Centos 7 - Forbidden, You don't have, permission to access /rt4 on this server

Hello

In the section “Running RT at rt rather than /” says that you need to
make sure “DocumentRoot” is not set to “/opt/rt4/share/html/”. What path
am I supposed to use, please?

Thanks

Hi,

It also says:

" # Set DocumentRoot as appropriate for the other content you want to
serve
DocumentRoot /var/www"

So to a path where your other content that you want apache to serve, I’m
afraid only you can
answer that question.

Best Regards

MartinOn 2016-04-25 10:18, Yanni wrote:

Hello

In the section “Running RT at rt rather than /” says that you need to
make sure “DocumentRoot” is not set to “/opt/rt4/share/html/”. What
path am I supposed to use, please?

Thanks

RT 4.4 and RTIR Training Sessions https://bestpractical.com/training

  • Washington DC - May 23 & 24, 2016

Thanks Martin

I thought I had to point “DocumentRoot” to where the RT login page is.

I tried to install “mod_fastcgi” as you suggested but is not available
with yum.

[root@jimmy opt]# yum -y install mod_fastcgi
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile

I also installed “rpmforge-release-0.5.3-1.el7.rf.x86_64.rpm” and tried
to install it that way:
"yum --enablerepo=rpmforge install mod_fastcgi " but it’s still not
available. There is a website called: www.fastcgi.com but I think is not
being maintained anymore. I also found out that with Apache 2.4, the
official module to use is “mod_proxy_fcgi”. It looks like with Centos7 I
have 2 options. Either use Apache with “mod_fcgid” or go with nginx.

I went with “mod_fcgid” and installed it with yum. I’ve got
“mod_fcgid-2.3.9-4.el7.x86_64”.

Then:

  1. I renamed the /opt/rt4 directory and re-run “make-install” so I can
    get back all the default file permissions of rt4 directory, as Todd
    suggested.

  2. re-run “make initialize-database” with no errors.

  3. Copied the “mod_fcgid” section from “bestpractical.com” to my
    “httpd.conf” and restarted “httpd”.

  4. Made the changes described in “Running RT at rt rather than /” section.

  5. Restarted “httpd” and tried to access the RT login page
    (https://jimmy.ad.biosci.ac.uk/rt4:8000) but I get:

    Internal Server Error
    The server encountered an internal error or misconfiguration and was
    unable to complete your request.
    Please contact the server administrator at root@localhost to inform
    them of the time this error occurred, and the actions you performed
    just before this error.
    More information about this error may be available in the server
    error log.

  6. I had a look at the “error.log” file and I can see the following:
    RT couldn’t load RT config file /opt/rt4/etc/RT_Config.pm as:
    user: apache
    group: apache

The file is owned by user root and group www.

This usually means that the user/group your webserver is running
as cannot read the file. Be careful not to make the permissions
on this file too liberal, because it contains database passwords.
You may need to put the webserver user in the appropriate group
(www) or change permissions be able to run succesfully.

Can’t locate RT_Config.pm in @INC (@INC contains: /opt/rt4/local/etc
/opt/rt4/etc /opt/rt4/sbin/…/local/lib /opt/rt4/sbin/…/lib
/usr/local/lib64/perl5 /usr/local/share/perl5
/usr/lib64/perl5/vendor_perl /usr/share/perl5/vendor_perl
/usr/lib64/perl5 /usr/share/perl5 .) at
/opt/rt4/sbin/…/lib/RT/Config.pm line 1238.
As the error message says “apache” can not read RT_Config.pm so I added
“apache” to the “www” group like this:
usermod -a -G www apache

  1. Restart “httpd” and tried to visit the login page
    (https://jimmy.ad.biosci.ac.uk/rt4:8000). I get the same Internal Server
    error.

Below are my full “httpd.conf” and “RT_SiteConfig.pm” files. When you
have time could you please have a look, I believe I’ve got the correct
“ScriptAlias” and “Location” now.

httpd.conf: http://pastebin.com/NMtxapR5
RT_SiteConfig.pm: RT_SiteConfig.pm - Pastebin.com

Many thanks

Hi,

The thing that stands out is that you seem to be trying to access the
site using https on port 8000,
however you haven’t configured apache for https.

Could you also post the ./configure that you used with rt to the list
too please.

Best Regards

MartinOn 2016-04-26 09:40, Yanni wrote:

Thanks Martin

I thought I had to point “DocumentRoot” to where the RT login page is.

I tried to install “mod_fastcgi” as you suggested but is not available
with yum.


[root@jimmy opt]# yum -y install mod_fastcgi
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile


I also installed “rpmforge-release-0.5.3-1.el7.rf.x86_64.rpm” and
tried to install it that way:
"yum --enablerepo=rpmforge install mod_fastcgi " but it’s still not
available. There is a website called: www.fastcgi.com but I think is
not being maintained anymore. I also found out that with Apache 2.4,
the official module to use is “mod_proxy_fcgi”. It looks like with
Centos7 I have 2 options. Either use Apache with “mod_fcgid” or go
with nginx.

I went with “mod_fcgid” and installed it with yum. I’ve got
“mod_fcgid-2.3.9-4.el7.x86_64”.

Then:

  1. I renamed the /opt/rt4 directory and re-run “make-install” so I can
    get back all the default file permissions of rt4 directory, as Todd
    suggested.
  2. re-run “make initialize-database” with no errors.
  3. Copied the “mod_fcgid” section from “bestpractical.com” to my
    “httpd.conf” and restarted “httpd”.
  4. Made the changes described in “Running RT at rt rather than /”
    section.
  5. Restarted “httpd” and tried to access the RT login page
    (https://jimmy.ad.biosci.ac.uk/rt4:8000) but I get:

Internal Server Error
The server encountered an internal error or misconfiguration and was
unable to complete your request.
Please contact the server administrator at root@localhost to inform
them of the time this error occurred, and the actions you performed
just before this error.
More information about this error may be available in the server
error log.

  1. I had a look at the “error.log” file and I can see the following:

RT couldn’t load RT config file /opt/rt4/etc/RT_Config.pm as:
user: apache
group: apache

The file is owned by user root and group www.

This usually means that the user/group your webserver is running
as cannot read the file. Be careful not to make the permissions
on this file too liberal, because it contains database passwords.
You may need to put the webserver user in the appropriate group
(www) or change permissions be able to run succesfully.

Can’t locate RT_Config.pm in @INC (@INC contains: /opt/rt4/local/etc
/opt/rt4/etc /opt/rt4/sbin/…/local/lib /opt/rt4/sbin/…/lib
/usr/local/lib64/perl5 /usr/local/share/perl5
/usr/lib64/perl5/vendor_perl /usr/share/perl5/vendor_perl
/usr/lib64/perl5 /usr/share/perl5 .) at
/opt/rt4/sbin/…/lib/RT/Config.pm line 1238.

As the error message says “apache” can not read RT_Config.pm so I
added “apache” to the “www” group like this:
usermod -a -G www apache

  1. Restart “httpd” and tried to visit the login page
    (https://jimmy.ad.biosci.ac.uk/rt4:8000). I get the same Internal
    Server error.

Below are my full “httpd.conf” and “RT_SiteConfig.pm” files. When you
have time could you please have a look, I believe I’ve got the correct
“ScriptAlias” and “Location” now.

httpd.conf: http://pastebin.com/NMtxapR5
RT_SiteConfig.pm: RT_SiteConfig.pm - Pastebin.com

Many thanks

RT 4.4 and RTIR Training Sessions https://bestpractical.com/training

  • Washington DC - May 23 & 24, 2016

Hi Yanni,
In order to even see mod_fastcgi, you’ll need to yum install epel-release.noarch. Then, when you yum search for fcgid you should see the package mod_fcgid.x86_64, or something close to it, since you are using CentOS 7.

Thank you,
Rachel Kelly
Best Practical> On Apr 26, 2016, at 4:14 AM, Martin Wheldon martin.wheldon@greenhills-it.co.uk wrote:

Hi,

The thing that stands out is that you seem to be trying to access the site using https on port 8000,
however you haven’t configured apache for https.

Could you also post the ./configure that you used with rt to the list too please.

Best Regards

Martin

On 2016-04-26 09:40, Yanni wrote:

Thanks Martin
I thought I had to point “DocumentRoot” to where the RT login page is.
I tried to install “mod_fastcgi” as you suggested but is not available with yum.

[root@jimmy opt]# yum -y install mod_fastcgi
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile


I also installed “rpmforge-release-0.5.3-1.el7.rf.x86_64.rpm” and
tried to install it that way:
"yum --enablerepo=rpmforge install mod_fastcgi " but it’s still not
available. There is a website called: www.fastcgi.com but I think is
not being maintained anymore. I also found out that with Apache 2.4,
the official module to use is “mod_proxy_fcgi”. It looks like with
Centos7 I have 2 options. Either use Apache with “mod_fcgid” or go
with nginx.
I went with “mod_fcgid” and installed it with yum. I’ve got
“mod_fcgid-2.3.9-4.el7.x86_64”.
Then:

  1. I renamed the /opt/rt4 directory and re-run “make-install” so I can
    get back all the default file permissions of rt4 directory, as Todd
    suggested.
  2. re-run “make initialize-database” with no errors.
  3. Copied the “mod_fcgid” section from “bestpractical.com” to my
    “httpd.conf” and restarted “httpd”.
  4. Made the changes described in “Running RT at rt rather than /” section.
  5. Restarted “httpd” and tried to access the RT login page
    (https://jimmy.ad.biosci.ac.uk/rt4:8000) but I get:

Internal Server Error
The server encountered an internal error or misconfiguration and was
unable to complete your request.
Please contact the server administrator at root@localhost to inform
them of the time this error occurred, and the actions you performed
just before this error.
More information about this error may be available in the server error log.

  1. I had a look at the “error.log” file and I can see the following:

RT couldn’t load RT config file /opt/rt4/etc/RT_Config.pm as:
user: apache
group: apache
The file is owned by user root and group www.
This usually means that the user/group your webserver is running
as cannot read the file. Be careful not to make the permissions
on this file too liberal, because it contains database passwords.
You may need to put the webserver user in the appropriate group
(www) or change permissions be able to run succesfully.
Can’t locate RT_Config.pm in @INC (@INC contains: /opt/rt4/local/etc
/opt/rt4/etc /opt/rt4/sbin/…/local/lib /opt/rt4/sbin/…/lib
/usr/local/lib64/perl5 /usr/local/share/perl5
/usr/lib64/perl5/vendor_perl /usr/share/perl5/vendor_perl
/usr/lib64/perl5 /usr/share/perl5 .) at
/opt/rt4/sbin/…/lib/RT/Config.pm line 1238.

As the error message says “apache” can not read RT_Config.pm so I
added “apache” to the “www” group like this:
usermod -a -G www apache
7. Restart “httpd” and tried to visit the login page
(https://jimmy.ad.biosci.ac.uk/rt4:8000). I get the same Internal
Server error.
Below are my full “httpd.conf” and “RT_SiteConfig.pm” files. When you
have time could you please have a look, I believe I’ve got the correct
“ScriptAlias” and “Location” now.
httpd.conf: http://pastebin.com/NMtxapR5
RT_SiteConfig.pm: RT_SiteConfig.pm - Pastebin.com
Many thanks

RT 4.4 and RTIR Training Sessions https://bestpractical.com/training

  • Washington DC - May 23 & 24, 2016

RT 4.4 and RTIR Training Sessions https://bestpractical.com/training

  • Washington DC - May 23 & 24, 2016