I am trying to execute a jar file to do a simple query on my HBase database, from a PHP Server, so i can print the results to a webpage.
PHP Server in configured with same username as hadoop user, and same group too.
The PHP exec command is:
exec("bash /usr/local/hadoop/bin/hadoop jar myjar.jar my.package.MyClass 2> php_error.log", $result);
I get this exception when i try to exec the command(in the php_error.log):
Exception in thread "main" java.io.IOException: Permission denied
at java.io.UnixFileSystem.createFileExclusively(Native Method)
at java.io.File.createTempFile(File.java:1879)
at org.apache.hadoop.util.RunJar.main(RunJar.java:115)
I know its related to permissions, but even with 777 on my HDFS, and on hadoop installation folders, it doesnt work.
Any ideas? Thank you.
Also, where this temp file wants to be created?
Hadoop dir? hdfs? Where?
Edit:
running this locally, it works perfectly! no permission errors!
hadoop jar myjar.jar my.package.MyClass
Your PHP is ok. The problem is, that the command you are running is trying to copy the file to the hadoop.tmp.dir. It's default location is /tmp/hadoop-${user.name}. You have to give the permissions to that folder too, or the full /tmp/hadoop directory recursively
Edit:
Figured out that apache isn't a valid user in that case. The solution is to create a new user, add it to hadoop group, set permissions to jar, and hadoop.tmp.dir and change the webpage owner to the created user
Related
I'm codding a php script, using Instagram Private PHP Api.
It's work fine via SSH under "root" user, but when I try to run it via browser or cron, I getting error: Warning: chmod(): Operation not permitted in .....
I guess that something wrong with permissions, but I am not really good in server administration and can't understand what I can do =(
Please help, how I can fix this problem?
Because Apache (or the web server you're using) executes PHP using different Linux user (usually www-data), which obviously have different permission than the user account you used in access via SSH.
To tackle the problem, you first have to know the folder / file you're going to chmod() belongs to who. If it belongs to root, then it's not suggested to chmod via any scripts that is accessible by public due to security concerns.
If it belongs to your user name, say foo, you can change the ownership of the folder / file you're going to chmod() to be accessible by www-data group using chown() in SSH console, then you chmod() command can be executed without problem.
The user that PHP runs as must have permissions to chmod the given file or directory. If you're running this script via CRON, you get to set the user that PHP runs as right in the CRON job. If you're visiting the script in a browser, PHP is likely running as php or php-fpm or the web server user.
Simply ensure that the given file or folder is owned by the user that PHP runs as.
Note: It is not recommended that you run this script as root in CRON.
If you are editing /etc/crontab, make sure the user parameter (the one after week) is root.
If you are editing crontab via crontab -e, add user parameter crontab -eu root.
We have an PHP XML parsing script that uploads photos to a folder structure like /content/images/2012/05/31/%object_id%/. This parser runs primarily as a DirectAdmin cronjob. We run into many problems getting the folder permissions right to enable the uploading in that directory for both the cronjob as running the parser via the browser.
According to print_r(posix_getpwuid(fileowner($directory))); the owner of the directory is is the same as get_current_user(). Nevertheless I receive: Warning: mkdir() [function.mkdir]: Permission denied when running the script via the browser. It works fine when running it as a cron job.
All folders have chmod 0777 and new folders are created as such;
mkdir($path,0777,true);
Naturally we have the same permission problems with uploading and/or deleting the files themselves.
Is there any way to enable all the file actions running both as a cron job and through the browser?
We are running Linux with PHP Version 5.2.17.
Couple of thinks to note: get_current_user gets the owner of the .php file (i.e. the script) but NOT the name of the user that is running the php script. Invariably these are different as the file will be uploaded by you (a regular user) and php/apache will run as a different user (often called "apache" or "www".) You need the latter of these two. suggested snippet from the php manual to get this is:
$processUser = posix_getpwuid(posix_geteuid());
print $processUser['name'];
(http://php.net/manual/en/function.get-current-user.php - see comments)
To solve you current problem, though, my strong suggestion is to run the cron as the same user that the php/apache is running as (check man page on crontab) - the user should be the one in that snippet above, CHOWN the files and directories to that same user (they will currently be root) and to a group that is shared between you and the FTP client. Then make sure the user and group have read+write permissions so you can also edit from ftp. Make sure you change permissions on both directores (775) and files (644) as your script creates them.
Also note that if you mkdir(), then the directory above must also have write permissions for the user (and this might actually be your initial problem, and why only root/cron can write there).
I am currently over ssh on a remote CentOS 5.6 system which runs an Apache webserver. I need to use the poppler pdftohtml binary which, unfortunately, is not currently installed on that machine. So I downloaded the poppler package and built it under my user folder. Since I I am not the system admin, I didn't do
make install
and I have all my compiled files under
/users/myfolder/poppler-0.18.2/
The file that I need to execute through php shell_exec() is
/users/myfolder/poppler-0.18.2/utils/pdftohtml
If I execute it through my ssh bash, I get the correct output. If I, instead, put this line on a php script:
echo shell_exec("/users/myfolder/poppler-0.18.2/utils/pdftohtml");
I get the following output:
sh: /users/myfolder/poppler-0.18.2/utils/pdftohtml: Permission denied
I tried setting to 777 the file permissions, which currently are -rwxrwxrwx. I also noticed that using shell_exec("whoami"); results in "apache". Shouldn't apache be able to execute the script if the file permissions are -rwxrwxrwx?
I also know that installing poppler through make install would solve the problem but since this is for testing purpose, I would like to avoid "contaminating" the system outside my personal folder until the testing is complete.
Thanks to anyone who will help!
Just because a file is executable for a user does not mean that user is actually able to execute the file. The user needs to also be able to 'get to' the file: The user needs execution permission for all 'parent directories', in your case for /users, myfolder, poppler-0.18.2 and utils.
Assuming /users is the same basic thing as /home, everybody should have +x on that. From there, you can set it: simply do chmod o+x /users/myfolder /users/myfolder/poppler-0.18.2 /users/myfolder/poppler-0.18.2/utils
(Note: This will make it possible for everybody to execute this binary, not just Apache.)
If the apache user and you share a group, it would be better to use chown the poppler directory and everything in to be owned by that group, and set g+x instead of o+x.
i have this problem with fopen files. Maybe someone has a solution...
When fopen creates a file via the browser, the file is owned by "nobody", if i run the same script via crontab i get permission denied.
When the file is created by crontab, its owned by my cpanel username and then i cant fopen it via the web browser.
So the problem is that each of the methods used is using a different user to own the files created. How can i go around this? I searched how to run crontab as nobody but you have to be root and it seems complicated. I didnt find anything about running my web pages as my cpanel user. My php script has chmod 777 and the folder where the files are also have 777 just be be sure.
Any ideas? Thanks.
I'm not a sysadmin guru, but if you have access to the server you can try this
Create a new group called "webwriters" and add nobody and yourself to that group
"chmod g+s webwriters" on the directory you write files
"chmod 660" each file so that the owner and the group have write privileges
If you don't have access to the server it's trickier, but solvable. Instead of running the script directly by cron, run the script on the web server itself by downloading the web page using "wget" or alternatively a php script calling "file_get_contents" on an URL. This assumes that the server is not locked down too tight...
Have been pulling out my hair for the past 2 hours on this and am sure I am doing something really stupid.
<?php
mkdir("blah", 0777);
?>
This works through the command line and the folder gets created. But the same thing doesn't work when I try to run it through the browser. Any file permission issues?
Could it possibly be that while running under the command line, the script inherits your permissions, but when running from the browser it doesn't?
In that case you would want to make your directory permissions 'write' for group.
Your web server (apache?) is running as it's own user, and doesn't have permission to write to the directory you're running mkdir in.
Give your web server's user permission to write to the directory by either A) making it Owner, B) adding it to the Group if the Group has write permission, or C) give Everyone write permission (not recommended for most setups).
you can try with the umask, When PHP is being used as a server module, the umask is restored when each request is finished.
$old = umask(0);
mkdir($path,0777);
umask($old);