I have a share volume moutn between nginx container and php-fpm container. By following this article https://www.digitalocean.com/community/tutorials/how-to-setup-fastcgi-caching-with-nginx-on-your-vps, Nginx do create cache files. However, I can not delete it due to permission issue.
If I want to delete it from my php-fpm container. I have to go to inspect container and chown -R www-data:www-data the folder. Then Nginx create a new one and I have to do it again
drwx------ 3 root root 4096 Jan 31 10:58 b
Is there a way to solve this?
Related
I am trying to self host a PHP script called sngine. (facebook clone)
When trying to install it I get an error:
config.php - Required includes folder to be writable for the installation
when I run ls -l I get this: drwxrwxrwx 5 mbeck mbeck 4096 Aug 25 23:00 includes
I don't know why it is saying that it's not writable.
The script is in var/www/{domain name}/
I am on Apache/2.4.41 (Ubuntu) and PHP version: 7.4.22
EDIT:
I found someone saying to run chown www-data:www-data <directory> So I did, and permissions now return drwxrwxrwx 5 www-data www-data 4096 Aug 25 23:00 includes and the error is still there.
Ok, I found it!
I had to run sudo chown -R www-data /var/www/example.com/mydomain/includes/
Now it works!
After installing everything on Ubuntu Server 16, my testfile shows that HHVM is not started.
At the same time sudo service hhvm status tells me that the status is active (exited) and that it cannot open /var/log/hhvm/error.log
restarting the server gives no errors but i can not get HHVM completely up and running.
The testfile is a simple if/else PHP file in var/www/html like the following.
<?php
if (defined('HHVM_VERSION')) {
echo 'hhvm is working';
} else {
echo 'hhvm is not working' ;
}
?>
Where does this status come from(i already found it might have something to do with the daemon, but i can start the daemon without issues) and how can i fix it?
I already tried the few solutions that i could find, but without succes. :( I am using HHVM with Apache.
edit in response to #hanshendrik
Thanks, your top command shows the first 2 results being equal to the example. then drwxrwxr-x root syslog log and for hhvm: no such file or directory. So i made the hhvm folder and changed the group to www-data. It has drwxr-xr-x rights and the error.log has -rw-rwxr-- rights. However, the problem is not yet solved. It doesn't give the warnings anymore but still says active(exited)and shows that the HHVM fastcgi Daemon started
Edit, partially solved
My testsite still says HHVM is not working though... :(
probably a permission issue, first run sudo su name-of-account-hhvm-is-started-as-here -s /bin/bash (for example, sudo su www-data -s /bin/bash) then run namei -l /var/log/hhvm/error.log, and the point where it fails should be revealed. for example, the output might be
namei -l /var/log/hhvm/error.log
f: /var/log/hhvm/error.log
drwxr-xr-x root root /
drwxr-xr-x root root var
drwxr-xr-x root root log
drwx------ root www-data hhvm
error.log - No such file or directory
here, because the owner is root, and only the owner has execute permissions on the folder, only the owner (root) can open any files inside it, and the fix would be chmod g+x /var/log/hhvm. or the output might be
drwxr-xr-x root root /
drwxr-xr-x root root var
drwxr-xr-x root root log
drwx--x--- root www-data hhvm
-rw-r--r-- root www-data error.log
here, owner and group has execute permissions on the folder, but only the owner has write access to error.log, and the fix would be chmod g+w /var/log/hhvm/error.log,... good luck
I have server with Nginx, PHP5-FPM.
I'm running 1 process in fpm pool with this configuration:
user = php-site
group = www-site
listen = /var/run/php5-fpm_web.sock
listen.owner = php-site
listen.group = www-site
listen.mode = 0666
I have these users:
- www-site (groups: www-site)
- php-site (groups: www-site)
- deploy (groups: deploy, www-site)
This deploy user has only SSH access to do some stuff (composer, git deploy, etc..).
Problem is here, my application creates cache files in cache folder. Cache folder has 0775 (deploy:www-site), but cache/template/file.cache has 0644 (php-site:www-site). When I want to purge this cache folder, over rm -rf cache/*, I'm receiving Permission denied.
How could I solve it? If php5-fpm would create files with mask 0666 everything gonna be alright.
Possible ways to do that:
1) Add umask to your base PHP scrip (index.php)
2) Add umask to your php5-fpm profile, to master process or single pool
3) Add umask to your unix user, user that php5-fpm or nginx runs (http://www.cyberciti.biz/tips/understanding-linux-unix-umask-value-usage.html)
Overview
I'm using Laravel 4.2 with an image upload feature. I have it set up on Homestead, but recently I removed Nginx and serve the site with Apache instead (due to the need to use Server Sent Events).
Before I moved from Nginx to Apache the file upload functionality worked fine. It also works fine on a staging server with Apache.
The Error
I'm using the Intervention image library to handle image uploads. When I try to upload a file, I get the following in my laravel.log file:
Can't write image data to path (/home/vagrant/projects/projectname/public/assets/pics/profile/photos/f55f0ae2-2d1a-4fdd-b9be-39d8a509baa3.jpg)
What I've Tried
I thought it was just a simple permissions error. I've gone so far as to chmod my asset directories to 0777, change the directory owner to www-data, create a new group called web with www-data and change the owner group to that, (basically everything in this answer and more) and still it doesn't work.
The directory definitely exists, and like I mentioned, it worked before the move to Apache (I'm not entirely sure if it's related but it seems likely).
My /var/log/apache2/error.log is empty, too.
The staging server works fine, but I don't want to encounter the same problem when I provision the production server. I'd like to fix the problem and understand it more so I can fix it if I ever come across it in the future. Why is this happening and what can I do to fix it/debug further?
Example Folder Permissions
drwxr-xr-x 1 vagrant vagrant 272 Jan 26 11:07 assets/pics
drwxr-xr-x 1 vagrant vagrant 170 Jan 26 10:11 assets/pics/defaults
drwxr-xr-x 1 vagrant vagrant 714 Jan 26 14:10 assets/pics/forums
drwxr-xr-x 1 vagrant vagrant 646 Jan 26 14:10 assets/pics/forums/thumbs
drwxr-xr-x 1 vagrant vagrant 170 Jan 20 18:02 assets/pics/gallery
drwxr-xr-x 1 vagrant vagrant 3026 Jan 26 13:24 assets/pics/messages
drwxr-xr-x 1 vagrant vagrant 2992 Jan 26 13:24 assets/pics/messages/thumbs
drwxr-xr-x 1 vagrant vagrant 136 Jan 8 17:27 assets/pics/profile
drwxr-xr-x 1 vagrant vagrant 136 Feb 10 14:48 assets/pics/profile/photos
drwxr-xr-x 1 vagrant vagrant 102 Feb 10 14:51 assets/pics/profile/photos/thumbs
For some reason the owner/group is still vagrant, even when I chown them. I've tried with sudo chown and by doing sudo -s.
Try modifying your Vagrantfile to include this line, before the end of the Vagrant.configure(VAGRANTFILE_API_VERSION) do |config| block:
config.vm.synced_folder "/path/to/laravel/app", "/home/vagrant/projects/projectname", :owner => "www-data", :group => "www-data", :mount_options => ["dmode=775", "fmode=664"]
The string "/path/to/laravel/app" must point to dir you're working on outside the Vagrant machine. This should force the file owner and permissions to be the ones you specify for all the project files (so they're not overridden by vagrant). You'll need to restart the VM after you make the change.
How are you doing your chown? It should be
chown USERNAME GROUP -R /path/to/file
I've successfully created an application using AWS Elastic Beanstalk and have uploaded the app using Git.
All that's left for me to do is create my settings.php file and everything should work.
However when I connect via SSH as the user ec2-user using the method documented at SSH to Elastic Beanstalk instance I cannot navigate into the webapp directory. Here is output of ls -all
drwxr-xr-x 4 root root 4096 Feb 10 16:21 .
dr-xr-xr-x 23 root root 4096 Feb 10 16:23 ..
drwx------ 3 ec2-user ec2-user 4096 Feb 10 16:41 ec2-user
drwx------ 2 webapp webapp 4096 Feb 10 16:21 webapp
And when I try to navigate there I get:
cd: webapp: Permission denied
My question is, can I change the ownership of the webapp folder to that of ec2-user. If I do, will I break Elastic beanstalk? If so, I'd be interested to know how anyone else achieves what I am looking to do, which is not skip the Git deploy of a settings file so that it can be different on my local machine from that of the version on Amazon.
Changing the owner will probably break your Elastic Beanstalk deployment. However, you could add your user to the webapps group and change the permissions to rw on the folder recursively so that anyone in the webapps group can read/write on that folder
chmod -R g+rw webapp
If so, I'd be interested to know how anyone else achieves what I am
looking to do, which is not skip the Git deploy of a settings file so
that it can be different on my local machine from that of the version
on Amazon.
Can you elaborate on this ? What settings file ? Do you mean 'skip' or 'not skip' ?
The permissions of the ec2-user are restricted, and probably not identical to the user running your application. Use the Unix sudo command to perform administrator tasks when you're logged on to your EC2 instance:
$ sudo ls webapp
Then you're able to easily see how things are set up, and perform any actions you please. Just keep in mind that anything you DO perform, may become undone if the instance is recreated. Therefore, you may need to use .config files, should you automatically want this file to appear on any new EC2 nodes created by Elastic Beanstalk.
Good luck!