I've installed All-In-One OpenShift Origin Virtual Machine (Version 1.1.6) and deployed WordPress by following the instruction given in origin/examples/wordpress.
I've chosen NFS storage
I need to know:
When I ls in to /home/data/pv0002 it show MySQL files as expected. But when I ls in to the /home/data/pv0001 it shows nothing! isn't the WordPress files have to be there?
When I try to upload media in WordPress it show an error message like below
Unable to create directory wp-content/uploads/2016/05. Is its parent directory writable by the server?
What do I have to do to fix this?
When I try to install new theme it asks for ftp credentials. What do I have to do to get that?
Log from POD
warning: both WORDPRESS_DB_HOST and MYSQL_PORT_3306_TCP found
Connecting to WORDPRESS_DB_HOST (mysql)
instead of the linked mysql container
WordPress not found in /var/www/html - copying now...
WARNING: /var/www/html is not empty - press Ctrl+C now if this is an error!
+ ls -A
+ sleep 10
.htaccess
tar: ./index.php: Cannot change ownership to uid 33, gid 33: Operation not permitted
tar: ./license.txt: Cannot change ownership to uid 33, gid 33: Operation not permitted
tar: ./readme.html: Cannot change ownership to uid 33, gid 33: Operation not permitted
tar: ./wp-activate.php: Cannot change ownership to uid 33, gid 33: Operation not permitted
tar: ./wp-admin/about.php: Cannot change ownership to uid 33, gid 33: Operation not permitted
tar: ./wp-admin/admin-ajax.php: Cannot change ownership to uid 33, gid 33: Operation not permitted
tar: ./wp-admin/admin-footer.php: Cannot change ownership to uid 33, gid 33: Operation not permitted
tar: ./wp-admin/admin-functions.php: Cannot change ownership to uid 33, gid 33: Operation not permitted
tar: ./wp-admin/admin-header.php: Cannot change ownership to uid 33, gid 33: Operation not permitted
tar: ./wp-admin/admin-post.php: Cannot change ownership to uid 33, gid 33: Operation not permitted
tar: ./wp-admin/admin.php: Cannot change ownership to uid 33, gid 33: Operation not permitted
...
tar: ./xmlrpc.php: Cannot change ownership to uid 33, gid 33: Operation not permitted
tar: .: Cannot utime: Operation not permitted
tar: .: Cannot change ownership to uid 33, gid 33: Operation not permitted
tar: .: Cannot change mode to rwxr-xr-x: Operation not permitted
tar: Exiting with failure status due to previous errors
From Centos 7 I did the following steps and everything worked perfectly. Important steps are 3, 4 and 5. And there is no need to edit the restricted scc to RunAsAny.
Step 1:
# systemctl status docker
# systemctl status nfs
Step 2:
start cluster
Step 3:
# mkdir -p /home/data/pv0001
# mkdir -p /home/data/pv0002
# chmod -R 777 /home/data/
# chown -R nfsnobody:nfsnobody /home/data/
Step 4:
# cat /etc/exports
/home/data/pv0001 *(rw,sync,no_root_squash)
/home/data/pv0002 *(rw,sync,no_root_squash)
# exportfs -a
# setsebool -P virt_use_nfs 1
Step 5:
and from wordpress project as system:admin
# oadm policy add-scc-to-user anyuid -z default
which means allow the containers in this project to run as root.
Step 6:
deploy wordpress
Related
If I run this command:
su -l otheruser -c 'strace /usr/lib/systemd/systemd --user 2> /tmp/su.err'
It fails:
Failed to create root cgroup hierarchy: Permission denied
Failed to allocate manager object: Permission denied
I see in the strace output that starting systemd as user failed here:
mkdir("/sys/fs/cgroup/systemd/user/root/754/systemd-3893", 0755) = -1
EACCES (Permission denied)
Where does /sys/fs/cgroup/systemd/user/root/ come from?
If I run the same command via ssh to localhost it works:
ssh otheruser#localhost 'strace /usr/lib/systemd/systemd --user 2> /tmp/ssh.err'
Here, the right directory gets used:
mkdir("/sys/fs/cgroup/systemd/user/modwork_gew_dfj/825/systemd-4272", 0755) = 0
Why does it work via ssh, but not via su?
Version: su (GNU coreutils) 8.17
Update
Here you can see that the cgroup does not get changed by my version of su:
host:~ # su -l otheruser
otheruser#host:~$ cat /proc/$PPID/cgroup
10:hugetlb:/
9:perf_event:/
8:blkio:/
7:net_cls:/
6:freezer:/
5:devices:/
4:memory:/
3:cpuacct,cpu:/
2:cpuset:/
1:name=systemd:/user/root/5913 <################ root
Via ssh:
host:~ # ssh otheruser#host
otheruser#host:~$ cat /proc/$PPID/cgroup
10:hugetlb:/
9:perf_event:/
8:blkio:/
7:net_cls:/
6:freezer:/
5:devices:/
4:memory:/
3:cpuacct,cpu:/
2:cpuset:/
1:name=systemd:/user/otheruser/5919 <################ otheruser
Update2
My version of su does not change the cgroup (See the link in the answer of user "ax."). Is there a way to change the cgroup (before or after) calling su?
Update3
This version does not have this issue: su util-linux 2.25
su inherits its cgroup from the originating session, not from the user passed to su. So when you call su -l otheruser -c systemd ... as root, systemd tries to use the root cgroup (/sys/fs/cgroup/systemd/user/root/...) as otheruser and fails.
With ssh otheruser#localhost ..., both user and cgroup are otheruser, and everything works as expected.
as guettli pointed out su don't work anymore.
in centos7.2 as root I tried this seems to work for cgroup by uid:
Assume you have uid=1000 that is a high cpu share user and uid=1001 that is a low cpu share user, (I am guessing by default every new user is getting a share of 1024 which will be the case for root user (uid=0))
in centos7.2 as root I tried this seems to work for cgroup:
systemd-run --uid=1000 --slice=user-1000.slice do_uid_1000_work_commands
systemd-run --uid=1001 --slice=user-1001.slice do_uid_1001_work_commands
the above will create two adhoc services with the corresponding user-slice config under /run/systemd/system/:
/run/systemd/system/*10345*
/run/systemd/system/run-10345.service
/run/systemd/system/run-10345.service.d:
50-Description.conf 50-ExecStart.conf 50-Slice.conf 50-User.conf
Here are the rest of my configurations:
--> /etc/systemd/system/user-1000.slice.d/50-CPUShares.conf
[Slice]
CPUShares=4096
--> /etc/systemd/system/user-1001.slice.d/50-CPUShares.conf
[Slice]
CPUShares=1024
--> /usr/lib/systemd/system/user-1001.slice
[Unit]
Description=User and Session Slice for uid = 1001 (low cpu share user)
Documentation=man:systemd.special(7)
Before=slices.target
[Service]
Slice=user-1001
CPUShares=1024
--> /usr/lib/systemd/system/user-1000.slice
[Unit]
Description=User and Session Slice for uid = 1000 (high cpu share user)
Documentation=man:systemd.special(7)
Before=slices.target
[Service]
Slice=user-1000
CPUShares=4096
I have added these lines on sshd_config
AuthorizedKeysCommand /authorizedkeys/authorized-keys
AuthorizedKeysCommandUser ssh-keys
-rwxr-x--- 1 root ssh-keys 712 Dec 23 22:36 /authorizedkeys/authorized-keys
-rwxr-x--- 1 root ssh-keys 712 Dec 23 22:36 authorized-keys
ssh-keys user can excecute the file(/authorizedkeys/authorized-keys).
but I cannot ssh to server; ssh git#myserver.com
in auth.log I can see this line,
error: Unsafe AuthorizedKeysCommand: bad ownership or modes for directory /
if I give 770 permission to /authorizedkeys/authorized-keys file, I get following error,
error: Unsafe AuthorizedKeysCommand: bad ownership or modes for file /authorizedkeys/authorized-keys
I tried using root as the AuthorizedKeysCommandUser and changed permission and owner of /authorizedkeys/authorized-keys file. it did not work too.
I am using OpenSSH_6.6.1p1 on ubuntu 14.04.
note:I can ssh fine with authorized_keys file
Unsafe AuthorizedKeysCommand: bad ownership or modes for directory /
It's complaining about ownership or permissions on the root directory. According to the source code the file, the directory containing the file, and all parent directories (including the root directory) have to be owned by root. The permissions on all of these files and directories have to be 0755 (deny write access to group and other).
My guess is that you have group write permission set on your root directory, or something like that.
Giving 0770 permissions to "/authorizedkeys/authorized-keys" also causes that file to fail the permissions check.
For completeness, this is the section of code which emits the directory error:
if (stat(buf, &st) < 0 ||
(!platform_sys_dir_uid(st.st_uid) && st.st_uid != uid) ||
(st.st_mode & 022) != 0) {
snprintf(err, errlen,
"bad ownership or modes for directory %s", buf);
return -1;
}
It emits that error if:
The stat() call fails for a directory
The file doesn't belong to root ("uid" is 0 here)
The file's permissions include write-by-group or write-by-other.
authorized_keys file should be chmod 600 and the .ssh directory should be chmod 700 .
you need to give proper permission to the keys on the remote host:
[remote-host]$ chmod 755 ~/.ssh
[remote-host]$ chmod 644 ~/.ssh/authorized_keys
I have a self-hosted gitlab and I would like to install a package hosted there using ssh.
I tried:
pip install git+ssh://git#<my_domain>:se7entyse7en/<project_name>.git
Here's the output:
Downloading/unpacking git+ssh://git#<my_domain>:se7entyse7en/<project_name>.git
Cloning ssh://git#<my_domain>:se7entyse7en/<project_name>.git to /var/folders/3r/v7swlvdn2p7_wyh9wj90td2m0000gn/T/pip-4_JdRU-build
ssh: Could not resolve hostname <my_domain>:se7entyse7en: nodename nor servname provided, or not known
fatal: Could not read from remote repository.
Please make sure you have the correct access rights and the repository exists.
Update:
I tried to upload it on gitlab.com and after having uploaded the repo I tried to install it by running:
pip install git+ssh://git#gitlab.com:loumarvincaraig/<project_name>.git
but the nothing changed. In particular here's the content of pip.log:
/Users/se7entyse7en/Envs/test/bin/pip run on Mon Nov 17 22:14:51 2014
Downloading/unpacking git+ssh://git#gitlab.com:loumarvincaraig/<project_name>.git
Cloning ssh://git#gitlab.com:loumarvincaraig/<project_name>.git to /var/folders/3r/v7swlvdn2p7_wyh9wj90td2m0000gn/T/pip-91JVFi-build
Found command 'git' at '/usr/local/bin/git'
Running command /usr/local/bin/git clone -q ssh://git#gitlab.com:loumarvincaraig/<project_name>.git /var/folders/3r/v7swlvdn2p7_wyh9wj90td2m0000gn/T/pip-91JVFi-build
Complete output from command /usr/local/bin/git clone -q ssh://git#gitlab.com:loumarvincaraig/<project_name>.git /var/folders/3r/v7swlvdn2p7_wyh9wj90td2m0000gn/T/pip-91JVFi-build:
Cleaning up...
Command /usr/local/bin/git clone -q ssh://git#gitlab.com:loumarvincaraig/<project_name>.git /var/folders/3r/v7swlvdn2p7_wyh9wj90td2m0000gn/T/pip-91JVFi-build failed with error code 128 in None
Exception information:
Traceback (most recent call last):
File "/Users/se7entyse7en/Envs/test/lib/python2.7/site-packages/pip/basecommand.py", line 134, in main
status = self.run(options, args)
File "/Users/se7entyse7en/Envs/test/lib/python2.7/site-packages/pip/commands/install.py", line 236, in run
requirement_set.prepare_files(finder, force_root_egg_info=self.bundle, bundle=self.bundle)
File "/Users/se7entyse7en/Envs/test/lib/python2.7/site-packages/pip/req.py", line 1092, in prepare_files
self.unpack_url(url, location, self.is_download)
File "/Users/se7entyse7en/Envs/test/lib/python2.7/site-packages/pip/req.py", line 1231, in unpack_url
return unpack_vcs_link(link, loc, only_download)
File "/Users/se7entyse7en/Envs/test/lib/python2.7/site-packages/pip/download.py", line 410, in unpack_vcs_link
vcs_backend.unpack(location)
File "/Users/se7entyse7en/Envs/test/lib/python2.7/site-packages/pip/vcs/__init__.py", line 240, in unpack
self.obtain(location)
File "/Users/se7entyse7en/Envs/test/lib/python2.7/site-packages/pip/vcs/git.py", line 111, in obtain
call_subprocess([self.cmd, 'clone', '-q', url, dest])
File "/Users/se7entyse7en/Envs/test/lib/python2.7/site-packages/pip/util.py", line 670, in call_subprocess
% (command_desc, proc.returncode, cwd))
InstallationError: Command /usr/local/bin/git clone -q ssh://git#gitlab.com:loumarvincaraig/<project_name>.git /var/folders/3r/v7swlvdn2p7_wyh9wj90td2m0000gn/T/pip-91JVFi-build failed with error code 128 in None
I don't know why, but by running the following command it worked (slash instead of : after <my_domain>):
pip install git+ssh://git#<my_domain>/se7entyse7en/<project_name>.git
# ^
# slash instead of :
Yes. This is the default use:
pip install git+ssh://git#<my_domain>:22/<project_group>/<project_name>.git
The use of the colon by itself implies the default ssh port number 22. Because you can control the port number of your server, the port number could be different. Git enables customisation by not providing :22/ or / only.
I use rsync to backup the home directory (ext4) of my Ubuntu installation. I use the following command to copy files and folders to a remote server (ext4).
$ rsync -rt --delete --delete-excluded --links \
--exclude-from '/home/jjd/rsync-home-exclude.txt' \
/home/jjd/ server:/volume1/backup-home
I defined some folders and files which can be ignored for the backup:
$ cat /home/jjd/rsync-home-exclude.txt
/home/jjd/.thumbnails/
/home/jjd/Downloads/.org.chromium.Chromium*
/home/jjd/.cpan
.cache/
*.swp
*.lock
*.tmp
/home/jjd/.local/share/recently-used.*
.TrueCrypt/.show-request-queue
.dropbox/command_socket
.dropbox/iface_socket
*.sock%
Nevertheless, rsync still reports the following errors:
rsync: opendir "/home/jjd/.cpan/build/local-lib-1.008009-Xl6GGK/inc" failed: Permission denied (13)
rsync: opendir "/home/jjd/.cpan/build/local-lib-1.008009-Xl6GGK/lib" failed: Permission denied (13)
rsync: opendir "/home/jjd/.cpan/build/local-lib-1.008009-Xl6GGK/t" failed: Permission denied (13)
IO error encountered -- skipping file deletion
rsync error: some files/attrs were not transferred (see previous errors) (code 23) at main.c(1070) [sender=3.0.9]
Just remove /home/jjd from the exclude file. According to the rsync documentation, a leading slash does not apply to the root of the filesystem, but to the "root of the transfer".
I am new at OpenERP and I just installed OpenERP 7.0 on Ubuntu 12.04 using the All-In-One ".deb" file. But when I tried to open it it gave me this error message:
Internal Server Error: The server encountered an internal error and was unable to complete your request. Either the server is overloaded or there is an error in the application.
I checked the "openerp-server.log" file and it gave me this:
self.gen.next()
File "/usr/share/pyshared/openerp/addons/web/http.py", line 422, in session_context
session_store.save(request.session)
File "/usr/share/pyshared/werkzeug/contrib/sessions.py", line 237, in savedir=self.path)
File "/usr/lib/python2.7/tempfile.py", line 300, in mkstemp
return _mkstemp_inner(dir, prefix, suffix, flags)
File "/usr/lib/python2.7/tempfile.py", line 235, in _mkstemp_inner
fd = _os.open(file, flags, 0600)
OSError: [Errno 13] Permission non accordée: '/tmp/oe-sessions-openerp/tmpNUQsbf.__wz_sess'
What is going wrong and how can I fix it?
Thanks!
It looks like a permission issue. You can check permissions of your server/addons/web directory and change it's to Read/Write/Create/Delete like this
chmod 777 DIRPATH_OF_SERVER -R
chmod 777 DIRPATH_OF_ADDONS -R
chmod 777 DIRPATH_OF_WEB -R
By assigning all permissions, Can you re-check it ?