Start service remote by http request - http

I hava a systemd service "myservice" running as user www-data. I want to start/stop/restart this service by a http request. The problem is, that I get an error because of missing authentication:
Failed to restart myservice.service: Interactive authentication required.
See system logs and 'systemctl status myservice.service' for details.
First I request a php script, calling restartService.sh:
$exec_command = "../restartService.sh";
restartService.sh is only one command:
systemctl restart myservice.service
Owner and group of restartService.sh are ww-data:
-rwxr-xr-x 1 www-data www-data 41 Aug 24 12:42 restartService.sh
Any suggestions for solutions?

You can use sudo configuration to give the www-data user permission to run systemctl restart yourservice without giving it permission to run any other commands as root.

Related

I can access the site over SSH but not via HTTP?

I have a wordpress instance on AWS Lightsail.
I can access the VPS via SSH but it won't load over HTTP??
Here is what my error_log is saying:
[Mon May 13 10:58:14.946209 2019] [proxy:error] [pid 2780:tid 139711779657472] (2)No such file or directory: AH02454: FCGI: attempt to connect to Unix domain socket /opt/bitnami/php/var/run/wordpress.sock (wordpress-fpm) failed
[Mon May 13 10:58:14.946221 2019] [proxy_fcgi:error] [pid 2780:tid 139711779657472] [client 78.46.85.236:11708] AH01079: failed to make connection to backend: httpd-UDS
I have checked all services are running. i.e apache2, mySQL & PHP
this isn't Apache complaining. Apache is running just fine and cannot reverse proxy to the unix socket wordpress-fpm. It is likely that there is an issue where the php-fpm service is either not started, or your app is erroring. there should be a separate php error log and apache error log (this looks like the apache one). of course try the below commands to make sure your app is running at all.
$ sudo service php-fpm start # <- start it
$ sudo service php-fpm stop # <- stop it
$ sudo service php-fpm restart # <- restart it
$ sudo service php-fpm reload # <- reload it

Facing Authentication error while restarting Nginx without Sudo

I have followed few blogs on implementing the restart service for nginx without sudo using my User ID. I completed all the steps as mentioned in blogs. But while am re-starting the Nginx Services without sudo am facing the below error.
**Command Used :**
/usr/bin/systemctl restart nginx
**Log:**
Failed to restart nginx.service: Interactive authentication required.
See system logs and 'systemctl status nginx.service' for details.
**Reference:**
https://stackoverflow.com/questions/51019993/restart-stop-nginx-using-my-userid-without-sudo-permissions/51020325#51020325
https://askubuntu.com/questions/692701/allowing-user-to-run-systemctl-systemd-services-without-password
https://serverfault.com/questions/69847/linux-how-to-give-a-user-permission-to-restart-apache
Please help on resolving the error and restart nginx without sudo

Datadog integration with NGiNX

I am new to Datadog and NGiNX. I noticed when I was creating a monitor for some integrations several of the integrations were labeled as misconfigured. My guess is someone clicked the install button but did finish the remaining integration steps. I started to work with NGiNX and quickly hit a roadblock.
I verified it is running http status module
$ nginx -V 2>&1| grep -o http_stub_status_module
http_stub_status_module
The NGiNX install is under a different directory than is usual
and the configuration file is under
/<dir>/parts/nginx/conf
I created the status.conf file there.
When I reload the NGINX I get a failure. I don't understand what it means or how to proceed from here.
nginx: [error] open() "/<dir>/parts/nginx/logs/nginx.pid" failed (2: No such file or directory)
There is a logs directory with nothing in it.
ps -ef|grep nginx
user 35958 88952 0 May24 ? 00:00:43 nginx: worker process
user 35959 88952 0 May24 ? 00:00:48 nginx: worker process
root 88952 1 0 Feb21 ? 00:00:00 nginx: master process <dir>/parts/nginx/sbin/nginx -c <dir>/etc/nginx/balancer.conf -g pid <dir>/var/nginx-balancer.pid; lock_file /<dir>/var/nginx-balancer.lock; error_log <dir>/var/logs/nginx-balancer-error.log;
user 109169 63043 0 13:13 pts/0 00:00:00 grep --color=auto nginx
I think the issue is that our install doesn't seem to be following the same defaults as the instructions and I'm pretty sure I'm not doing this correctly.
If anyone has any insights that would be great!
Chris

Dokku - /home/dokku/.sshcommand: No such file or directory

I've installed Dokku on a VPS running CentOS7. When I 'git push dokku master' I'm getting...
git remote set-url dokku dokku#mydomain.com:trial
git push dokku master
cat: /home/dokku/.sshcommand: No such file or directory
fatal: ''trial'' does not appear to be a git repository
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
When I try and ssh in I also get the same error...
ssh dokku#mydomain.com
cat: /home/dokku/.sshcommand: No such file or directory
Connection to mydomain.com closed.
cat /var/log/secure ...
Nov 7 10:06:29 Callisto sshd[19912]: Accepted publickey for dokku from xxx.xxx.xxx.xxx port 50002 ssh2: RSA SHA256:Y0ueDcZEJWQd9H3FsetReYTDPwJPob6zm9p4Dpt4fOE
Nov 7 10:06:29 Callisto sshd[19912]: pam_unix(sshd:session): session opened for user dokku by (uid=0)
Nov 7 10:06:29 Callisto sshd[19914]: Received disconnect from xxx.xxx.xxx.xxx port 50002:11: disconnected by user
Nov 7 10:06:29 Callisto sshd[19914]: Disconnected from xxx.xxx.xxx.xxx port 50002
Nov 7 10:06:29 Callisto sshd[19912]: pam_unix(sshd:session): session closed for user dokku
Prior to pushing I'm creating the app on the server...
dokku apps:create trial
To add my public ssh key to server I used dokku ssh-keys:add dokku id_rsa.pub
Looking at another answer here it seems that I am in fact missing .sshcommand in /home/dokku/ . Any ideas on how to fix this or what could have gone wrong? This has been driving me crazy the last couple of days.
You must have deleted it at some point. Run the following commands to set everything up again:
echo '/usr/bin/dokku' > /home/dokku/.sshcommand
chmod 0644 /home/dokku/.sshcommand
chown dokku:root /home/dokku/.sshcommand

Homebrew Nginx not running but says it is in brew services

I have OSX El Capitan. I installed Nginx-Full via homebrew. I am supposed to be able to start and stop services with
brew services Nginx-Full Start
I run that command and it seems to start no problem. I check the running services with
brew services list
That indicates that the Nginx-Full services is running. When i run
htop
to look at everything that is running Nginx does not show up and the server is not handling requests.
nginx is failing to launch because of an error, but brew-services is not communicating that to you.
Running it with sudo, as other users have suggested, is just masking the problem. If you just run nginx directly, you may see that there is actually a configuration or permissions issue that is causing nginx to abort. In my case, it was because it couldn't write to the error log:
nginx: [alert] could not open error log file: open() "/usr/local/var/log/nginx/error.log" failed (13: Permission denied)
2020/04/02 13:11:53 [warn] 19989#0: the "user" directive makes sense only if the master process runs with super-user privileges, ignored in /usr/local/etc/nginx/nginx.conf:2
2020/04/02 13:11:53 [emerg] 19989#0: open() "/usr/local/var/log/nginx/error.log" failed (13: Permission denied)
The last error is causing nginx to fail to launch. You can make yourself the owner of the logs with:
sudo chown -R $(whoami) /usr/local/var/log/nginx/
This should cause subsequent config errors to be written to the error log, even if homebrew services is not reporting them in stderr/stdout for now.
I've opened an issue about this: https://github.com/Homebrew/homebrew-services/issues/215
The log path may not the same for everyone. You can check the path to log file by checking the config file /usr/local/etc/nginx/nginx.conf. You can find a line like:
error_log /Users/myusername/somepath/nginx.log;. Change the chown command above accordingly. If even this didn't solve the problem, you may have to do the same for any other log files specified in the server blocks in your nginx configuration
Try launching it with "sudo", even if the formula say
The default port has been set in /usr/local/etc/nginx/nginx.conf to 8080 so that
nginx can run without sudo.
sudo brew services Nginx-Full start
this worked for me:
sudo brew services start nginx
Running sudo nginx worked for me, it initially gave some error stating certain file in certain directory is missing, creating that file, and then another file is asked for to be created and then it runs properly.
I had similar problem, running it brew services start nginx used to show nginx running.
but brew services list used to show error.
running with sudo nginx solved my issue

Resources