Re: apache2 + munin configuration

To: debian-user@lists.debian.org
Subject: Re: apache2 + munin configuration
From: Darac Marjal <mailinglist@darac.org.uk>
Date: Wed, 13 Nov 2013 11:22:38 +0000
Message-id: <[🔎] 20131113112238.GA22543@darac.org.uk>
In-reply-to: <[🔎] 20131113104910.GI11883@hawking>
References: <[🔎] 52825D71.5060000@cegetel.net> <[🔎] 20131113104910.GI11883@hawking>

On Wed, Nov 13, 2013 at 10:49:10AM +0000, Karl E. Jorgensen wrote:
> Hi
> 
> On Tue, Nov 12, 2013 at 05:55:13PM +0100, rudu wrote:
> > Hi,
> > Well, I wouldn't have thought having so many difficulties setting up
> > a simple monitoring system on my Jessie amd64 desktop, but after a
> > few hours wandering the net, I guess I could use some guidance ...
> > 
> > What I've done so far :
> > aptitude install apache2 munin munin-node
> > ii  apache2                      2.4.6-3 amd64               Apache
> > HTTP Server
> > ii  munin                        2.0.17-3 all
> > network-wide graphing framework (grapher/gatherer)
> > ii  munin-node                   2.0.17-3 all
> > network-wide graphing framework (node)
> > 
> > Then I tried to connect to http://localhost/munin only to get :
> > Forbidden
> > You don't have permission to access /munin on this server.
> > Apache/2.4.6 (Debian) Server at localhost Port 80
> 
> At this point, your first stop should be the apache error log...
> 
> > 
> > I found some threads here and there via google which lead me to try
> > several things.
> > First in /etc/munin/apache.conf :
> > replace
> > 
> > <Directory /var/cache/munin/www>
> >         Order allow,deny
> >         Allow from localhost 127.0.0.0/8 ::1
> > 
> >         Options None
> > [...]
> > </Directory>
> > 
> > by
> > 
> > <Directory /var/cache/munin/www>
> >         Order allow,deny
> >         Allow from all
> > 
> >         Options None
> > [...]
> > </Directory>
> 
> Hm.. Either should work. 
> 
> If it had no effect, then I suggest you revert that out before doing
> other changes.
> 
> > Then I did :
> > chown -R www-data:munin /var/cache/munin/www
> > chmod -R 775 /var/cache/munin/www
> > 
> > I even added my user to the munin group
> 
> This would have no effect... I suggest you tidy up again by undoing
> that.
> 
> > But I still get this error 403 from apache.
> > 
> > FWIW I got this in /var/log/apache2/error.log :
> > [Tue Nov 12 17:53:03.987560 2013] [authz_core:error] [pid 2758:tid
> > 139900372383488] [client ::1:53049] AH01630: client denied by server
> > configuration: /var/cache/munin/www
> 
> Hm.. That is reasonably conclusive...
> 
> But there is a clue: authz_core ...  Isn't that the apache module that
> is used for user authentication?
> 
> Makes me wonder what the rest of your apache configuration is like -
> there must be some interaction between munin and other things in
> apache...

If you're running Apache 2.4 (which you are), you should add "Require
all granted" below the Allow/Deny statements. This basically tells the
new authorisation module to honour the configuration of the older
module.

Attachment: signature.asc
Description: Digital signature

Reply to:

Follow-Ups:
- Re: [solved] apache2 + munin configuration
  - From: rudu <rudu@cegetel.net>

References:
- apache2 + munin configuration
  - From: rudu <rudu@cegetel.net>
- Re: apache2 + munin configuration
  - From: "Karl E. Jorgensen" <karl@jorgensen.org.uk>

Prev by Date: Re: After installing systemd, slim fails to load desktop.
Next by Date: Re: who uses dual boot? [was: How to start using a free OS]
Previous by thread: Re: apache2 + munin configuration
Next by thread: Re: [solved] apache2 + munin configuration
Index(es):
- Date
- Thread