster at gmail.com> wrote:
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>>> On Feb 2, 2021, at 9:32 AM, Henning Hraban Ramm <hraban at fiee.net> wrote:
>>>>>>> 
>>>>>>> 
>>>>>>>> Am 02.02.2021 um 13:20 schrieb Carlo Tambuatco <oraclmaster at gmail.com>:
>>>>>>>> 
>>>>>>>> This might seem like a small issue, but it bothers me because I just can’t find
>>>>>>>> what changed...
>>>>>>>> 
>>>>>>>> It seems the latest security update to macOS has rendered me unable to view the
>>>>>>>> apache manual pages installed on my local webserver. It worked fine before the
>>>>>>>> update, but now when I open up a browser to http://localhost:8080/manual, I get
>>>>>>>> 403 Forbidden, you don’t have permission to access this resource.
>>>>>>>> 
>>>>>>>> I checked my httpd.conf file, and my extra/httpd-manual.conf file which contain the
>>>>>>>> apache directives for viewing and handling the manual pages, but as far as I can tell,
>>>>>>>> nothing changed. It seems apache2 can find the directory, but it now says I don’t
>>>>>>>> have permission to view it? What possibly could have changed?
>>>>>>> 
>>>>>>> Did you check if Apache is allowed to access (and serve) the folder and files of the manual pages?
>>>>>>> 
>>>>>>> 
>>>>>> 
>>>>>> How do I do this?
>>>>>> 
>>>>>>> Best, Hraban
>>>>>> 
>>>>> 
>>>> 
>>> 
>> 
>