NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Allowing Symbolic Links in ReadyNAS HTTP Service
I've recently migrated most of my storage onto my ReadyNAS NV+, and I'm running into an issue with the HTTP service. I store local mirrors of various yum repositories (CentOS, Fedora, etc.) to save time and bandwidth when updating my systems within my local network. Previously, I had the mirrors running behind a standard Linux server running Apache.
After figuring out how to enable HTTP services (in addition to HTTPS, which is not at all intuitive), I noticed that the symbolic links I had setup were not showing up in the file index, and when I tried to get to them manually I would get a "403 Forbidden" message.
I have a good feeling this is because FollowSymLinks is not set. I don't think it is enabled by default in Apache anyways, for good reasons (security reasons, mostly). Unfortunately, the ReadyNAS version of Apache is not configurable at this level, and I have no idea how to get this to work (unless I had access to the httpd.conf file, hint hint).
I use symbolic links to allow a shortcut to longer paths (e.g., http://nas/centos-install -> http://nas/mirrors/centos/4.4/os/i386/) and to have a major version link pointing to a more specific version (e.g., 4 -> 4.4) so I don't have to touch each machine being updated, and so I can have multiple specific versions on the storage device without messing with production.
Any idea how I can get this to work? I'm using NFS for the time being to get around the issue, but the only way I can think of to get this to work properly would be to either have Infrant open up access to the httpd.conf file, or provide finer grain options for the Apache service within FrontView.
After figuring out how to enable HTTP services (in addition to HTTPS, which is not at all intuitive), I noticed that the symbolic links I had setup were not showing up in the file index, and when I tried to get to them manually I would get a "403 Forbidden" message.
I have a good feeling this is because FollowSymLinks is not set. I don't think it is enabled by default in Apache anyways, for good reasons (security reasons, mostly). Unfortunately, the ReadyNAS version of Apache is not configurable at this level, and I have no idea how to get this to work (unless I had access to the httpd.conf file, hint hint).
I use symbolic links to allow a shortcut to longer paths (e.g., http://nas/centos-install -> http://nas/mirrors/centos/4.4/os/i386/) and to have a major version link pointing to a more specific version (e.g., 4 -> 4.4) so I don't have to touch each machine being updated, and so I can have multiple specific versions on the storage device without messing with production.
Any idea how I can get this to work? I'm using NFS for the time being to get around the issue, but the only way I can think of to get this to work properly would be to either have Infrant open up access to the httpd.conf file, or provide finer grain options for the Apache service within FrontView.
6 Replies
Replies have been turned off for this discussion
- When RAIDiator 4 comes out, you'll have ssh access so you can enable FollowSymLinks. As you said, it's disabled for security reason.
yoh-dah wrote: When RAIDiator 4 comes out, you'll have ssh access so you can enable FollowSymLinks. As you said, it's disabled for security reason.
I had seen that RAIDiator4 would include ssh access, I just didn't know if the shell would be limited, or if it was how much I could really do. I realize the security implications, however for some situations it is necessary. :?
Thanks for the quick reply. :)- I have the latest version of firmware running and have SSH access. But I can't seem to figure out how to configure the FollowSymLinks. Can anyone shed some light on how to set this up?
- Need to append FollowSymLinks to the Options line below.
# cat /etc/frontview/apache/Shares.conf
Alias "/web" "/c/web"
<Location "/web">
Options Indexes
Order allow,deny
Allow from all
</Location> - Am I missing something or doesn't this work?
If I add FollowSymLinks to the Options list and restart apache, it has disappeared again.
In the Apache documentation I found is stated that the FollowSymLinks option is not supported inside of a <Location> tag, only inside a <Directory> tag.
Apache Docs: http://httpd.apache.org/docs/2.0/mod/core.html#options
Did anybody get this to work? - Sorry to revive an old thread, but I just found it and noticed it had an unanswered question. I figured I would share my solution to allow symlinks on my CentOS mirror on my ReadyNAS.
I created a custom config called /etc/frontview/apache/custom.conf and added an include line for it in /etc/frontview/apache/httpd.conf
It contains the following:<Directory "/c/mirror">
Options FollowSymlinks
</Directory>
I also commented out the Require valid-user directive in my /mirror location, so my servers don't have to authenticate to connect:Alias "/mirror" "/c/mirror"
<Location "/mirror">
Options Indexes
Order allow,deny
Allow from all
# Require valid-user
Include /etc/frontview/apache/Auth.conf
AuthName "My Shares"
</Location>
I thought about adding the Directory directive to the Shares.conf, but I was afraid it might get overwritten. So, I created a separate conf file for it.
Hope this helps.
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
