Using Plesk with Apache and Nginx together on Centos.
Errors were being logged perfectly on;
/var/www/vhosts/example.com/logs/error_log
/var/www/vhosts/example.com/logs/proxy_error_log
I truncated the files by deleting and recreating them; now nothing is logged. File owner and the file permissions are all the same; but error logging has just stopped.
I check the other domains, they all perfectly work as supposed.
Actually web server logs are stored in /var/www/vhosts/system/example.tld/logs/.
Log files in /var/www/vhosts/example.tld/logs/ it's not a files but hardlinks to files in /var/www/vhosts/system/example.tld/logs/. Pay attention for same inode number 261064:
# ls -lia /var/www/vhosts/example.tld/logs/error_log
261064 -rw-r--r--. 2 root root 2432 Jun 8 18:26 /var/www/vhosts/example.tld/logs/error_log
# ls -lia /var/www/vhosts/system/example.tld/logs/error_log
261064 -rw-r--r--. 2 root root 2432 Jun 8 18:26 /var/www/vhosts/system/example.tld/logs/error_log
when I've remove this file I've remove hardlink:
# rm /var/www/vhosts/example.tld/logs/error_log
rm: remove regular file `/var/www/vhosts/example.tld/logs/error_log'? y
# ls -lia /var/www/vhosts/system/example.tld/logs/error_log
261064 -rw-r--r--. 1 root root 2432 Jun 8 18:26 /var/www/vhosts/system/example.tld/logs/error_log
When I've create it again it will has own inode number(276777):
# touch /var/www/vhosts/example.tld/logs/error_log
# ls -lia /var/www/vhosts/example.tld/logs/error_log
276777 -rw-r--r--. 1 root root 0 Jun 8 18:33 /var/www/vhosts/example.tld/logs/error_log
So to solve you issue you just need to remove file you have created and create hardlink to file in system/log:
# rm /var/www/vhosts/example.tld/logs/error_log
# ln /var/www/vhosts/system/example.tld/logs/error_log /var/www/vhosts/example.tld/logs/error_log
# ls -lia /var/www/vhosts/example.tld/logs/error_log
261064 -rw-r--r--. 2 root root 2432 Jun 8 18:33 /var/www/vhosts/example.tld/logs/error_log
the server probably still tries to write to the files you deleted. restart nginx and apache.
Related
Running Ubuntu 18.04, Apache/2.4.29, PHP 7.2.10.
I am unable to read/write into my mounted drives from PHP.
this is my sample code:
<?php
ini_set('display_errors', '1');
error_reporting(E_ALL);
$folder = '/media/superuser/HDD4TB_CRYPT/nextcloud_data';
var_dump(ini_get('open_basedir'));
file_put_contents($folder.'/x.txt', "AA");
echo file_get_contents($folder."/x.txt");
phpinfo();
This is output:
string(0) ""
Warning:
file_put_contents(/media/superuser/HDD4TB_CRYPT/nextcloud_data/x.txt):
failed to open stream: Permission denied in
/var/www/html/nextcloud/x.php on line 9
Warning:
file_get_contents(/media/superuser/HDD4TB_CRYPT/nextcloud_data/x.txt):
failed to open stream: Permission denied in
/var/www/html/nextcloud/x.php on line 10
these are folder details:
superuser#SuperTower:/var/www/html/nextcloud$ ls -al /media/superuser/HDD4TB_CRYPT/
total 28
drwx------ 4 superuser superuser 4096 feb 3 20:55 .
drwxr-x---+ 4 root root 4096 feb 2 00:06 ..
drwx------ 2 root root 16384 feb 1 22:49 lost+found
drwxrwxrwx 2 www-data www-data 4096 feb 3 21:29 nextcloud_data
I tried editing open_basedir, but this did not help to solve any issues, so I just commented it out. Therefore open_basedir has no value in phpinfo(). Folder is chowned to www-data (this is apache user) and also chmoded to 777.
/media/superuser/ contains folders with mounted drives on my PC. superuser is my username in Ubuntu.
Thanks for any ideas!
P.S.
I have also tried adding a symlink to my folder:
superuser#SuperTower:/var/www/html/nextcloud$ ls -al data
lrwxrwxrwx 1 www-data www-data 45 feb 3 21:05 data -> /media/superuser/HDD4TB_CRYPT/nextcloud_data/
and using
$folder = '/var/www/html/nextcloud/data';
but the results are exactly the same.
I also tried adding
<Directory /var/www/html/nextcloud/data>
Options +FollowSymLinks
Allow from All
</Directory>
no change in the resulting behavior :/
For some reason no matter what ownership/permissions I set on folder, /media/superuser is never accessible by www-data.
I edited /etc/fstab to mount drive into /opt/ folder and I chowned it to www-data user and group.
Works like a charm now.
I have Ubuntu 16.04 with Apache2 and php7 on it.
I wan't to read some log files with php and print them.
Therefore I do a simple
readfile("/var/log/apache2/access.log");
But that does not work. I get this error:
Warning: readfile(/var/log/apache2/access.log): failed to open stream: Permission denied in /var/www/test.php on line 2
I'm quite sure I've set the permissions right, Apache and php runs as www-data, so I added the user www-data to the groups 'adm' and 'syslog', as these groups have read permissions for the whole file path and the file itself.
Permissions are 640 by default, but only if I set it to 647 for example, the file is readable for php/apache.Even 644 or 646 is not enough.
Why is that? Do I have to change something in the Apache vhost config?
Addition: ls -alp /var/log/apache2
drw-r----- 2 root adm 4096 Oct 25 11:07 ./
drwxr-xr-x 9 root syslog 4096 Oct 25 10:39 ../
-rw-r----- 1 root adm 47861 Oct 25 14:01 access.log
-rw-r----- 1 root adm 12014 Oct 25 14:01 error.log
-rw-r----- 1 root adm 0 Oct 25 10:40 other_vhosts_access.log
Since this is clearly a permissions error, ensure each parent folder leading to access.log definitely have the group set to either adm or syslog.
Each folder leading up to access.log must have at least a group permission of read and execute (g+rx) to allow PHP to descend into each sub-directory.
If I were you, I would change the apache config to write the file to a publicly inaccessible folder in your web root (since the log file is clearly essential in your application). This saves you from modifying system folder permissions which can be dangerous especially in web applications.
I want to open the Moodle's web installer as stated by the document (see step 3). Problem is that, I only see the content of the installer file and not the installer itself! Why such thing happens?
root#qemu:~# ls -l /var/www/html/
total 20
-rw-r--r-- 1 root root 11321 اوت 31 23:35 index.html
drwxr-xr-x 7 mahmood mahmood 4096 سپتام 3 15:42 kar3
drwxr-xr-x 49 www-data www-data 4096 سپتام 15 16:42 moodle
root#qemu:~# which php
/usr/bin/php
root#qemu:~# which php7.0
/usr/bin/php7.0
Your file has .html suffix while PHP files must have .php.
Change to .php and enable PHP on server if not already.
Check here for possible problems.
My website creates files with owner apache:apache when uploading a file, like this:
drwxr-xr-x 2 apache apache 4096 Aug 28 14:07 .
drwxr-xr-x 9118 apache apache 233472 Aug 28 14:07 ..
-rw-r--r-- 1 apache apache 41550 Aug 28 14:07 468075_large.jpg
-rw-r--r-- 1 apache apache 26532 Aug 28 14:07 468075_medium.jpg
-rw-r--r-- 1 apache apache 50881 Aug 28 14:07 468075_original.jpg
-rw-r--r-- 1 apache apache 4316 Aug 28 14:07 468075_small.jpg
Now I am trying to create a file inside the same folder with the user that owns that domain in Plesk and I get permission denied.
How can I have both apache and shell user with permissions over that files?
Thanks.
You have to create a group and put your Plesk and Apache user in it. Than you have to chmod -R g+rwX on your files.
And set the default umask of your system to 002.
If that shell user is not apache but in the same group, you will need to make the folder group writeable.
chown 755 .
As it is right now it won't allow anyone other than apache to add a folder.
Or, you can try to use php to do fopen?
Thanks for the answers but I finally decided to run a cron job that will open a php script from the website using wget.
That way it's the same apache user that already has access to the files. I did this basically because I've got tons of files, about 300GB of images so it would take a lot I think to apply al the new permissions.
www#srv:/$ ls -lAh /data/
drwxrwxr-x 654 www www 20K Aug 21 00:01 history
ls -lAh /data/history/
drwxrwxrwx 19 www www 4.0K Aug 21 10:58 2012-08-21
So I have a directory 2012-08-21 and permissions seem to be OK...
PHP and Nginx both run as www:www for sure...
However...
Warning: mkdir(): Permission denied in /www/sites/mine/shop.php on line 366
string(57) "dir: /data/history/2012-08-21/1104-DAD2974M/"
If you are certain that your servers are running as www, then you need to check the permissions on /data/history/2012-08-21/. It may not permissions to allow creating a directory within it.
The permissions on the history directory are not enough to review, you have to look at the next level as well.