Apache Permission denied for /srv/www: unable to check .htaccess file but not for /var/www

Question

I\'ve hit a problem on Centos 6.5:

[Mon Dec 28 12:10:52 2012] [a] [client 127.0.0.1] (13) Permission denied: /srv/www/website/.htaccess pcfg_openfile: unable to chec

Answer 1

Are you sure that the user "apache" can cross the folder "/src" ? What's the owner and the permission of the folder "/src" ?

Answer 2

I finally got to the bottom of the problem. It's caused by SELinux policies overriding basic traditional discretionary access control (DAC) methods such as file permissions or access control lists (ACLs) normally used to control the file access of users!

$ sestatus
SELinux status:                 enabled
SELinuxfs mount:                /selinux
Current mode:                   enforcing
Mode from config file:          enforcing
Policy version:                 24
Policy from config file:        targeted

$ setenforce
usage:  setenforce [ Enforcing | Permissive | 1 | 0 ]

$ setenforce Permissive

$ sestatus
SELinux status:                 enabled
SELinuxfs mount:                /selinux
Current mode:                   permissive
Mode from config file:          enforcing
Policy version:                 24
Policy from config file:        targeted

More info on SELinux at Centos. As soon as I switched to Permissive mode my /srv/ started working.

If you know what and why you are doing this then you can permanently disable SELinux in /etc/selinux/config by changing the following line:

SELINUX=enforcing

to

SELINUX=disabled

Restart your server and you should have it disabled permanently.

Note: When switching from Disabled to either Permissive or Enforcing mode, it is highly recommended that the system be rebooted and the filesystem relabeled.