I have a dedicated server with Centos6 and cPanel, all I want is to install Magento 2 on this server. My problem is with files and folders permissions. in the Magento 2 documentation I need to set this permissions find . -type d -exec chmod 770 {} \; && find . -type f -exec chmod 660 {} \; && chmod u+x bin/magento . when I set this permision to my home/username/public_html I get this error in browser.
Forbidden
You don't have permission to access / on this server.
Server unable to read htaccess file, denying access to be safe
Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.
is anyone who can point me in one direction to solve this?
thank you
**Output**
**ls -al /path/to/magento**
drwxr-x---. 13 nobody nobody 4096 Jan 29 18:30 ./
drwx--x--x. 10 quick quick 4096 Jan 29 18:29 ../
drwxr-xr-x. 4 nobody root 4096 Jan 29 18:30 app/
drwxr-xr-x. 2 nobody root 4096 Jan 29 18:30 bin/
drwxr-xr-x. 2 nobody quick 4096 Jan 29 18:28 cgi-bin/
-rw-r--r--. 1 nobody root 437404 Jan 28 04:12 CHANGELOG.md
-rw-r--r--. 1 nobody root 1851 Jan 28 04:10 composer.json
-rw-r--r--. 1 nobody root 315984 Jan 28 04:12 composer.lock
-rw-r--r--. 1 nobody root 3425 Jan 28 04:12 CONTRIBUTING.md
-rw-r--r--. 1 nobody root 10011 Jan 28 04:12 CONTRIBUTOR_LICENSE_AGREEMENT.html
-rw-r--r--. 1 nobody root 631 Jan 28 04:12 COPYING.txt
drwxr-xr-x. 4 nobody root 4096 Jan 29 18:30 dev/
-rw-r--r--. 1 nobody root 1032 Jan 28 04:10 .gitignore
-rw-r--r--. 1 nobody root 2918 Jan 28 04:12 Gruntfile.js
-rw-r--r--. 1 nobody root 7592 Jan 28 04:12 .htaccess
-rw-r--r--. 1 nobody root 6419 Jan 28 04:12 .htaccess.sample
-rw-r--r--. 1 nobody root 1358 Jan 28 04:12 index.php
drwxr-xr-x. 4 nobody root 4096 Jan 29 18:30 lib/
-rw-r--r--. 1 nobody root 10374 Jan 28 04:12 LICENSE_AFL.txt
-rw-r--r--. 1 nobody root 10364 Jan 28 04:12 LICENSE.txt
-rw-r--r--. 1 nobody quick 35749362 Jan 29 18:29 Magento-CE-2.0.2-2016-01-28-02-26-45.tar.bz2
-rw-r--r--. 1 nobody root 4108 Jan 28 04:12 nginx.conf.sample
-rw-r--r--. 1 nobody root 1427 Jan 28 04:12 package.json
-rw-r--r--. 1 nobody root 1659 Jan 28 04:12 .php_cs
-rw-r--r--. 1 nobody root 804 Jan 28 04:12 php.ini.sample
drwxr-xr-x. 2 nobody root 4096 Jan 29 18:30 phpserver/
drwxr-xr-x. 6 nobody root 4096 Jan 29 18:30 pub/
-rw-r--r--. 1 nobody root 4388 Jan 28 04:10 README.md
drwxr-xr-x. 7 nobody root 4096 Jan 29 18:30 setup/
-rw-r--r--. 1 nobody root 3731 Jan 28 04:12 .travis.yml
drwxr-xr-x. 8 nobody root 4096 Jan 29 18:30 update/
drwxr-xr-x. 2 nobody root 4096 Jan 29 18:30 var/
drwxr-xr-x. 27 nobody root 4096 Jan 29 18:30 vendor/
**ps -ef | grep httpd**
root 14165 1 0 11:43 ? 00:00:01 /usr/local/apache/bin/httpd -k start
nobody 18801 14165 0 18:35 ? 00:00:00 /usr/local/apache/bin/httpd -k start
nobody 18802 14165 0 18:35 ? 00:00:00 /usr/local/apache/bin/httpd -k start
nobody 18803 14165 0 18:35 ? 00:00:00 /usr/local/apache/bin/httpd -k start
nobody 18804 14165 0 18:35 ? 00:00:00 /usr/local/apache/bin/httpd -k start
nobody 18805 14165 0 18:35 ? 00:00:00 /usr/local/apache/bin/httpd -k start
root 18975 20796 0 18:43 pts/0 00:00:00 grep httpd
You also probably need to chwon user:group bin/magento on the files you have installed (the magento files). You need to figure out which user Apache is running as and change user:group above to that, something like apache:apache or whatever is in your httpd.conf file.
Post some more info (ls -al /path/to/magento and ps -ef | grep httpd for apache), but I'll bet that's your problem.
Edit
Based on your edited output, you need to chown the files to be owned by nobody, which is the user apache is running as. This can be done via chown -R nobody /path/to/magento
Note that you only show the .bz2 archive, but you need to chown the extracted files.
Also, you said you had to use the user that cpanel created when you installed it, so there you go.
Related
I think I am having problems with the max children limit for php-fpm. I am trying to find something in the logs. Where can I find php-fpm.log on my server? Running phpinfo() shows this:
I cannot find anything related to php-fpm in /var/log/.
I am also trying to find the php-fpm.conf that is mentioned at https://www.php.net/manual/en/install.fpm.configuration.php. Thank you.
UPDATE 1: I found at https://github.com/rlerdorf/php7dev/issues/48 that it asks to edit /usr/local/etc/php-fpm.d/www.conf. In my case, I cannot find that file:
root#jai [/usr/local/etc]# pwd
/usr/local/etc
root#jai [/usr/local/etc]# ls -al
total 8
drwxr-xr-x. 2 root root 4096 Sep 23 2011 ./
drwxr-xr-x. 15 root root 4096 Apr 7 15:02 ../
Do I need to create it at /usr/local/etc/php-fpm.d/www.conf?
UPDATE 2: I see I have a folder called ApachePHPFPM but the file inside (default_accounts_to_fpm) is empty:
root#jai [/var/cpanel/ApachePHPFPM]# pwd
/var/cpanel/ApachePHPFPM
root#jai [/var/cpanel/ApachePHPFPM]# ls -al
total 16
drwxr-xr-x 2 root root 4096 Mar 26 04:44 ./
drwx--x--x 108 root root 12288 Apr 17 13:44 ../
-rw-r--r-- 1 root root 0 Mar 26 04:44 default_accounts_to_fpm
root#jai [/var/cpanel/ApachePHPFPM]#
UPDATE 3: My server had this file:
/usr/local/cpanel/etc/php-fpm.conf
The file contains this:
; Error log file
; Default Value: /var/log/php-fpm.log
error_log = /usr/local/cpanel/logs/php-fpm/error.log
That means that my error logs for php-fpm are located in this file: /usr/local/cpanel/logs/php-fpm/error.log.
I navigated to /usr/local/cpanel/logs/php-fpm/ but I could not find error.log:
root#jai [/usr/local/cpanel/etc]# cd /usr/local/cpanel/logs/php-fpm/
root#jai [/usr/local/cpanel/logs/php-fpm]# ls -al
total 8
drwx------ 2 root root 4096 Mar 30 2018 ./
drwx--x--x 6 root root 4096 Apr 16 15:24 ../
root#jai [/usr/local/cpanel/logs/php-fpm]#
In /opt/cpanel/ea-php73/root/etc/php-fpm.conf I found this line:
error_log = /opt/cpanel/ea-php73/root/usr/var/log/php-fpm/error.log
I see the error log files there:
root#jai [/opt/cpanel/ea-php73/root/usr/var/log/php-fpm]# pwd
/opt/cpanel/ea-php73/root/usr/var/log/php-fpm
root#jai [/opt/cpanel/ea-php73/root/usr/var/log/php-fpm]# ls -al
total 151456
drwxrwx--- 2 nobody root 4096 Apr 14 17:36 ./
drwxr-xr-x 3 root root 4096 Mar 26 04:42 ../
-rw------- 1 root root 31536068 Apr 17 17:05 error.log
-rw------- 1 root root 32102325 Mar 29 03:26 error.log-20200329
-rw------- 1 root root 51453659 Apr 5 03:36 error.log-20200405
-rw------- 1 root root 39966549 Apr 12 02:55 error.log-20200412
root#jai [/opt/cpanel/ea-php73/root/usr/var/log/php-fpm]#
I am running Wordpress on a Debian Based (Raspbian Buster) LEMP server. For the most part, everything is working fine except some problems with uploading photos using the command line interface. I have many pictures in my servers ~/Pictures folder that I am trying to upload to wordpress using the command line interface.
I navigate to the root directory of my wordpress installation and run the following command:
wp media import ~/Pictures/*.jpg
To which I get the following errors:
Warning: Unable to import file '/home/Danran/Pictures/img_0754.jpg'. Reason: The uploaded file could not be moved to wp-content/uploads/2020/03.
for each corresponding file. I am fairly certain that this is some sort of permissions error, but because I am a noob, I don't want to risk tinkering around with permissions in my wordpress directory without some sort of guidance by a pro.
How can I get rid of this error and successfully import my photos to wordpressing using the wp-cli?
could you please verify that you have write permissions in the uploads directory?
if u are using apache, normally what I do is set the www-data group as the owner of that directory
chown -R www-data:www-data /var/www/wordpress/wp-content/uploads
but, if what you want is to know if it is a permissions problem, simply set the permissions to 777 of that directory, and try to upload the files again... if you succeed, then it is a problem permissions, and setting them to 777 grants the cli access to that folder.
chmod 777 /var/www/wordpress/wp-content/uploads
Once you upload all of your photos with the CLI, you can change the permissions back to their original with chmod -R 755 on the same uploads folder you originally modified.
However, I usually set the permissions as follows ..
Directories: 644
Files: 755
find /var/www/wordpress/ -type f -exec chmod 644 {} \;
find /var/www/wordpress/ -type d -exec chmod 755 {} \;
EDIT1
Compare it with yours:
/var/www/wordpress/
root#www:/var/www# ls -l
total 212
-rw-r--r-- 1 www-data nogroup 420 Nov 30 2017 index.php
-rw-r--r-- 1 www-data nogroup 19935 Jan 1 2019 license.txt
-rw-r--r-- 1 www-data nogroup 7368 Sep 2 2019 readme.html
-rw-r--r-- 1 www-data nogroup 6939 Sep 2 2019 wp-activate.php
drwxr-xr-x 9 www-data nogroup 4096 Dec 18 17:16 wp-admin
-rw-r--r-- 1 www-data nogroup 369 Nov 30 2017 wp-blog-header.php
-rw-r--r-- 1 www-data nogroup 2283 Jan 20 2019 wp-comments-post.php
-rw-r--r-- 1 www-data nogroup 2898 Jan 7 2019 wp-config-sample.php
-rw-r--r-- 1 www-data root 3310 Jan 7 11:54 wp-config.php
drwxr-xr-x 8 www-data nogroup 4096 Jan 7 15:17 wp-content
-rw-r--r-- 1 www-data nogroup 3955 Oct 10 18:52 wp-cron.php
drwxr-xr-x 20 www-data nogroup 12288 Dec 18 17:16 wp-includes
-rw-r--r-- 1 www-data nogroup 2504 Sep 2 2019 wp-links-opml.php
-rw-r--r-- 1 www-data nogroup 3326 Sep 2 2019 wp-load.php
-rw-r--r-- 1 www-data nogroup 47597 Dec 9 08:30 wp-login.php
-rw-r--r-- 1 www-data nogroup 8483 Sep 2 2019 wp-mail.php
-rw-r--r-- 1 www-data nogroup 19120 Oct 15 11:37 wp-settings.php
-rw-r--r-- 1 www-data nogroup 31112 Sep 2 2019 wp-signup.php
-rw-r--r-- 1 www-data nogroup 4764 Nov 30 2017 wp-trackback.php
-rw-r--r-- 1 www-data nogroup 3150 Jul 1 2019 xmlrpc.php
/var/www/wordpress/wp-content
root#www:/var/www/wp-content# ls -l
total 28
drwxr-xr-x 3 www-data www-data 4096 Jan 7 14:52 cache
-rw-r--r-- 1 www-data nogroup 28 Jan 8 2012 index.php
drwxr-xr-x 2 www-data www-data 4096 Jan 7 11:55 languages
drwxr-xr-x 11 www-data nogroup 4096 Jan 8 16:24 plugins
drwxr-xr-x 4 www-data nogroup 4096 Jan 7 13:51 themes
drwxr-xr-x 2 www-data www-data 4096 Jan 7 14:52 upgrade
drwxr-xr-x 6 www-data www-data 4096 Jan 7 14:50 uploads
I was following this video https://www.youtube.com/watch?v=gC8sLGB8SSM&index=77&list=PL442FA2C127377F07 . I am using fedora. I am able to read a file using this code:
$fileHandle = fopen('test.txt', 'r') or die('Unable to open test.txt');
echo fread($fileHandle, filesize('test.txt'));
But when I change 'r' to 'w', it dies and prints 'Unable to open test.txt'.
To check that I have permissions to read and write to a file, I typed this on terminal, ls -l /var/www/html. It showed:
total 8
-rwxr-xr-x. 1 Hemil apache 131 Jul 6 11:09 index.php
-rw-rw-r--. 1 Hemil Hemil 12 Jul 6 11:09 test.txt
I noticed that apache did not have the permission to read and write to a file, I did this: sudo chown Hemil:apache /var/www/html. But again when i checked the permissions, it prints the same as above.
EDIT: I forgot to add that I am not on a server. I am on localhost.
EDIT: On #Nic3500 's recommendation, i add the following:
ls -al /var:
total 108
drwxr-xr-x. 23 root root 4096 Apr 25 12:09 .
dr-xr-xr-x. 18 root root 4096 Jul 7 08:17 ..
drwxr-xr-x. 2 root root 4096 Apr 25 12:06 account
drwxr-xr-x. 2 root root 4096 Feb 7 15:11 adm
drwxr-xr-x. 17 root root 4096 Jul 5 10:21 cache
drwxr-xr-x. 2 root root 4096 May 31 10:46 crash
drwxr-xr-x. 3 root root 4096 Apr 25 12:06 db
drwxr-xr-x. 3 root root 4096 Apr 25 12:06 empty
drwxr-xr-x. 2 root root 4096 Feb 7 15:11 ftp
drwxr-xr-x. 2 root root 4096 Feb 7 15:11 games
drwxr-xr-x. 2 root root 4096 Feb 7 15:11 gopher
drwxr-xr-x. 3 root root 4096 Jun 15 03:23 kerberos
drwxr-xr-x. 59 root root 4096 Jul 5 11:55 lib
drwxr-xr-x. 2 root root 4096 Feb 7 15:11 local
lrwxrwxrwx. 1 root root 11 Apr 25 12:03 lock -> ../run/lock
drwxr-xr-x. 18 root root 4096 Jul 5 11:52 log
drwx------. 2 root root 16384 Jul 4 22:54 lost+found
lrwxrwxrwx. 1 root root 10 Feb 7 15:11 mail -> spool/mail
drwxr-xr-x. 2 root root 4096 Feb 7 15:11 nis
drwxr-xr-x. 2 root root 4096 Feb 7 15:11 opt
drwxr-xr-x. 2 root root 4096 Feb 7 15:11 preserve
lrwxrwxrwx. 1 root root 6 Apr 25 12:03 run -> ../run
drwxr-xr-x. 11 root root 4096 Apr 25 12:06 spool
drwxrwxrwt. 16 root root 4096 Jul 7 18:26 tmp
-rw-rw-r--. 1 root root 63 Apr 25 12:09 .updated
drwxr-xr-x. 4 root root 4096 May 1 14:24 www
drwxr-xr-x. 2 root root 4096 Feb 7 15:11 yp
ls -al /var/www
drwxr-xr-x. 4 root root 4096 May 1 14:24 .
drwxr-xr-x. 23 root root 4096 Apr 25 12:09 ..
drwxr-xr-x. 2 root root 4096 May 1 14:24 cgi-bin
drwxr-xr-x. 2 Hemil apache 4096 Jul 6 16:17 html
ls -al /var/www/html
drwxr-xr-x. 2 Hemil apache 4096 Jul 6 16:17 .
drwxr-xr-x. 4 root root 4096 May 1 14:24 ..
-rwxr-xr-x. 1 Hemil apache 102 Jul 7 16:55 index.php
-rw-rw-rw-. 1 Hemil apache 12 Jul 6 11:09 test.txt
I have created a Docker Image with PHP7.0-FPM and Apache 2.4. I have installed InstantClient 12.2 (basic + sdk) and I have installed oci8 like this :
RUN echo "instantclient,/usr/lib/oracle/12.2/instantclient"| pecl install oci8 && \
echo "extension=oci8.so" > /etc/php/7.0/mods-available/oci8.ini && \
ln -s /etc/php/7.0/mods-available/oci8.ini /etc/php/7.0/fpm/conf.d/20-oci8.ini
I don't know why, but I am getting this warning when I (re)start php7.0-fpm :
# service php7.0-fpm restart
* Restarting PHP 7.0 FastCGI Process Manager php-fpm7.0
Warning: PHP Startup: Unable to load dynamic library '/usr/lib/php/20151012/oci8.so' - libmql1.so: cannot open shared object file: No such file or directory in Unknown on line 0
Locations of oci8.so and libmql1.so seems to be ok :
# ll /usr/lib/oracle/12.2/instantclient/
total 216700
drwxrwxrwx 3 root www-data 4096 Dec 11 15:12 ./
drwxr-xr-x 4 root www-data 4096 Dec 12 08:24 ../
-rwxrwxrwx 1 root www-data 363 Jan 26 2017 BASIC_README*
-rwxrwxrwx 1 root www-data 44220 Jan 26 2017 adrci*
-rwxrwxrwx 1 root www-data 57272 Jan 26 2017 genezi*
lrwxrwxrwx 1 root www-data 52 Dec 11 15:02 libclntsh.so -> /usr/lib/oracl
e/12.2/instantclient/libclntsh.so.12.1*
-rwxrwxrwx 1 root www-data 71638263 Jan 26 2017 libclntsh.so.12.1*
-rwxrwxrwx 1 root www-data 8033199 Jan 26 2017 libclntshcore.so.12.1*
-rwxrwxrwx 1 root www-data 2981501 Jan 26 2017 libipc1.so*
-rwxrwxrwx 1 root www-data 539065 Jan 26 2017 libmql1.so*
-rwxrwxrwx 1 root www-data 6568149 Jan 26 2017 libnnz12.so*
lrwxrwxrwx 1 root root 50 Dec 11 15:12 libocci.so -> /usr/lib/oracle/
12.2/instantclient/libocci.so.12.1*
-rwxrwxrwx 1 root www-data 2218687 Jan 26 2017 libocci.so.12.1*
-rwxrwxrwx 1 root www-data 124771800 Jan 26 2017 libociei.so*
-rwxrwxrwx 1 root www-data 158543 Jan 26 2017 libocijdbc12.so*
-rwxrwxrwx 1 root www-data 380996 Jan 26 2017 libons.so*
-rwxrwxrwx 1 root www-data 116563 Jan 26 2017 liboramysql12.so*
-rwxrwxrwx 1 root www-data 4036257 Jan 26 2017 ojdbc8.jar*
drwxrwxrwx 5 root www-data 4096 Jan 26 2017 sdk/
-rwxrwxrwx 1 root www-data 240476 Jan 26 2017 uidrvci*
-rwxrwxrwx 1 root www-data 74230 Jan 26 2017 xstreams.jar*
I have added to /etc/php/7.0/fpm/pool.d/www.conf these 4 lines :
env[LD_LIBRARY_PATH] = /usr/lib/oracle/12.2/instantclient
env[TNS_ADMIN] = /etc/oracle
env[ORACLE_BASE] = /usr/lib/oracle/12.2/instantclient
env[ORACLE_HOME] = /usr/lib/oracle/12.2/instantclient
Would I've missed something?
Thanks
It's ok !
I was missing a .conf in /etc/ld.so.conf.d/oracle-instantclient.conf
RUN echo "instantclient,/usr/lib/oracle/12.2/instantclient"| pecl install oci8 && \
echo "extension=oci8.so" > /etc/php/7.0/mods-available/oci8.ini && \
ln -s /etc/php/7.0/mods-available/oci8.ini /etc/php/7.0/fpm/conf.d/20-oci8.ini && \
echo /usr/lib/oracle/12.2/instantclient > /etc/ld.so.conf.d/oracle-instantclient.conf && \
ldconfig
Try adding those env variable in /etc/apache2/envvars
add at end of the file, like
export LD_LIBRARY_PATH=/usr/lib/oracle/12.2/instantclient
export TNS_ADMIN=/etc/oracle
export ORACLE_BASE=/usr/lib/oracle/12.2/instantclient
export ORACLE_HOME=/usr/lib/oracle/12.2/instantclient
So that apache user will use those variable at runtime.
And also check for user/group permission it has to be www-data:www-data
I have a really strange error. PHP can't read a file that do exists... Some ideas? I have not SELinux installed. I'm using fedora 17 and php 5.4.
I already try everything I know, but the problem still remains.
[root#sqd var]# ls -lia
total 92
8194 drwxrwxrwx. 23 root root 4096 ago 17 10:30 .
2 dr-xr-xr-x. 19 root root 4096 ago 13 16:00 ..
32139 drwxr-xr-x. 2 root root 4096 may 22 13:42 account
288 drwxr-xr-x. 2 root root 4096 feb 3 2012 adm
13 drwxr-xr-x. 14 root root 4096 ago 8 10:26 cache
796005 drwxr-xr-x 2 root root 4096 feb 6 2012 cvs
289 drwxr-xr-x. 3 root root 4096 ago 21 18:07 db
290 drwxr-xr-x. 3 root root 4096 may 22 13:42 empty
263682 drwxr-xr-x. 3 root root 4096 ago 7 11:15 ftp
291 drwxr-xr-x. 2 root root 4096 feb 3 2012 games
35931 drwxrwx--T. 2 root gdm 4096 jun 8 16:05 gdm
292 drwxr-xr-x. 2 root root 4096 feb 3 2012 gopher
15 drwxr-xr-x. 45 root root 4096 ago 10 10:42 lib
296 drwxr-xr-x. 2 root root 4096 feb 3 2012 local
308 lrwxrwxrwx. 1 root root 11 may 22 13:39 lock -> ../run/lock
12 drwxr-xr-x. 14 root root 4096 ago 26 03:17 log
297 lrwxrwxrwx. 1 root root 10 may 22 13:39 mail -> spool/mail
298 drwxr-xr-x. 2 root root 4096 feb 3 2012 nis
931987 drwxrwxrwx 3 nobody nobody 4096 ago 17 10:32 nodejs
299 drwxr-xr-x. 2 root root 4096 feb 3 2012 opt
300 drwxr-xr-x. 2 root root 4096 feb 3 2012 preserve
307 lrwxrwxrwx. 1 root root 6 may 22 13:39 run -> ../run
301 drwxr-xr-x. 15 root root 4096 may 22 13:43 spool
305 drwxrwxrwx. 5 nobody nobody 4096 ago 30 14:13 tmp
262637 drwxr-xr-x. 7 root root 4096 ago 7 11:20 www
306 drwxr-xr-x. 2 root root 4096 feb 3 2012 yp
[root#sqd var]# ls -lia tmp/
total 216
305 drwxrwxrwx. 5 nobody nobody 4096 ago 30 14:13 .
8194 drwxrwxrwx. 23 root root 4096 ago 17 10:30 ..
3030 -rwxrwxrwx 1 nobody nobody 199397 ago 30 14:13 file_thumb_5363_1_0.jpg
But
<?php
highlight_file(__FILE__);
var_dump(file_exists('/var/tmp/file_thumb_5363_1_0.jpg'));
print out:
bool(false)
Fedora 16 introduced the concept of a "private tmp" /tmp and /var/tmp I would throw my 2 cents on that direction.
From the manual:
2.3.3. Services Private /tmp
A number of services managed by systemd have been modified to make use of its ability to provide them with a
private /tmp directory. Privileged services using /tmp and /var/tmp
have previously been found to be open to being interfered with by
unprivileged users, potentially leading to privilege escalation. Using
private /tmp directories for services prevents this style of exploit.
The directive added to the systemd unit files for the modified
services is:
[Service]
PrivateTmp=true