Modify

Opened 2 years ago

Last modified 18 months ago

#21079 new defect

Forbidden You don't have permission to access / on this server.

Reported by: john@… Owned by:
Priority: high Milestone:
Component: luci Version: Trunk
Keywords: Cc:

Description

Just updated to r47665 and I can no longer login to the web interface I am getting the above error.

My install seemed to be routine, updated opkg and the install luci, luci-theme-openwrt and luci-app-sqm.
No apparent problems, except that I cannot log to Luci.

Attachments (0)

Change History (21)

comment:1 Changed 2 years ago by anonymous

Not sure if this is relavent
Login using ssh - get a message "sh: /usr/bin/xauth: not found"

comment:2 Changed 2 years ago by anon2

you might mention if it works ok with luci-theme-bootstrap (the default theme)

comment:3 Changed 2 years ago by anonymous

No it makes no difference what theme you are running.

I tried several test and found that the permission on /www are "wrong".
as installed the owner & group for /www are both set to root.
permission are rwx --- ---.
I tried changing them to rwxr_x--- no effect.
Changed them to rwxr_xr_x everything works.
This leads me to the conclusion that the web server is not running as root.

I also tried changing the owner and group of /www using root and www-data in all combinations to no effect.

comment:4 Changed 2 years ago by anonymous

Ooops, missed this. I just created a new ticket for the same issue... I've had no luck fixing this myself either. Issue present after updating to 47670.

comment:5 Changed 2 years ago by jow

This is most likely an umask issue on the build slave. I notified the admins. This is not something we can fix in code.

comment:6 Changed 2 years ago by anonymous

I was testing at the same time as Jow wrote his message:

I used the new ar71xx r47670 snapshot built by buildslave gb15 to flash.

After manually opkg installing Luci, I could not access Luci. Just the same error as explained above. The directory /www has normal permissions, but /www/cgi-bin has 700.

After manually adjusting /www/cgi-bin, /www/luci-static and index.html to 755 and restarting uhttpd, Luci works again.

The process listing shows the uhttpd process as "root", so I wonder why the process is unable to read the file.

comment:7 Changed 2 years ago by jow

uhttpd is able to read the file just fine but it refuses to serve files via http which are not marked world-readable.

comment:8 Changed 2 years ago by john@…

OK, That explains the requirement for world read, does uhhtpd need world executable?

comment:9 Changed 2 years ago by jow

For directories yes.

comment:10 Changed 2 years ago by anonymous

Anyone know if this issue is resolved now? Did you hear back from the 'admins' how?

comment:11 Changed 2 years ago by anonymous

Jow*. Just tested, it's fixed.

comment:12 follow-up: Changed 2 years ago by anonymous

Hi

I update openwrt-ar71xx-generic-tl-wdr4300-v1-squashfs-sysupgrade.bin r47884 and got the Forbidden problem. After:

chmod 755 /www/cgi-bin
chmod 755 /www/luci-static
find /www -type f -exec chmod 644 {} \; # without that no css 
chmod 755 /www/cgi-bin/luci

everything works.

Greetings sentor

comment:13 Changed 22 months ago by randyperkins@…

I am new to openwrt. dont even have my hardware yet, so forgive me if this information is wrong.

I was hit by this issue and the above 4 line solution worked for me. I wanted to run openwrt in kvm/libvirt so I downloaded and unzipped this image

openwrt-x86-kvm_guest-combined-ext4.img

Here is the version I downloaded. I glanced at the revisions and it appears this is less than a week old.

root@OpenWrt:/etc# cat openwrt_release
DISTRIB_ID='OpenWrt'
DISTRIB_RELEASE='Bleeding Edge'
DISTRIB_REVISION='r49089'
DISTRIB_CODENAME='designated_driver'
DISTRIB_TARGET='x86/kvm_guest'
DISTRIB_DESCRIPTION='OpenWrt Designated Driver r49089'
DISTRIB_TAINTS=

comment:14 Changed 22 months ago by anonymous

Same problem with luci git-16.092.45070

comment:15 Changed 22 months ago by anonymous

luci_git-16.092.45070 with trunk r49114 working correctly.

comment:16 Changed 22 months ago by xenith@…

Also seeing this in: Powered by LuCI Master (git-16.100.63971-9c77aea)

my person fix is:

chmod -R a+rX /www


comment:17 Changed 22 months ago by xenith@…

Hmm, /www/cgi-bin/luci needs to be 755 also, because it's a lua script.

so revised as:

chmod -R +rX /www && chmod +x /www/cgi-bin/luci

comment:18 Changed 22 months ago by anonymous

This bug also affects EA3500 (codename "Audi") latest build r49166.

chmod -R +rX /www && chmod +x /www/cgi-bin/luci ----> fixes it, thanks xenith.

comment:19 in reply to: ↑ 12 Changed 21 months ago by anonymous

thanks ...worked like a charm..

Replying to anonymous:

Hi

I update openwrt-ar71xx-generic-tl-wdr4300-v1-squashfs-sysupgrade.bin r47884 and got the Forbidden problem. After:

chmod 755 /www/cgi-bin
chmod 755 /www/luci-static
find /www -type f -exec chmod 644 {} \; # without that no css 
chmod 755 /www/cgi-bin/luci

everything works.

Greetings sentor

comment:20 Changed 21 months ago by refack@…

Still happening with latest openwrt-ar71xx-generic-archer-c7-v2-squashfs-sysupgrade.bin

comment:21 Changed 18 months ago by into.311.benners@…

still happening with the same image as listed above by refack. Fix was to run chmod -R a+rX /www.

Add Comment

Modify Ticket

Action
as new .
Author


E-mail address and user name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.