macOS security update has changed some permissions for apache2 server...?

Marius Schamschula lists at schamschula.com
Tue Feb 2 16:41:48 UTC 2021 

The httpd-manual.conf you copied to your email differs from httpd-manual.conf.orig.

You might want to check that.

> On Feb 2, 2021, at 10:35 AM, Carlo Tambuatco <oraclmaster at gmail.com> wrote:
> 
> 
> 
>> On Feb 2, 2021, at 11:22 AM, Marius Schamschula <lists at schamschula.com> wrote:
>> 
>> OK. It isn’t by default.
>> 
>> Are you using extra/httpd-manual.conf, i.e. have it included from http.conf, or are you using the default settings?
>> 
>> The only other thing I can think of is that somewhere in the /opt/local/www/apache2/manual path there are some incorrect permissions.
> 
> in httpd.conf I have:
> 
> # Local access to the Apache HTTP Server Manual
> Include /private/etc/apache2/extra/httpd-manual.conf
> 
> and this is what my httpd-manual.conf looks like:
> 
> 
> AliasMatch ^/manual(?:/(?:da|de|en|es|fr|ja|ko|pt-br|ru|tr|zh-cn))?(/.*)?$ "/Library/WebServer/share/httpd/manual$1"
> 
> <Directory "/Library/WebServer/share/httpd/manual">
>    Options Indexes
>    AllowOverride None
>    Require all granted
> 
>    <Files *.html>
>        SetHandler type-map
>    </Files>
> 
>    # .tr is text/troff in mime.types!
>    RemoveType tr
> 
>    # Traditionally, used .dk filename extension for da language
>    AddLanguage da .da
> 
>    SetEnvIf Request_URI ^/manual/(da|de|en|es|fr|ja|ko|pt-br|ru|tr|zh-cn)/ prefer-language=$1
>    RedirectMatch 301 ^/manual(?:/(da|de|en|es|fr|ja|ko|pt-br|ru|tr|zh-cn)){2,}(/.*)?$ /manual/$1$2
> 
>    # Reflect the greatest effort in translation (most content available),
>    # inferring greater attention to detail (potentially false assumption,
>    # counting translations presently in-sync would be more helpful.)
>    # Use caution counting; safest pattern is '*.xml.XX'. Recent .xml source
>    # document count: 266 214 110 94 82 25 22    18     4  1  1
>    LanguagePriority   en  fr  ko ja tr es de zh-cn pt-br da ru
>    ForceLanguagePriority Prefer Fallback
> </Directory>
> 
> 
> 
> 
>> 
>>> On Feb 2, 2021, at 10:16 AM, Carlo Tambuatco <oraclmaster at gmail.com> wrote:
>>> 
>>> 
>>> 
>>>> On Feb 2, 2021, at 11:10 AM, Marius Schamschula <lists at schamschula.com> wrote:
>>>> 
>>>> Did you check if all required modules are active?
>>>> 
>>>> I just installed apache2 on a Catalina system. I couldn’t view the manual until I edited http.conf and enabled mod_negotiation
>>>> 
>>> 
>>> in httpd.conf
>>> 
>>> LoadModule negotiation_module libexec/apache2/mod_negotiation.so
>>> 
>>> is uncommented.
>>> 
>>> 
>>> 
>>> 
>>>>> On Feb 2, 2021, at 9:50 AM, Carlo Tambuatco <oraclmaster at gmail.com> wrote:
>>>>> 
>>>>> 
>>>>> 
>>>>>> On Feb 2, 2021, at 10:37 AM, Marius Schamschula <lists at schamschula.com> wrote:
>>>>>> 
>>>>>> Let’s step back one step.
>>>>>> 
>>>>>> You are running which version of macOS?
>>>>> 
>>>>> 
>>>>> 10.15.7 updated last night.
>>>>> 
>>>>> 
>>>>>>> On Feb 2, 2021, at 9:25 AM, Carlo Tambuatco <oraclmaster at gmail.com> wrote:
>>>>>>> 
>>>>>>> 
>>>>>>> 
>>>>>>>> On Feb 2, 2021, at 9:32 AM, Henning Hraban Ramm <hraban at fiee.net> wrote:
>>>>>>>> 
>>>>>>>> 
>>>>>>>>> Am 02.02.2021 um 13:20 schrieb Carlo Tambuatco <oraclmaster at gmail.com>:
>>>>>>>>> 
>>>>>>>>> This might seem like a small issue, but it bothers me because I just can’t find
>>>>>>>>> what changed...
>>>>>>>>> 
>>>>>>>>> It seems the latest security update to macOS has rendered me unable to view the
>>>>>>>>> apache manual pages installed on my local webserver. It worked fine before the
>>>>>>>>> update, but now when I open up a browser to http://localhost:8080/manual, I get
>>>>>>>>> 403 Forbidden, you don’t have permission to access this resource.
>>>>>>>>> 
>>>>>>>>> I checked my httpd.conf file, and my extra/httpd-manual.conf file which contain the
>>>>>>>>> apache directives for viewing and handling the manual pages, but as far as I can tell,
>>>>>>>>> nothing changed. It seems apache2 can find the directory, but it now says I don’t
>>>>>>>>> have permission to view it? What possibly could have changed?
>>>>>>>> 
>>>>>>>> Did you check if Apache is allowed to access (and serve) the folder and files of the manual pages?
>>>>>>>> 
>>>>>>>> 
>>>>>>> 
>>>>>>> How do I do this?
>>>>>>> 
>>>>>>>> Best, Hraban
>>>>>>> 
>>>>>> 
>>>>> 
>>>> 
>>> 
>> 
>

More information about the macports-users mailing list