Iḿ trying to get a local tile server running. Using this guide . Iḿ pretty much at the end of the guide but using the render command it fails.
user:/usr/local/etc$ sudo -u username renderd -f -c /usr/local/etc/renderd.conf
renderd[9849]: Rendering daemon started
renderd[9849]: Initiating reqyest_queue
renderd[9849]: Parsing section renderd
renderd[9849]: Parsing render section 0
renderd[9849]: Parsing section mapnik
renderd[9849]: Parsing section default
renderd[9849]: config renderd: unix socketname=/var/run/renderd/renderd.sock
renderd[9849]: config renderd: num_threads=4
renderd[9849]: config renderd: num_slaves=0
renderd[9849]: config renderd: tile_dir=/var/lib/mod_tile
renderd[9849]: config renderd: stats_file=/var/run/renderd/renderd.stats
renderd[9849]: config mapnik: plugins_dir=/usr/local/lib/mapnik/input
renderd[9849]: config mapnik: font_dir=/usr/share/fonts/truetype/ttf-dejavu
renderd[9849]: config mapnik: font_dir_recurse=1
renderd[9849]: config renderd(0): Active
renderd[9849]: config renderd(0): unix socketname=/var/run/renderd/renderd.sock
renderd[9849]: config renderd(0): num_threads=4
renderd[9849]: config renderd(0): tile_dir=/var/lib/mod_tile
renderd[9849]: config renderd(0): stats_file=/var/run/renderd/renderd.stats
renderd[9849]: config map 0: name(default) file(/usr/local/share/maps/style/OSMBright/OSMBright.xml) uri(/osm_tiles/) htcp() host(localhost)
renderd[9849]: Initialising unix server socket on /var/run/renderd/renderd.sock
socket bind failed for: /var/run/renderd/renderd.sock
I searched for the "socket bind failed for: /var/run/renderd/renderd.sock" problem quite a while in the INTERNET to find a solution for it, but, although I could find some people with similar problems the solutions for their case didn't apply to me.
So here are some hints for my situation:
The folder "/var/run/renderd/" exist and my user has the right to access it.
My renderd.conf file is also accessible for my user, it also should be properly configured but to be sure here is the code of it:
renderd.conf
[renderd]
socketname=/var/run/renderd/renderd.sock
num_threads=4
tile_dir=/var/lib/mod_tile
stats_file=/var/run/renderd/renderd.stats
[mapnik]
plugins_dir=/usr/local/lib/mapnik/input
font_dir=/usr/share/fonts/truetype/ttf-dejavu
font_dir_recurse=1
[default]
URI=/osm_tiles/
TILEDIR=/var/lib/mod_tile
XML=/usr/local/share/maps/style/OSMBright/OSMBright.xml
HOST=localhost
TILESIZE=256
I think its somehow a "rights to access" issue because on the command:
user:/usr/local/etc$ sudo renderd -f
[sudo] password for user:
renderd[11904]: Rendering daemon started
renderd[11904]: Initiating reqyest_queue
iniparser: cannot open /etc/renderd.conf
It can somehow not open the file even trough I double checked it, folder and file are access able to the user
If anyone has any ideas or questions , any input is welcome!
This is a permissions issue. I had the same issue, which was based on the Install PostgreSQL and PostGIS, specifically, the add user and grant access to gis DB.
You must add the user that the server was created under, then grant all privileges. Once I made this change, I restarted the server, and it worked great!
I fixed this by copying my renderd.conf file to /etc. My renderd.conf was in /usr/local/etc.
Make sure the directory for /var/run/renderd/renderd.sock exists and has write permissions for the user running renderd as per https://stackoverflow.com/a/28884976/1860663
Related
I'm running my minikube cluster in thw windows laptop computer and trying to setup argo workflows and argo-cli, I already installed the argo-workflow but when I try executing argo commands, it gives me an error :
FATA[0000] invalid configuration: no configuration has been provided
But I see --kubeconfig flag can be used to configure this this setting in argo, I tried the following command to execute with --kubeconfig
argo version --kubeconfig "/mnt/c/Users/madur/.kube/config"
Still I'm getting following error
FATA[0000] invalid configuration: [unable to read client-cert /mnt/c/Users/madur/.kube/C:\Users\madur\.minikube\profiles\minikube\client.crt for minikube due to open /mnt/c/Users/madur/.kube/C:\Users\madur\.minikube\profiles\minikube\client.crt: no such file or directory, unable to read client-key /mnt/c/Users/madur/.kube/C:\Users\madur\.minikube\profiles\minikube\client.key for minikube due to open /mnt/c/Users/madur/.kube/C:\Users\madur\.minikube\profiles\minikube\client.key: no such file or directory, unable to read certificate-authority /mnt/c/Users/madur/.kube/C:\Users\madur\.minikube\ca.crt for minikube due to open /mnt/c/Users/madur/.kube/C:\Users\madur\.minikube\ca.crt: no such file or directory]
My kubeconfig file is loacted at /mnt/c/Users/madur/.kube/config becauseI'm using WSL in windows.
Can anyone help me to resolve this issue ?
Thanks.
When using WSL, you should use the Linux filesystem for files.
My filebeat (v7.6.0) config has the following:
logging.level: debug
logging.to_files: true
logging.files:
path: /var/log/filebeat
name: filebeat
keepfiles: 7
permissions: 0755
It doesn't create the files, nor does it log to them, it just continues to log to syslog instead.
What haven't I done/have I done wrong?
According to the docs:
When Filebeat is running on a Linux system with systemd, it uses by default the -e command line option, that makes it write all the logging output to stderr so it can be captured by journald. Other outputs are disabled.
I have this bash script:
#!/bin/bash
USERNAME=$1
WORKDIR='dir_'$USERNAME
mkdir deployment/$WORKDIR
cat deployment/deploy.yml > deployment/$WORKDIR/deploy.yml
sed -i 's/alopezfu/'$USERNAME'/g' deployment/$WORKDIR/deploy.yml
kubectl apply -f deployment/$WORKDIR/deploy.yml
rm -rf deployment/$WORKDIR/
And i use exec funcition in PHP for run.
And i get this messege in /var/log/apache/error.log
To view or setup config directly use the 'config' command.
error: no configuration has been provided, try setting KUBERNETES_MASTER environment variable
error: Missing or incomplete configuration info. Please point to an existing, complete config file:
Via the command-line flag --kubeconfig
Via the KUBECONFIG environment variable
In your home directory as ~/.kube/config
I need help 🙏
Since you are running the script as a diferent user, you need to "tell" to kubectl where is the configuration file.
This can be done setting the variable KUBECONFIG in your environment.
Supposing the kubernetes config file is in the dir /var/www/ with the correct permission to be readable, you can configure your php script like this:
<?php
$kubeconfig = "/var/www/config"; // The config file
putenv("KUBECONFIG=$kubeconfig"); // set the environment variable KUBECONFIG
$output = shell_exec("KUBECONFIG=$kubeconfig ; kubectl get pods -A"); // Runs the command
echo "<pre>$output</pre>"; // and return the expected output.
?>
Please be aware that:
Setting certain environment variables may be a potential security breach.
Some actions that should mitigate the impacts:
Make sure your config file is safe and not reachable from the browser;
Consider to create a serviceAccount with limited permissions;
Here you can find some useful commands and kubectl tips.
How to create a service account for kubectl
Problem:
httpd is unable to write to /var/www/tmp because it is being blocked by SELinux.
Description: A PDF report library which I'm using to download reports from my website is throwing 'Permission Denied' errors since it is unable to write to /var/www/tmp. I have set the tmp folder location of php to /var/www/tmp. The /var/www/tmp is owned by apache. Also its context has been set to httpd_sys_rw_content_t. Still httpd is unable to write in this directory.
What am I missing?
I have set the context and permissions using below commands.
chown -R apache:apache /var/www/tmp
semanage fcontext -a httpd_sys_rw_content_t "/var/www/tmp(/.*)?"
What may be going wrong? Please note, I don't wish to disable SELinux.
I believe -t flag should be added in semanage command to specify the type. After that apply the changes using restorecon -v
I'm developing a website on a totally offline environment. also, I use gitlab runner for CI and the host is CentOS 7.
the problem is that gitlab runner uses gitlab-runner user on centos for deploying laravel application and apache uses apache user for running laravel.
I got Permission denied error on apache til I changed ownership of files. after that I get this error on apache log:
Uncaught UnexpectedValueException: The stream or file "storage/logs/laravel.log" could not be opened: failed to open stream: Permission denied
it seems that some vendor libraries like monolog want to write error or debug logs onto storage/logs/laravel.log but it gets permission denied. :(
.gitlab-ci.yml
stages:
- build
- test
- deploy
buildBash:
stage: build
script:
- bash build.sh
testBash:
stage: test
script:
- bash test.sh
deployBash:
stage: deploy
script:
- sudo bash deploy.sh
build.sh
#!/bin/bash
set -xe
# creating env file from production file
cp .env.production .env
# initializing laravel
php artisan key:generate
php artisan config:cache
# database migration
php artisan migrate --force
deploy.sh
#!/bin/bash
PWD=$(pwd)'/public'
STG=$(pwd)'/storage'
ln -s $PWD /var/www/html/public
chown apache.apache -R /var/www/html/public
chmod -R 755 /var/www/html/public
chmod -R 775 $STG
Am I using gitlab runner correct? how can I fix the permission denied error?
SELinux
I found the problem and it was selinux, like always it was selinux and I ignored it at the begining
What's the problem:
you can see selinux context on files with ls -lZ command, by default all files on www are httpd_sys_content_t, the problem is that selinux just allow apache to read these files. you should change storage and bootstrap/cache context so it can be writable.
there are 4 apache context type:
httpd_sys_content_t: read-only directories and files
httpd_sys_rw_content_t: readable and writable directories and files used by Apache
httpd_log_t: used by Apache for log files and directories
httpd_cache_t: used by Apache for cache files and directories
What to do:
first of all install policycoreutils-python for better commands
yum install -y policycoreutils-python
after installing policycoreutils-python the semanage command is available, so you can change file context like this:
semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/html/laravel/storage(/.*)?"
semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/html/laravel/bootstrap/cache(/.*)?"
don't forget to commit the changes by this command:
restorecon -Rv /var/www/html/laravel/storage
restorecon -Rv /var/www/html/laravel/bootstrap/cache
the problem is solved :)
ref: http://www.serverlab.ca/tutorials/linux/web-servers-linux/configuring-selinux-policies-for-apache-web-servers/