Hey y’all, running into a “403 Forbidden” error while trying to set up OOD, I’ve installed from the rpm and disabled selinux. After setting up the AD bind, I can get the authentication to work, but after the log in, I’ll run into the 403 error. When looking at the /var/log/ondemand-nginx/${USER}/error.log, it says “directory index of “/var/www/ood/apps/sys/dashboard/public/” is forbidden.” I’m not quite sure what to make of this so I would appreciate it if anyone could help. Thanks.
This is the result of ls -l /var/www/ood/apps/sys:
drwxr-xr-x 2 root root 26 Jul 8 07:52 activejobs
drwxr-xr-x 3 root root 136 Jul 8 07:52 bc_desktop
drwxr-xr-x 13 root root 4096 Jul 18 14:30 dashboard
drwxr-xr-x 2 root root 26 Jul 8 07:52 file-editor
drwxr-xr-x 2 root root 43 Jul 8 07:52 files
drwxr-xr-x 14 root root 4096 Jul 8 07:52 myjobs
drwx------ 2 root root 26 Jul 8 07:52 projects
drwxr-xr-x 10 root root 4096 Jul 8 07:52 shell
(I’ve also checked all of the parent directories and there doesn’t seem to be any permission issues)
Hello and welcome! Sorry for the trouble.
What do the permissions on that /var/www/ood/apps/sys/dashboard/public/ directory say?
Also just to double check SELinux, what do you get back when you issue sestatus?
Hey, thanks for responding. sestatus returns: SELinux status: disabled and the permissions on /var/www/ood/apps/sys/dashboard/public/ are:
-rw-r–r-- 1 root root 1564 Jun 25 10:44 404.html
-rw-r–r-- 1 root root 1547 Jun 25 10:44 422.html
-rw-r–r-- 1 root root 1477 Jun 25 10:44 500.html
drwxr-xr-x 3 root root 19 Jul 8 07:52 ace
drwxr-xr-x 5 root root 16384 Jul 8 07:52 assets
-rw-r–r-- 1 root root 0 Jun 25 10:44 favicon.ico
drwxr-xr-x 7 root root 125 Jul 8 07:52 noVNC-1.3.0
-rw-r–r-- 1 root root 202 Jun 25 10:44 robots.txt
Thanks for verifying the selinux stuff. Looking through this, I haven’t seen the permissions on the actual public directory though, what are the perms on that specific public dir itself? Not the contents of the dir or the dir’s around it, but that dir itself?
Sorry about that, running ls -ld on that directory gives me:
drwxr-xr-x 5 root root 153 Jul 18 14:25 /var/www/ood/apps/sys/dashboard/public/
I don’t know if this is correlated or not but aside from configuring the connector, I’ve also added this line to my ondemand-dex.service since my bindPW had a ‘$’ character in it: Environment=‘DEX_EXPAND_ENV=0’
Found that the open file limit on the system was too low, changed it to a larger amount and now it works.