Topic: Forbidden?????

[Pete]

HELP!
Just updated to 5.12 Update 1, and installed the ApacheMP3 Blade. Now when I try and access the Remote Admin Page, either from telnet, or my desktop (internally) it gives me an error message "403: You do not have access to view this page"

It never gives me the option to put in a password, so I'm definitely not entering an incorrect password.
I can still access the webpage on port 80, but cant access the server manager...

I have applied a few other rpms to the system, but dont think its any of them. Just to make sure I uninstalled them, and this has made no change.
Those RPM's are e-smith-service-control-1.1.0-01.noarch.rpm, e-smith-vpn-0.1-2.noarch.rpm and dmc-mitel-portforwarding-0.0.1-4.noarch.rpm


Can anyone shed some light on this please????? I'm stumped!

The server still functions, but is now unmanagable....

[Fred Grambs]

I ran into this also on 5.0 blade 4. Believe it or not, a simple reboot resolved it.

I went crazy trying to figure it out, checked all the ini files, killed the httpd process and restarted it. Nothing. When I did a search on these forums, someone had the same problem a while ago and reboot fixed it for him. So, dunno why, dunno how, but it's working now.

[Pete]

Have rebooted a numbver of times now, and sitll get the error!
Its driving me just a little nuts.
cant find aything, killed services...

will just have to go to my last backup I guess...

[Fred Grambs]

Have you tried going to the server manager locally, i.e. from the server itself using Lynx?
Was anything changed in your httpd.ini file (allow and deny settings)?

[Andrew]

G'day Pete,

I'm pretty much a newbie as well but I have been trying to get around a VPN problem and I installed that VPN RPM and got the same problem you have.  You can verify that it is the same one I had because if you alt-F2 into a linux cmd promt you can still log into your machine with your password.

I suspect (and I have no real knowledge to back this up) that once you enable VPN and the IpSEC that goes with it you somehow lock out other less secure modes of entry.

Sorry to tell you this but I tried to uninstall the RPM with no luck so I rebuilt the server.

I hope you get a better result than I did.

Cheers,
Andrew

[Korpo]

I had a similar issue when I tried to install Squirrelmail. I tried using the Lynx browser directly on the server and got the same issue. I couldn't figure anything out in the end, so I ended up just backing everything up (manually) and reloading everything from scratch. It only takes an hour or two and you can spend that much time troubleshooting.
-Kris

[Art Verhoef]

I have the same problem, except with different RPMs.  Am using SME5.1.2 and thought I'd install some RPMs.  Last time it totally messed everything up with the same error Pete had...so I decided to install Noble's devinfo-mitel-update-system-0.0.1-12.noarch.rpm, this adds the "Update System" on the web-based control panel...So I installed the e-smith-dialup using this update panel, installed OK, but when I refreshed, logged in again, no new module was there!  I thought, this is weird, but I'll try a different one...installed e-smith-isp and e-smith-link-status RPMs.  Closed browser, went in the server manager, no new modules!  I tried next to install e-smith-vacation-0.1-1.noarch.rpm, it installed successfully, refreshed browser...same error Pete got: 403 FORBIDDEN.  

I rebooted the server a couple of times...same thing: I couldn't get in.  And it didn't even ask for a name/password.  

So I went on the actual server, option 6, access server manager, typed in password, got a message: "Forbidden: You don't have permission to access /common/noframes on this server."  What does this mean?  How can I give myself permission to access my own server again???

I un-installed all the RPMs, rebooted several times, no luck.  HOWEVER, I did notice when it was booting, it FAILED this startup:

Starting httpd-e-smith:  Starting httpd:                           OK
       (this line was blank)                                              Failed (in red)
Starting.....

So obviously there is a problem.  Could someone please help me on this one?  Is my server toast????  There's gotta be a way to fix it.

Thanks!

Art

[Daniel van Raay]

I've seen this forbidden problem when you install the e-smith-vacation-0.1-x RPMs on an e-smith 4.1.2 (or later) server.  It has to do with permissions of the admin web pages.

Check the permissions (and ownership) of the /etc/e-smith/web/functions and /etc/e-smith/web/panels folders.

On e-smith 4.1.2 and later, they should be like this:
[root@thebeast:/root]$ ls /etc/e-smith/web/ -l
total 12
dr-xr-x---    3 www      admin        4096 Apr  2 11:47 common
dr-xr-x---    2 root     admin        4096 Apr 12 13:45 functions
dr-xr-x---    4 root     admin        4096 Dec 27  2000 panels

If they are not, fix them like so:
[root@thebeast:/root]$ chown root.admin /etc/e-smith/web/{functions,panels}
[root@thebeast:/root]$ chmod u=rx,g=rx /etc/e-smith/web/{functions,panels}

I wrote that e-smith-vacation RPM for e-smith 4.0.1, not 4.1.2.  If you want to install the vacation package on a later version server, install the 0.2-x version from:
  ftp://ftp.e-smith.org/pub/e-smith/contrib/DanielvanRaay/RPMS/noarch/

Daniel van Raay

[Art Verhoef]

Thanks man!!!  It worked!!  Hours of time saved with a few simple commands!  But in the future, how will I know if the RPM supports SME 5.1.2 or not?  Take the latest version, I guess, but what if the latest version is an out-dated version, and it doesn't specify which e-smith it will work for?

[Russell]

Daniel,

I  have installed squirrelmail and received the forbidden message, but my newbieness has caused me to fail in the execution of your remedy.
Can you please provide a more detailed description of the process to correct my dilemma?

cheers
Russell

[Jason Judge]

Try this:

1. Create a new 'local network'.
2. Delete the new 'local network'.

Magically (on my system at least) the 'forbidden' message goes away and all is well - until the next time it happens. Next time I'll take a snapshot of the filesystem to see what changes.

I've noticed the admin page can be working fine one day, then return 'forbidden' the very next morning. There are no reboots, no installed RPMS, no configuration changes - it is just different the next day.

I've posted on this subject many times, and never had a reply.

JJ