Issue
The other day I thougt I should make my server a little more secure. I figured I had way too many directories that are read-open to others and could potentially be a risk in case someone finds his way into the system.
I then removed read-, write- and execute-permissions for others on certain directories:
chmod -R o-rwx /home/*/
chmod -R o-rwx /etc/apache2
chmod -R o-rwx /var/www
chmod -R o-rwx /opt
chmod -R o-rwx /mnt
chmod -R o-rwx /media
Now, about two days later I wanted to access my subversion-server located at /home/svn and I got an error 500.
I guess I messed up the permissions on the subversion directory. But I don't understand why it would need 'others'-permissions. I thought it runs as root and can read/write/execute anything it needs.
EDIT: I looked into svn-error.log and saw this:
[Wed Nov 29 14:34:29 2017] [error] [client 2003:cd:dbc6:5c00:ec08:696:5b01:bf20] (13)Permission denied: Could not open password file: /etc/apache2/dav_svn.passwd, referer: http://<host>:<port>/svn/myrepo
What permissions are the correct ones to set and why?
Solution
I found the answer here: https://ubuntuforums.org/showthread.php?t=1288812 I was able to restore the correct permissions for folders and files in three commands:
find /etc/apache2/ -type f -exec sudo chmod 644 {} \;
find /etc/apache2/ -type d -exec sudo chmod 755 {} \;
sudo chown -R root:root /etc/apache2
Answered By - Manticore Answer Checked By - Marilyn (WPSolving Volunteer)