I can't wrap my head around this issue. I run symlink command over SSH from my Jenkins job. In my Jenkins pipeline I have these 2 steps (among others).
sh "ssh ubuntu#${host} sudo ls -al /etc/nginx/sites-available"
sh "ssh ubuntu#${host} sudo ln -sv /etc/nginx/sites-available/* /etc/nginx/sites-enabled/ -f"
Here's the relevant part of the log:
[Pipeline] sh
[my_job] Running shell script
+ ssh ubuntu#XX.XX.XX.XX sudo ls -al /etc/nginx/sites-available
total 12
drwxr-xr-x 2 root root 4096 Sep 18 17:27 .
drwxr-xr-x 6 root root 4096 Aug 30 12:27 ..
-rw-r--r-- 1 ubuntu ubuntu 467 Sep 18 17:27 my-nginx-config
[Pipeline] sh
[my_job] Running shell script
+ ssh ubuntu#XX.XX.XX.XX sudo ln -sv /etc/nginx/sites-available/default /etc/nginx/sites-available/jenkins /etc/nginx/sites-enabled/ -f
'/etc/nginx/sites-enabled/default' -> '/etc/nginx/sites-available/default'
'/etc/nginx/sites-enabled/jenkins' -> '/etc/nginx/sites-available/jenkins'
Symlinks are created on my remote host but instead of the my-nginx-config symlink, the default and jenkins files (which are on my jenkins host at /etc/nginx/sites-available) are symlinked.
If I don't use wildcard and run this, it works as expected:
sh "ssh ubuntu#${host} sudo ls -al /etc/nginx/sites-available"
sh "ssh ubuntu#${host} sudo ln -sv /etc/nginx/sites-available/my-nginx-conf /etc/nginx/sites-enabled/ -f"
Sometimes remote ssh commands (and locations for scp) need extra escaping. I know you've already quoted your query, but you may need one additional level of escapes (and because the escape would be interpreted by your double-quotes rather than being passed to the SSH command, you need one more.
Try double-escaping that wildcard:
sh "ssh ubuntu#${host} sudo ls -al /etc/nginx/sites-available"
sh "ssh ubuntu#${host} sudo ln -sv /etc/nginx/sites-available/\\* /etc/nginx/sites-enabled/ -f"
You can also combine those into one SSH call:
sh "ssh ubuntu#${host} sudo ls -al /etc/nginx/sites-available; sudo ln -sv /etc/nginx/sites-available/\\* /etc/nginx/sites-enabled/ -f"
I'm not a Jenkins expert. If this doesn't work, I'd try yet another pair of escapes, changing your original …/sites-available/* to …/sites-available/\\\\*
The remote commands need to be quoted (although most of them work without quotes):
sh "ssh ubuntu#${host} 'sudo ln -sv /etc/nginx/sites-available/* /etc/nginx/sites-enabled/ -f'"
Related
When using rsync, it is possible to create the target directory on the server using the --rsync-path trick as follows:
rsync -av -e "ssh" --rsync-path "mkdir -p /home/user/new/new && rsync" ./file.txt user#10.0.2.60:/home/user/new/new
This however does not seem to work when using an ssh tunnel. The following command just hangs:
rsync -av -e "ssh -A user#10.0.2.61 ssh" --rsync-path "mkdir -p /home/user/new/new && rsync" ./file.txt user#10.0.2.60:/home/user
I have verified the last command works if I remove the --rsync-path argument and create the directory manually on the target device. But how to make rsync create the missing directory when using ssh tunneling?
Managed to solve it. The command inside --rsync-path must be wrapped in another level of quotes:
rsync -av -e "ssh -A user#10.0.2.61 ssh" --rsync-path "'mkdir -p /home/user/new/new && rsync'" ./file.txt user#10.0.2.60:/home/user
This happened on Ubuntu 16.04 in VirtualBox on Windows 10, with docker version 1.12.1, and swagger-ui version 2.2.2.
I was trying to build and run Swagger UI in a docker container, following the instructions on their site:
docker build -t swagger-ui-builder .
docker run -p 127.0.0.1:8080:8080 swagger-ui-builder
The instruction says that now I should be able to view the swagger-ui running, however, when I opened 127.0.0.1:8080 I only got this page back:
<html>
<head><title>403 Forbidden</title></head>
<body bgcolor="white">
<center><h1>403 Forbidden</h1></center>
<hr><center>nginx/1.8.1</center>
</body>
</html>
This is the content of the Dockerfile:
FROM alpine:3.3
MAINTAINER Roman Tarnavski
RUN apk add --update nginx
COPY nginx.conf /etc/nginx/
ADD ./dist/ /usr/share/nginx/html
EXPOSE 8080
CMD nginx -g 'daemon off;'
I found similar posts on stackoverflow, but none of them helped me solve this problem. What am I doing wrong and how to fix this?
The problem was caused by a permission requirement: the www-data user/group did not have access to website's directory and files.
This problem was explained in the accepted answer to this post: Nginx 403 forbidden for all files
To solve this, the following lines have to be added to the Dockerfile:
RUN set -x ; \
addgroup -g 82 -S www-data ; \
adduser -u 82 -D -S -G www-data www-data && exit 0 ; exit 1
RUN chown -R www-data:www-data /usr/share/nginx/html/*
RUN chmod -R 0755 /usr/share/nginx/html/*
The upper part of the commands are explained in this gist: https://gist.github.com/briceburg/47131d8caf235334b6114954a6e64922
The user/group www-data has to be added first, before the permission can be set for it. The snippet notes that 82 is the standard uid/gid for "www-data" in Alpine
The lower part of the commands is the solution to a similar question in another forum: https://www.digitalocean.com/community/questions/nginx-403-forbidden--2
So the fixed Dockerfile would look like this:
FROM alpine:3.3
MAINTAINER Roman Tarnavski
RUN apk add --update nginx
COPY nginx.conf /etc/nginx/
ADD ./dist/ /usr/share/nginx/html
RUN set -x ; \
addgroup -g 82 -S www-data ; \
adduser -u 82 -D -S -G www-data www-data && exit 0 ; exit 1
RUN chown -R www-data:www-data /usr/share/nginx/html/*
RUN chmod -R 0755 /usr/share/nginx/html/*
EXPOSE 8080
CMD nginx -g 'daemon off;'
Now if I rebuild and rerun swagger-ui-builder, the website shows up correctly.
The stream or file "/home/nick/projects/Symfony/app/logs/dev.log" could not
be opened: failed to open stream: Permission denied
I get it in symfony.
I know that I can go to app/logs and delete dev.log but this is happening to often and is annoying to delete it again and againand again.
Is there any way to make it just disapear?
LE: I guess, that I got the reply.
I run the comands prefixed with sudo.
Eg: sudo php app/console generate:bundle --namespace=Acme/StoreBundle will work like a charm.
nick#ptb:~/projects/Symfony$ ls -al app/logs
total 76
drwxrwxrwx+ 2 nick nick 4096 nov 24 15:16 .
drwxr-xr-x 6 nick nick 4096 nov 24 15:28 ..
-rw-rw-r--+ 1 www-data www-data 59583 nov 24 16:25 dev.log
-rw-rw-r--+ 1 nick nick 0 oct 6 15:55 .gitkeep
I think that you create directory app/logs as sudo (root), so symfony doesn't have permissions to write into the file dev.log. Manually remove directory app/logs (and all contents), create it as normal user and setup up permissions, like they are described in the official documentation http://symfony.com/doc/current/book/installation.html.
Something like:
$ sudo rm -rf app/logs
$ mkdir app/logs
$ HTTPDUSER=`ps aux | grep -E '[a]pache|[h]ttpd|[_]www|[w]ww-data|[n]ginx' | grep -v root | head -1 | cut -d\ -f1`
$ sudo setfacl -R -m u:"$HTTPDUSER":rwX -m u:`whoami`:rwX app/cache app/logs
$ sudo setfacl -dR -m u:"$HTTPDUSER":rwX -m u:`whoami`:rwX app/cache app/logs
Or use any other option which is described in official documentation.
If this not works then please paste us result of command:
$ ls -al app/logs
In my case, I used CentOS 7 and I solved it by set SELINUX=disabled as follow.
- sudo nano /etc/selinux/config
- Edit the file by set SELINUX=disabled
- Restart again then it worked !
I tested and tried many method included chmod, chwon, setfacl, etc but it cannot solve the problem until I tried above solution and it worked!
You should have a look at this http://symfony.com/doc/current/book/installation.html#configuration-and-setup.
UPD
Sometimes the solutions using ACL won't work, in this case try the forth option 4. Use the same user for the CLI and the web server
Use commands prefixed with sudo. I also got this error when I tried to run the server. Then I used 'sudo' and the error disappeared.
$ sudo php bin/console server:run
I have created two containers(say TestOneContainer and TestTwoContainer) in ubuntu server using LXC. Now the lxc filesystem is in /home folder and two containers also use /home folder. I have created two partition(100 GB for TestOneContainer and 200 GB for TestTwoContainer) for those two containers while Ubuntu server OS installation. I want to mount TestOneContainer in 100 GB space and TestTwoContainer in 200 GB space. How can I do this?
I have tried these commands from this link
create and symlink two directories:
sudo mkdir /srv/lxclib /srv/lxccache
sudo rm -rf /var/lib/lxc /var/cache/lxc
sudo ln -s /srv/lxclib /var/lib/lxc
sudo ln -s /srv/lxccache /var/cache/lxc
or, using bind mounts:
sudo mkdir /srv/lxclib /srv/lxccache
sudo sed -i '$a \
/srv/lxclib /var/lib/lxc none defaults,bind 0 0 \
/srv/lxccache /var/cache/lxc none defaults,bind 0 0' /etc/fstab
sudo mount -a
But these commands are to mount lxc in different filesystem not TestOneContainer or TestTwoContainer.
suppose 100GB free space is under /mnt/sd1 and 200GB is under /mnt/sd2, and you want to mount them under /work in containers, use following commands to mount it to the containers:
#create mount point from host
sudo mkdir /var/lib/lxc/TestOneContainer/rootfs/work
sudo mkdir /var/lib/lxc/TestTwoContainer/rootfs/work
#mount them from host
sudo mount --bind /mnt/sd1/ /var/lib/lxc/TestOneContainer/rootfs/work
sudo mount --bind /mnt/sd2/ /var/lib/lxc/TestTwoContainer/rootfs/work
Then start the containers, and you will see /work with that big space with
df -h
You should read this LXC source, specifically to the section
Host Setup -->
Using a separate filesystem for the container store.
There is a very clear explanation.
I have had to use the
app/console cache:clear command
to solve a problem when generating an entity.
I am now unable to load my homepage on :
http://localhost/projet_etienne/web/app_dev.php
it says :
RuntimeException: Failed to write cache file "/var/www/projet_etienne/app/cache/dev/classes.php".
I don't understand much about this cache business!
In my app/cache folder, I got a dev, a dev_new, a dev_old folder. Is that normal?
the
app/console cache:clear
generates by the way a :
[ErrorException]
Warning: rename(/var/www/projet_etienne/app/cache/dev,/var/www/projet_etien
ne/app/cache/dev_old): Directory not empty in /var/www/projet_etienne/vendo
r/symfony/symfony/src/Symfony/Bundle/FrameworkBundle/Command/CacheClearComm
and.php line 77
please help!
For a GOOD and definite solution see the Setting up Permissions section in Installing and Configuring Symfony section :
Setting up Permissions
One common issue when installing Symfony is that the app/cache and
app/logs directories must be writable both by the web server and the
command line user. On a UNIX system, if your web server user is
different from your command line user, you can try one of the
following solutions.
Use the same user for the CLI and the web server
In development environments, it is a common practice to use the same
UNIX user for the CLI and the web server because it avoids any of
these permissions issues when setting up new projects. This can be
done by editing your web server configuration (e.g. commonly
httpd.conf or apache2.conf for Apache) and setting its user to be the
same as your CLI user (e.g. for Apache, update the User and Group
values).
Using ACL on a system that supports chmod +a
Many systems allow you to use the chmod +a command. Try this first,
and if you get an error - try the next method. This uses a command to
try to determine your web server user and set it as HTTPDUSER:
$ rm -rf app/cache/*
$ rm -rf app/logs/*
$ HTTPDUSER=`ps aux | grep -E '[a]pache|[h]ttpd|[_]www|[w]ww-data|[n]ginx' | grep -v root | head -1 | cut -d\ -f1`
$ sudo chmod +a "$HTTPDUSER allow delete,write,append,file_inherit,directory_inherit" app/cache app/logs
$ sudo chmod +a "`whoami` allow delete,write,append,file_inherit,directory_inherit" app/cache app/logs
Using ACL on a system that does not support chmod +a
Some systems don't support chmod +a, but do support another utility
called setfacl. You may need to enable ACL support on your partition
and install setfacl before using it (as is the case with Ubuntu). This
uses a command to try to determine your web server user and set it as
HTTPDUSER:
$ HTTPDUSER=`ps aux | grep -E '[a]pache|[h]ttpd|[_]www|[w]ww-data|[n]ginx' | grep -v root | head -1 | cut -d\ -f1`
$ sudo setfacl -R -m u:"$HTTPDUSER":rwX -m u:`whoami`:rwX app/cache app/logs
$ sudo setfacl -dR -m u:"$HTTPDUSER":rwX -m u:`whoami`:rwX app/cache app/logs
For Symfony 3 it would be:
$ HTTPDUSER=`ps aux | grep -E '[a]pache|[h]ttpd|[_]www|[w]ww-data|[n]ginx' | grep -v root | head -1 | cut -d\ -f1`
$ sudo setfacl -R -m u:"$HTTPDUSER":rwX -m u:`whoami`:rwX var/cache var/logs
$ sudo setfacl -dR -m u:"$HTTPDUSER":rwX -m u:`whoami`:rwX var/cache var/logs
If this
doesn't work, try adding -n option.
Without using ACL
If none of the previous methods work for you, change the umask so that
the cache and log directories will be group-writable or world-writable
(depending if the web server user and the command line user are in the
same group or not). To achieve this, put the following line at the
beginning of the app/console, web/app.php and web/app_dev.php files:
umask(0002); // This will let the permissions be 0775
// or
umask(0000); // This will let the permissions be 0777
Note that using the ACL is recommended when you have access to them on your server
because changing the umask is not thread-safe.
http://symfony.com/doc/current/book/installation.html#checking-symfony-application-configuration-and-setup
source :
Failed to write cache file "/var/www/myapp/app/cache/dev/classes.php" when clearing the cache
Most likely it means that the directory and/or sub-directories are not writable. Many forget about sub-directories.
Symfony 2
chmod -R 777 app/cache app/logs
Symfony 3 directory structure
chmod -R 777 var/cache var/logs
Additional Resources
Permissions solution by Symfony (mentioned previously).
Permissions solution by KPN University - additionally includes an screen-cast on installation.
Note: If you're using Symfony 3 directory structure, substitute app/cache and app/logs with var/cache and var/logs.
If the folder is already writable so thats not the problem.
You can also just navigate to /www/projet_etienne/app/cache/ and manualy remove the folders in there (dev, dev_new, dev_old).
Make sure to SAVE a copy of those folder somewhere to put back if this doesn't fix the problem
I know this is not the way it should be done but it worked for me a couple of times now.
You probably aborted a clearcache halfway and now you already have an app/cache/dev_old.
Try this (in the root of your project, assuming you're on a Unixy environment like OS X or Linux):
rm -rf app/cache/dev*
Maybe you forgot to change the permissions of app/cache app/log
I'm using Ubuntu so
sudo chmod -R 777 app/cache
sudo chmod -R 777 app/logs
sudo setfacl -dR -m u::rwX app/cache app/logs
Hope it helps..
I move the whole directory from my Windows installation to a unix production server and I got the same error. To fix it, I just ran these two lines in unix and everything started to run fine
rm -rf app/cache/*
rm -rf app/logs/*
i executed:
ps aux | grep apache
and got something like that:
root 28147 0.0 5.4 326336 27024 ? Ss 20:06 0:00 /usr/sbin/apache2 -k start
www-data 28150 0.0 1.3 326368 6852 ? S 20:06 0:00 /usr/sbin/apache2 -k start
www-data 28151 0.0 4.4 329016 22124 ? S 20:06 0:00 /usr/sbin/apache2 -k start
www-data 28152 0.1 6.0 331252 30092 ? S 20:06 0:00 /usr/sbin/apache2 -k start
www-data 28153 0.0 1.3 326368 6852 ? S 20:06 0:00 /usr/sbin/apache2 -k start
www-data 28154 0.0 1.3 326368 6852 ? S 20:06 0:00 /usr/sbin/apache2 -k start
www-data 28157 0.0 1.3 326368 6852 ? S 20:06 0:00 /usr/sbin/apache2 -k start
user 28297 0.0 0.1 15736 924 pts/4 S+ 20:12 0:00 grep --color=auto apache
so my user with no access turned out to be www-data thus i executed commands:
sudo chown -R www-data app/cache
sudo chown -R www-data app/logs
and it solved access errors.
Never-ever use unsecure 777 for solving specific access probles:
sudo chmod -R 777 app/cache
sudo chmod -R 777 app/logs
if symfony version less than 2.8
sudo chmod -R 777 app/cache/*
if symfony version great than or equal 3.0
sudo chmod -R 777 var/cache/*
If you face this error when you start Symfony project with docker (my Symfony version 5.1). Or errors like these:
Uncaught Exception: Failed to write file "/var/www/html/mysite.com.local/var/cache/dev/App_KernelDevDebugContainer.xml"" while reading upstream
Uncaught Warning: file_put_contents(/var/www/html/mysite.com.local/var/cache/dev/App_KernelDevDebugContainerDeprecations.log): failed to open stream: Permission denied" while reading upstream
Fix below helped me.
In Dockerfile for nginx container add line:
RUN usermod -u 1000 www-data
In Dockerfile for php-fpm container add line:
RUN usermod -u 1000 www-data
Then remove everything in directories "/var/cache", "/var/log" and rebuild docker's containers.
Just use this acl cmd, next time the files inside var are created it will have the r/w/x permission for www-data user.
cd var
rm -rf *
cd ..
setfacl -d -m u:www-data:rwx var
Cmd explanation:
setfacl -> Set acl command
-d -> default behavior
-m -> modify
u:www-data: -> for user
rwx -> adding permissions
var -> on the folder