Centos Laravel Permission denied how to change permissions? - nginx

Hi there my centos machine returns permission error when try to work.
"The stream or file "/usr/share/nginx/html/storage/logs/laravel.log" could not be opened in append mode: failed to open stream: Permission denied"
I tried;
chown -R nginx:nginx /usr/share/nginx/html
chown -R root:root /usr/share/nginx/html
chown -R root:root /usr/share/nginx/html/*
chown -R nginx:nginx /usr/share/nginx/html/*
chown -R $USER:$USER /usr/share/nginx/html
sudo chmod -R 777 /usr/share/nginx/html/storage
chmod -R 775 storage/framework
chmod -R 775 storage/framework
chmod -R 775 storage/logs
But nothing changed. What could be wrong?
How can I learn "which user should I give permission"?

# if group is nginx then
# owner is root
chown -R root:nginx /usr/share/nginx/html
# any files/folder created will inherit permission of the group of the parent
chmod -R 2755 /usr/share/nginx/html
# if already there are some folder and file
# we're changing permission here
# directory permission
find /usr/share/nginx/html -type d -exec chmod 2755 {} \;
# file permission
find /usr/share/nginx/html -type f -exec chmod 0644 {} \;
# nginx group can write logs
# group nginx can read-write-execute for logs
# you can use same if you're having cache/upload directory
setfacl -R -m g:nginx:rwx /usr/share/nginx/html/storage/logs
IF SELINUX Enabled then
# default
semanage fcontext -a -t httpd_sys_content_t '/usr/share/nginx/html(/.*)?'
# Here we make persistent changes in semanage fcontext for log path
# now httpd can write log
semanage fcontext -a -t httpd_sys_rw_content_t '/usr/share/nginx/html/storage/logs(/.*)?'
# restore selinux context
restorecon -Rv '/usr/share/nginx/html/storage/logs(/.*)?'

Related

Amazon AWS EC2 Openlitespeed Permissions for SFTP

I setup SFTP on the EC2 Instance with Openlitespeed via Filezilla and it connects but I could not upload, delete or move files.
I then tried the solution suggested on this post:
Amazon AWS Filezilla transfer permission denied
So for UBUNTU,
sudo chown -R ubuntu:ubuntu /var/www/html
sudo chmod -R 755 /var/www/html
This solved that problem but now wordpress is asking for FTP details to install a plugin and the config.php and .htaccess is no longer writable (enabling/disabling litespeed cache plugin).
So this has reset the permission for wordpress as well. Does anyone have the solution how to fix the wordpress permissions on the server?
Thank you in advance.
you need to match the user that runs OLS/LSPHP
run grep -i "user" /usr/local/lsws/conf/httpd_config.conf to get the user that runs OLS , which I assume it should be www-data
then you need to chown -R www-data:www-data /var/www/html
after that, do :
find /var/www/html -type d -exec chmod 0755 {} \;
find /var/www/html -type f -exec chmod 0644 {} \;
to restore the file perm to 644, and dir perm to 755, as its previous status that ditrubted by your chmod -R 755 command.

Wordpress Plugin Update Failed Could not copy file error occurs

I'm using amazon web server and while updating any plugin an "Update Failed: Could not copy file" error occurs.
I have set /opt/bitnami/apps/wordpress/htdocs and /opt/bitnami/apps/wordpress/htdocs/wp-content to 777, but still my plugins are not updating.
I found the solution
sudo chown -R bitnami:daemon /opt/bitnami/apps/wordpress/htdocs
sudo find /opt/bitnami/apps/wordpress/htdocs -type f -exec chmod 664 {} \;
sudo chmod 640 /opt/bitnami/apps/wordpress/htdocs/wp-config.php
sudo find /opt/bitnami/apps/wordpress/htdocs -type d -exec chmod 775 {} \;
After that, please restart services and try to update plugins again
sudo /opt/bitnami/ctlscript.sh restart

CSS is not working after installation in Magento 2

I have Installed Magento 2.
Everything completed successfully but the CSS is not loading.
I tried these commands
php bin/magento cache:flush
php bin/magento indexer:reindex
php bin/magento setup:static-content:deploy
Please, before doing anything go to magento2 basedir and do:
nano vendor/magento/framework/Filesystem/DriverInterface.php
and change
const WRITEABLE_DIRECTORY_MODE = 0770;
from 0770 to 0775
and
const WRITEABLE_FILE_MODE = 0660;
from 0660 to 0644
The above set 0775 for folders and 0644 for files on generated/cached entities
Then change whole magento2 filesystem to the same permissions
find . -type d -exec chmod 775 {} \; && find . -type f -exec chmod 644 {} \; && chmod u+x bin/magento
Important,
you should execute bin/magento as a common user, and not as root. So if you are in bin/ folder you may use for example:
sudo -u youasuser php -d memory_limit=512M magento setup:upgrade
You need memory_limit=512 as some callings like setup:di:compile needs more memory.
Please check mod_rewrite is enabled on your web server.
First create a magento_user: adduser <username> and give user a password passwd <username> (May have to use sudo, if not already root)
Find your web server group: ps aux | grep apache Typically www-data
Add new user to this group: usermod -g www-data <username>
groups <username> should show the groups that username belongs to.
Restart webserver, so permissions can take effect service apache2 restart
Set ownerships of files in Magento root. chown -R :<your web server group name> .
Finally set permissions find . -type d -exec chmod 770 {} \; && find . -type f -exec chmod 660 {} \; && chmod u+x bin/magento
Reference: Set file system ownership and permissions and Create the Magento file system owner
You should Provide Some permissions
run this command
sudo find . -type d -exec chmod -R 777 {} \;
&& sudo find . -type f -exec chmod -R 777 {} \;
&& sudo chmod u+x bin/magento

How to overcome "server refused our key"?

I am trying to setup putty for autologin using public key authentication (used puttygen). I have pasetd my private key in authorized_keys ,I have done all the required setups still I am getting "server refused our key".What could be the reason behind it and how to overcome this issue ?
Run these commands:
chmod 700 .ssh
chmod 600 .ssh/authorized_keys
chown $USER:$USER .ssh -R
cd /.ssh
If it doesnt exist create it in your home directory
mkdir .ssh
add your key with this command
echo "your_key" >> authorized_keys
run these commands where can't even get in
chmod 700 .ssh
chmod 600 .ssh/authorized_keys
chown $USER:$USER .ssh -R
$ sudo chown root:root /home
$ sudo chmod 755 /home
$ sudo chown ec2-user:ec2-user /home/ec2-user -R
$ sudo chmod 700 /home/ec2-user /home/ec2-user/.ssh
$ sudo chmod 600 /home/ec2-user/.ssh/authorized_keys

symfony2 : failed to write cache directory

I have had to use the
app/console cache:clear command
to solve a problem when generating an entity.
I am now unable to load my homepage on :
http://localhost/projet_etienne/web/app_dev.php
it says :
RuntimeException: Failed to write cache file "/var/www/projet_etienne/app/cache/dev/classes.php".
I don't understand much about this cache business!
In my app/cache folder, I got a dev, a dev_new, a dev_old folder. Is that normal?
the
app/console cache:clear
generates by the way a :
[ErrorException]
Warning: rename(/var/www/projet_etienne/app/cache/dev,/var/www/projet_etien
ne/app/cache/dev_old): Directory not empty in /var/www/projet_etienne/vendo
r/symfony/symfony/src/Symfony/Bundle/FrameworkBundle/Command/CacheClearComm
and.php line 77
please help!
For a GOOD and definite solution see the Setting up Permissions section in Installing and Configuring Symfony section :
Setting up Permissions
One common issue when installing Symfony is that the app/cache and
app/logs directories must be writable both by the web server and the
command line user. On a UNIX system, if your web server user is
different from your command line user, you can try one of the
following solutions.
Use the same user for the CLI and the web server
In development environments, it is a common practice to use the same
UNIX user for the CLI and the web server because it avoids any of
these permissions issues when setting up new projects. This can be
done by editing your web server configuration (e.g. commonly
httpd.conf or apache2.conf for Apache) and setting its user to be the
same as your CLI user (e.g. for Apache, update the User and Group
values).
Using ACL on a system that supports chmod +a
Many systems allow you to use the chmod +a command. Try this first,
and if you get an error - try the next method. This uses a command to
try to determine your web server user and set it as HTTPDUSER:
$ rm -rf app/cache/*
$ rm -rf app/logs/*
$ HTTPDUSER=`ps aux | grep -E '[a]pache|[h]ttpd|[_]www|[w]ww-data|[n]ginx' | grep -v root | head -1 | cut -d\ -f1`
$ sudo chmod +a "$HTTPDUSER allow delete,write,append,file_inherit,directory_inherit" app/cache app/logs
$ sudo chmod +a "`whoami` allow delete,write,append,file_inherit,directory_inherit" app/cache app/logs
Using ACL on a system that does not support chmod +a
Some systems don't support chmod +a, but do support another utility
called setfacl. You may need to enable ACL support on your partition
and install setfacl before using it (as is the case with Ubuntu). This
uses a command to try to determine your web server user and set it as
HTTPDUSER:
$ HTTPDUSER=`ps aux | grep -E '[a]pache|[h]ttpd|[_]www|[w]ww-data|[n]ginx' | grep -v root | head -1 | cut -d\ -f1`
$ sudo setfacl -R -m u:"$HTTPDUSER":rwX -m u:`whoami`:rwX app/cache app/logs
$ sudo setfacl -dR -m u:"$HTTPDUSER":rwX -m u:`whoami`:rwX app/cache app/logs
For Symfony 3 it would be:
$ HTTPDUSER=`ps aux | grep -E '[a]pache|[h]ttpd|[_]www|[w]ww-data|[n]ginx' | grep -v root | head -1 | cut -d\ -f1`
$ sudo setfacl -R -m u:"$HTTPDUSER":rwX -m u:`whoami`:rwX var/cache var/logs
$ sudo setfacl -dR -m u:"$HTTPDUSER":rwX -m u:`whoami`:rwX var/cache var/logs
If this
doesn't work, try adding -n option.
Without using ACL
If none of the previous methods work for you, change the umask so that
the cache and log directories will be group-writable or world-writable
(depending if the web server user and the command line user are in the
same group or not). To achieve this, put the following line at the
beginning of the app/console, web/app.php and web/app_dev.php files:
umask(0002); // This will let the permissions be 0775
// or
umask(0000); // This will let the permissions be 0777
Note that using the ACL is recommended when you have access to them on your server
because changing the umask is not thread-safe.
http://symfony.com/doc/current/book/installation.html#checking-symfony-application-configuration-and-setup
source :
Failed to write cache file "/var/www/myapp/app/cache/dev/classes.php" when clearing the cache
Most likely it means that the directory and/or sub-directories are not writable. Many forget about sub-directories.
Symfony 2
chmod -R 777 app/cache app/logs
Symfony 3 directory structure
chmod -R 777 var/cache var/logs
Additional Resources
Permissions solution by Symfony (mentioned previously).
Permissions solution by KPN University - additionally includes an screen-cast on installation.
Note: If you're using Symfony 3 directory structure, substitute app/cache and app/logs with var/cache and var/logs.
If the folder is already writable so thats not the problem.
You can also just navigate to /www/projet_etienne/app/cache/ and manualy remove the folders in there (dev, dev_new, dev_old).
Make sure to SAVE a copy of those folder somewhere to put back if this doesn't fix the problem
I know this is not the way it should be done but it worked for me a couple of times now.
You probably aborted a clearcache halfway and now you already have an app/cache/dev_old.
Try this (in the root of your project, assuming you're on a Unixy environment like OS X or Linux):
rm -rf app/cache/dev*
Maybe you forgot to change the permissions of app/cache app/log
I'm using Ubuntu so
sudo chmod -R 777 app/cache
sudo chmod -R 777 app/logs
sudo setfacl -dR -m u::rwX app/cache app/logs
Hope it helps..
I move the whole directory from my Windows installation to a unix production server and I got the same error. To fix it, I just ran these two lines in unix and everything started to run fine
rm -rf app/cache/*
rm -rf app/logs/*
i executed:
ps aux | grep apache
and got something like that:
root 28147 0.0 5.4 326336 27024 ? Ss 20:06 0:00 /usr/sbin/apache2 -k start
www-data 28150 0.0 1.3 326368 6852 ? S 20:06 0:00 /usr/sbin/apache2 -k start
www-data 28151 0.0 4.4 329016 22124 ? S 20:06 0:00 /usr/sbin/apache2 -k start
www-data 28152 0.1 6.0 331252 30092 ? S 20:06 0:00 /usr/sbin/apache2 -k start
www-data 28153 0.0 1.3 326368 6852 ? S 20:06 0:00 /usr/sbin/apache2 -k start
www-data 28154 0.0 1.3 326368 6852 ? S 20:06 0:00 /usr/sbin/apache2 -k start
www-data 28157 0.0 1.3 326368 6852 ? S 20:06 0:00 /usr/sbin/apache2 -k start
user 28297 0.0 0.1 15736 924 pts/4 S+ 20:12 0:00 grep --color=auto apache
so my user with no access turned out to be www-data thus i executed commands:
sudo chown -R www-data app/cache
sudo chown -R www-data app/logs
and it solved access errors.
Never-ever use unsecure 777 for solving specific access probles:
sudo chmod -R 777 app/cache
sudo chmod -R 777 app/logs
if symfony version less than 2.8
sudo chmod -R 777 app/cache/*
if symfony version great than or equal 3.0
sudo chmod -R 777 var/cache/*
If you face this error when you start Symfony project with docker (my Symfony version 5.1). Or errors like these:
Uncaught Exception: Failed to write file "/var/www/html/mysite.com.local/var/cache/dev/App_KernelDevDebugContainer.xml"" while reading upstream
Uncaught Warning: file_put_contents(/var/www/html/mysite.com.local/var/cache/dev/App_KernelDevDebugContainerDeprecations.log): failed to open stream: Permission denied" while reading upstream
Fix below helped me.
In Dockerfile for nginx container add line:
RUN usermod -u 1000 www-data
In Dockerfile for php-fpm container add line:
RUN usermod -u 1000 www-data
Then remove everything in directories "/var/cache", "/var/log" and rebuild docker's containers.
Just use this acl cmd, next time the files inside var are created it will have the r/w/x permission for www-data user.
cd var
rm -rf *
cd ..
setfacl -d -m u:www-data:rwx var
Cmd explanation:
setfacl -> Set acl command
-d -> default behavior
-m -> modify
u:www-data: -> for user
rwx -> adding permissions
var -> on the folder

Resources