I am using Ubuntu 14.04.01 and Apache - 2.2.31.
In httpd.conf I have
User build
Group build
Trying to start apache -
apache/logs$ cat stdout.log
httpd: bad user name build
Before that I tried to run:
. bin/envvars
When I created local user "test"
useradd -m test -G sudo -s /bin/bash
and specified it in httpd.conf, then I was able to start apache.
But, I need to use LDAP user "build".
Finally, I solved this issue:
sudo ltrace -f sh apachectl configtest 2>out.log
Investigated output in out.log file and found a call - 'getpwnam("build")', which returned '0'. From documentation I understood that "The given name or uid was not found.", but when I was calling 'id build' I was able to see that user exist and list of the network groups to which this user belongs to. Then I connected to another vm, where I was able to use LDAP user to start apache and ran
ldd bin/httpd
and compared the output. One of vm's was missing "libldap-2.3.so.0"
Related
Problem:
httpd is unable to write to /var/www/tmp because it is being blocked by SELinux.
Description: A PDF report library which I'm using to download reports from my website is throwing 'Permission Denied' errors since it is unable to write to /var/www/tmp. I have set the tmp folder location of php to /var/www/tmp. The /var/www/tmp is owned by apache. Also its context has been set to httpd_sys_rw_content_t. Still httpd is unable to write in this directory.
What am I missing?
I have set the context and permissions using below commands.
chown -R apache:apache /var/www/tmp
semanage fcontext -a httpd_sys_rw_content_t "/var/www/tmp(/.*)?"
What may be going wrong? Please note, I don't wish to disable SELinux.
I believe -t flag should be added in semanage command to specify the type. After that apply the changes using restorecon -v
I have a problem whith my installation of docker. When I launch my docker-compose up I have this error :
front_1 | /var/lock/apache2 already exists but is not a directory owned by www-data.
front_1 | Please fix manually. Aborting.
I have this error because I add this line in my dockerfile conf :
RUN usermod -u 1000 www-data
But if I delete this line, my symfony project doesn't work with docker.
Do you have any ideas to solve my problem ?
Best regards
As I see it, you are trying to change UID of user www-data inside docker to have the same ID as host machine user UID (you), so you can open project files in your IDE.
This introduces file permissions problems on apache2 service, which can't read it's own files (config, pid,...), simply because it is not the same user anymore.
Quick 'dirty' solution is to change only owner of symfony project files to UID 1000, but keep group (GID) to the www-data. This applies only for dev machine. Else you don't needed it. Run command inside container.
chown -R 1000:www-data /home/project
You can create some bash alias inside docker to have it at hand.
Other option is to use ACL which will set existing files and folder with permissions, which will get inherited to newly created files under given folder. This could be put to bootstrap script inside container. But only for DEV mode. This way you won't need to run chown.
chown -R 1000:www-data /home/project #set for existing files
/usr/bin/setfacl -R -m u:www-data:rwx -m u:0:rwx -m u:1000:rwx /home/project
/usr/bin/setfacl -dR -m u:www-data:rwx -m u:0:rwx -m u:1000:rwx /home/project
Each -m is for a different user. First is www-data (apache2), second is 0 (root) and third is 1000 (you).
Remember UID can change anytime. So this could create security hole if mentioned users are not having proper UID.
I used second method only for folders, where PHP via apache2 sets permissions (uploaded files, cache,...), but host user needs to access these files.
I am pretty new at php and ubuntu. I have 2 servers set up, one for development and one for staging. On the dev machine I can use the at command without a problem, but on staging I get a permissions error. The at.deny (and at.allow) files are identical, so it must be another permissions issue.
Any clues?
I see that on the staging server I can only use at command as root. How can I fix this to be able to use the at command as www-data? Again... I checked the at.allow and at.deny files ... they are not the problem here.
1) Check if you have file /etc/at.allow.
If it exists - just add your user in new line.
If not exists - try to find your user in /etc/at.deny and remove/comment it.
2) Restart "at" daemon:
sudo atd restart
3) Check:
at -l
or
sudo -u myuser at -l
The error should not be output.
According to the installation page on Opscode the install process of Chef Server 11 should be fairly easy. However, in my company, both me and a colleague of mine have run into the same problem when we tried to install Chef: running
$ sudo chef-server-ctl reconfigure
would throw an error and stop:
"Error when reading /var/opt/chef-server/rabbitmq/.erlang.cookie: eacces"
How can I fix this problem?
Check the user/group that owns the erlang.cookie file indicated in the error message.
The file should be owned by the user chef_server, so do
$ chown chef_server:chef_server erlang.cookie
in that directory.
I'm a beginner Ruby on Rails Programmer and I'm trying to install Apache2 + Passenger(That's for Rails Deployment).. and at the end of the installation process, Passenger gave me a few lines to add to the file apache2.conf at /etc/apache2/ but I can't override this file.. I have no permission =( I've also uploaded an image showing me the error.
P.S => I'm logged into Ubuntu with my username and password.
Please help! and thanks,
Rodrigo.
The simplest way is to open the file with the sudoedit program, as in
sudoedit /etc/apache2/apache2.conf
which will prompt for your password and then open your editor.
After the installation has completed, add phpmyadmin to the apache configuration.
sudo nano /etc/apache2/apache2.conf
Add the phpmyadmin config to the file. Include
/etc/phpmyadmin/apache.conf
Restart apache:
sudo service apache2 restart
If you are a beginner in GNU/Linux, I want to notice, for run command with root privileges run it with sudo:
sudo <your_command>
If you want to get root privileges for current terminal session (no need to type sudo each command) run:
sudo -i
I hope this will help someone considering the number of years since the last post. I tried this, and it worked for me.
sudo bash
Then the command to edit. Then save the file. Below is the site I got the procedure from.
https://ubuntuforums.org/showthread.php?t=1845306
Enter the command:
sudo nano /etc/apache2.conf
Or you can use the following chmod 777 usr/local/apache2/conf/httpd.conf
this will enable you to read/write the config file but be warned if you are planning on putting apache2 online you must revert it back to the old permissions chmod 640 usr/local/apache2/conf/httpd.conf