I am having trouble getting Apache access to a network share that I have mounted using fstab. I am trying to learn Apache by building an image server. The script parsing all of the images can access the mounted directories and I can see thumbnails on the webpage from the browser however if I try to get a link directly to the images then it claims it doesn't have access. Does anyone have any ideas?
Thanks!
EDIT: All users have rw- access. :p
I ran a ll on the box before and after mounting the drives and got this
Before Mounting: drwxrwxrwx. 2 root apache 4096 Oct 24 19:20 TestFolder
After Mounting: drwxrwxrw-+ 4 173754 171535 0 Feb 24 2007 TestFolder
This is my fstab command to mount the drive on boot
<network drive> <local mount point> cifs username=*******,password=*******,iocharset=utf8,rw,context=unconfined_u:object_r:httpd_sys_content_t:s0
Related
I have a Ubuntu machine which acts as a TFTP Server. I want to configure my cisco ios routers to take configuration from this TFTP server at boot time.
I have a few doubts-
Where do I store the configuration file for my cisco router in the TFTP Server?
Currently, I have created two temp folders in /var/lib/tftpboot-
automation#automation:/var/lib/tftpboot$ ls -l
total 8
drwx------ 2 tftp tftp 4096 Mar 31 15:37 ExrZHRa-incoming
drwxr-xr-x 2 root root 4096 Mar 31 15:52 TXJla-outgoing
automation#automation:/var/lib/tftpboot$ tree
.
├── ExrZHRa-incoming [error opening dir]
└── TXJla-outgoing
└── R1.txt
2 directories, 1 file
As per Cisco's documentation, this is the syntax to get a file from TFTP server-
copy tftp: [[[//location ]/directory ]/filename ] nvram:startup-config
Example:
Device# copy tftp://server1/dir10/datasource nvram:startup-config
As per my understanding, the location will be IP of my TFTP Server and filename will be the actual config file I want to load. But what should be configured in the directory? I tried with /var/lib/tftpboot/TXJla-outgoing but it didn't work. Error-
enter image description here
Shouldn't it be just
copy tftp://192.168.1.1/R1.txt running-config
It looks like you are using tftp-hda. Did you follow this guide ?
https://medium.com/#Sciri/configuring-a-tftp-server-on-ubuntu-for-switch-upgrades-and-maintenance-caf5b6833148
Try this:
copy tftp://192.168.1.1/TXJla-outgoing/R1.txt nvram:startup-config
The URL of anything you download via TFTP starts from the root of your TFTP server which is /var/lib/tftpboot
I have a little problem when I mount a SMB shared folder from a Synology NAS.
I want to mount a shared folder with permissions: git:root 700
But the mounted folder always have permission set to 777 ( even after a chmod 700 without error)
In my /etc/fstab I used this line:
#uid=999 ---> git user
//server/folder /mnt/artifacts cifs username=windowsUser,password=xxxxx,gid=0,uid=999,file_mode=0700,dir_mode=0700,iocharset=utf8 0 0
Do you know why I cannot set my rights to 700 ?
I did a mistake ? Something stupid ?
Thanks in advance for your help ;)
If the remote machine user ID and the local machine user ID do not match, the permissions will default to 777. Mount.cifs doesn't support umask, so instead "noperm" option can be used. This way even if the permissions of the users on the local and remote machines don't match, the user will still be allowed to read and write to the folder, the equivalent of umask=000.
//address/location /mount/location cifs username=username,password=password,noperm,vers=2.0 0 0
a good start is to check out the manpage for CIFS:
$ man mount.cifs
[...]
file_mode=arg
If the server does not support the CIFS Unix extensions this overrides the default file mode.
dir_mode=arg
If the server does not support the CIFS Unix extensions this overrides the default mode for directories.
[...]
nounix
Disable the CIFS Unix Extensions for this mount.
[...]
So since the file_mode (and dir_mode) seem to only work if the server does not support the CIFS Unix extensions, i would start by disabling them (via the nounix option)
Adding nounix worked just fine. For information, the line I have in /etc/fstab is :
//server/share /mnt/folder cifs credentials=/home/yannick/.smbcredentials,iocharset=utf8,sec=ntlm,vers=1.0,uid=1000,gid=1000,file_mode=0644,dir_mode=0755,nounix 0 0
with 1000 being my user id and group id.
Inside .smbcredentials, I have this :
username=<distant login>
password=<distant password>
I try to mount a CIFS share with permissions only for root. Other users should not be able to even list any files.
Therefore I used the following fstab entry:
//192.168.0.100/DRV /mnt/DRV cifs user=user,pass=pass,uid=0,gid=0,nounix,file_mode=0007,dir_mode=0007 0 0
I also tried the noperm parameter.
In detail I created the folder with this permissions:
drwxrwx--- 2 root root 4096 Mai 14 09:09 DRV
After mounting the network share, the folder have:
d------rwx 2 root root 4096 Mai 14 04:50 W
Your problem is a very common one. You are using incorrect tags to be able to change the file permissions of the mounted folder.
You need to add 'umask=', instead of 'file_mode=700' and 'dir_mode=700' as it is using system mount options not CIFS's options.
To do this you can use:
//address/location /mount/location cifs credentials=/location,uid=id,gid=id,umask=700 0 0
This will mount the file share under the set file permissions.
For security I would recommend using a credentials file, which contains the username and password, and must be set as read only.
I am new to System admin My problem is : In my department there are 30 students in 1st year and 30 students in 2nd year which are divided into two groups lets say group1 and group2 which need to login as ldap user via Ubuntu(14.04) GUI through any System connected to LAN.Every users home directory should be created on server side ,It should mount while login as GUI in ubuntu14.04, No other user should access anyone else home directory except by self.
[I don't want authenticating user to ldap-server and creating home directory on local machine ,instead I want central directory on server side,It should looks like login to server.]
Server Side : Ubuntu 14.04
I tried this and it works fine for me.
Client side : Ubuntu14.04
I tried this , it also works
but the issue is , this tutorial creates home directory on local machine instead of mounting server directory.I know from where it does.
I want : If i login through ldap user It should login on server via GUI not on local machine home directory.
on client side file "/var/log/auth.log"
Jul 28 11:53:06 issc systemd-logind[674]: System is rebooting.
Jul 28 11:53:23 issc systemd-logind[650]: New seat seat0.
Jul 28 11:53:23 issc systemd-logind[650]: Watching system buttons on /dev/input/event1 (Power Button)
Jul 28 11:53:23 issc systemd-logind[650]: Watching system buttons on /dev/input/event4 (Video Bus)
Jul 28 11:53:23 issc systemd-logind[650]: Watching system buttons on /dev/input/event0 (Power Button)
Jul 28 11:53:24 issc sshd[833]: Server listening on 0.0.0.0 port 22.
Jul 28 11:53:24 issc sshd[833]: Server listening on :: port 22.
Jul 28 11:53:25 issc lightdm: PAM unable to dlopen(pam_kwallet.so): /lib/security/pam_kwallet.so: cannot open shared object file: No such file or directory
Jul 28 11:53:25 issc lightdm: PAM adding faulty module: pam_kwallet.so
Jul 28 11:53:25 issc lightdm: pam_unix(lightdm-greeter:session): session opened for user lightdm by (uid=0)
Jul 28 11:53:25 issc systemd-logind[650]: New session c1 of user lightdm.
Jul 28 11:53:25 issc systemd-logind[650]: Linked /tmp/.X11-unix/X0 to /run/user/112/X11-display.
Jul 28 11:53:26 issc lightdm: PAM unable to dlopen(pam_kwallet.so): /lib/security/pam_kwallet.so: cannot open shared object file: No such file or directory
Jul 28 11:53:26 issc lightdm: PAM adding faulty module: pam_kwallet.so
Jul 28 11:53:26 issc lightdm: pam_succeed_if(lightdm:auth): requirement "user ingroup nopasswdlogin" not met by user "scicomp"
Jul 28 11:53:29 issc lightdm: PAM unable to dlopen(pam_kwallet.so): /lib/security/pam_kwallet.so: cannot open shared object file: No such file or directory
Please help me, i tried many tutorial online and every tutorial looks like same ,like this one.I am trying from last 2 weeks its not working.Thank you for your time.
You need to install and configure autofs for this to work. autofs will automatically mount user's home directories on the client machine from an NFS server. I'm not sure about creating them on the server on the fly, but if it does work, you will likely need to enable the pam_mkhomedir module in the appropriate /etc/pam.d file(s), as described here
Yep! I tried and worked for me.
**Server Side :** Package require to install :
$ sudo apt-get install nfs-kernel-server
Updated in below file like this
abdulrahim#issc-ldap:/ldap/batch2016part2$ sudo vi /etc/exports
#/homes 198.1.10.*(fsid=0,rw,insecure,no_subtree_check,sync)
/ldap/batch2015part1/home 198.1.10.*(fsid=1,rw,insecure,no_subtree_check,sync)
/ldap/batch2015part2/home 198.1.10.*(fsid=2,rw,insecure,no_subtree_check,sync)
Exported as per below::::
abdulrahim#issc-ldap:/ldap/batch2016part2$ sudo exportfs -r
root#issc-ldap:/ldap/rnd# showmount -e 198.1.10.45
Export list for 198.1.10.45:
/ldap/batch2015part1/home
/ldap/batch2015part2/home
**On Client Side :** Package require to install :
$ sudo apt-get install nfs-kernel-client
NOW ON CLIENT SIDE mount,permission ,ownership::::::
$ sudo gedit /etc/fstab
#####below are partition mounted from server
198.1.10.45:/ldap/batch2015part1/home /ldap/batch2015part1/home nfs nfsvers=3,sync 0 3
198.1.10.45:/ldap/batch2015part2/home /ldap/batch2015part2/home nfs nfsvers=3,sync 0 4
### or like this below
198.1.10.45:/ldap/batch2015part1/home /ldap/batch2015part1/home nfs noauto,x-systemd.automount 0 3
198.1.10.45:/ldap/batch2015part2/home /ldap/batch2015part2/home nfs noauto,x-systemd.automount 0 4
Now mount all pertition from server side as per below : :::::
$ sudo mount -a
Check mounted partion by below commands
$ df -h
I am trying to install a laravel project in google compute engine with "Red Hat Enterprise Linux Server 7".
I followed this blog: http://tecadmin.net/install-laravel-framework-on-centos/
Completed the laravel project download, set up user permission for user "apache" and group "apache". After all this, I am getting error as
Error in exception handler: The stream or file "/var/www/html/project/app/storage/logs/laravel.log" could not be opened: failed to open stream: Permission denied in /var/www/html/project/bootstrap/compiled.php:9072
Who ever had the problem earlier, mentions the solution as set proper permission for the log files. I have verified that app/storage folder has correct permissions.
I know I am missing something very simple, but could not get this working.
Any help will be greatly appreciated.
UPDATE:
These are the permissions I have applied:
chown -R apache:apache project
chmod 775 project
chmod 775 project/app/storage
chmod -R 777 project/app/storage
And these are the permissions I can see for the folder:
drwxrwxr-x. 7 apache apache 4096 Dec 23 13:54
drwxrwxr-x. 7 apache apache 84 Dec 23 13:53 storage
-rwxrwxrwx. 1 apache apache 0 Dec 23 14:01 laravel.log
Not able to figure out if this is an issue with RHEL linux 7 issue. I gave up on this after a while and created a VM with centOS 6 which is now working properly. Thanks a lot #ykbks for helping me with this.
Needs to disable SELinux.
~]# cat /etc/sysconfig/selinux
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - SELinux is fully disabled.
SELINUX=disabled
# SELINUXTYPE= type of policy in use. Possible values are:
# targeted - Only targeted network daemons are protected.
# strict - Full SELinux protection.
SELINUXTYPE=targeted
# SETLOCALDEFS= Check local definition changes
SETLOCALDEFS=0
Changing the value of SELINUX to disabled changes the state of SELinux and the name of the policy to be used the next time the system boots.
Okay, so my setup:
Windows 8.1 host, CentOS 6.5 guest, Virtualbox 4.3.12
I have a folder in My Documents(Windows) that I use as a shared folder in my guest(CentOS), which is mounted in var/www/htdocs/shared
The purpose of this is to host my web project in the VM, but access and edit the files in Windows. And this works pretty well. The files in the shared folder can be accessed on my host and guest and can be edited as needed. I can access the web service in a browser from Windows just fine.
BUT, when I try to run the files in the shared folder from a browser, I get a 403 forbidden error. The permissions on the guest show as rwxrwxrwx, so I don't know why I don't have permission to access them in a browser, and I can't change these in CentOS.
The ways I mounted the drive is like this:
mount -t vboxsf shared shared
mount -t vboxsf -o rw,exec shared shared
mount -t vboxsf -o rw,exec,uid=1000,gid=1000 shared shared
I got the same results for each.
So, that's my issue. How can I access files in a Virtualbox shared folder from my browser on the host?
To change the permissions on the directory, you can use the dmode and fmode parameters in the mount statement:
mount -t vboxsf -o rw,dmode=775,fmode=775 shared shared
You don't need to specify the uid and gid, but you need to add the apache user to the vboxsf group:
usermod -G vboxsf apache
And finally, what actually made it work is you need to disable selinux. Now I can view/edit my files in Windows and let the VM serve them in a browser. The goal of this was to be able to develop on Windows, but let my web app run in an environment identical to the production server. Hopefully this helps someone.