In the past I thought I was just crazy. I may be, but my production log is not at all responding to some requests. I am POSTing images to my rails app from a mobile client, then GETting a refreshed view in a web browser. The changed record is plainly visible. None of the above is showing up in my production log, but similar requests were logged an hour ago. I haven't changed any config files. I haven't restarted my server. Any suggestions as to why this is happening?
Check what value is set to
config.log_level = :warn
in your
/rails_app/config/enviroments/production.rb
FYI
The available log levels are: :debug,
:info, :warn, :error, :fatal.
So if you set the level to fatal only serious errors will be logged. If you set it to debug almost everything will be logged. By default in production it is set to warn. This is with good reason. As you don't want huge log files piling up on your production server for no reason.
In my case first i added config.log_level = :debug to production.rb file then i had to create the production.log file (in the log folder), then giving appropriate permissions with chmod command.
In my case I had the following gem rails_12factor in my Gemfile for production.
So I had to
Remove rails_12factor from my Gemfile
gem uninstall rails_12factor
bundle install
And on the next push to production the logs worked for me. FYI: I am using rails 5.2.1, but the rails web app started in rails 3.
Low memory is the most likely cause that I have been able to come up with. I will post here if I can prove it.
I solved the Problem by putting
Rails.logger.instance_variable_get(:#logger).instance_variable_get(:#log_dest).sync = true if Rails.logger
into my config/initializers/...
I was having the same problem. Tried everything out there on this website.
Finally i checked the value of Rails.logger in console. It gave following output.
#<RailsStdoutLogging::StdoutLogger:0x00007fe3b5bc3540
#default_formatter=#<Logger::Formatter:0x00007fe3b5bc3658 #datetime_format=nil>,
#formatter=#<ActiveSupport::Logger::SimpleFormatter:0x00007fe3b5bc34c8 #datetime_format=nil>,
#level=0,
#logdev=
#<Logger::LogDevice:0x00007fe3b5bc3608
#dev=#<IO:<STDOUT>>,
#filename=nil,
#mon_count=0,
#mon_mutex=#<Thread::Mutex:0x00007fe3b5bc35b8>,
#mon_mutex_owner_object_id=70307991657220,
#mon_owner=nil,
#shift_age=nil,
#shift_period_suffix=nil,
#shift_size=nil>,
#progname=nil>
Then I crosschecked with some other rails project and that gave the below output
#<ActiveSupport::Logger:0x00005566367b77c0 #level=0,
#progname=nil,
#default_formatter=#<Logger::Formatter:0x00005566367b7950 #datetime_format=nil>, #formatter=#<Logger::Formatter:0x00005566367b7770 #datetime_format=nil>,
#logdev=#<Logger::LogDevice:0x00005566367b7900 #shift_period_suffix=nil, #shift_size=nil,
#shift_age=nil, #filename=nil,
#dev=#<File:/home/rajanverma/workspace/aarvy/log/production.log>,
#mon_mutex=#<Thread::Mutex:0x00005566367b7888>, #mon_mutex_owner_object_id=46948744543360,
#mon_owner=nil, #mon_count=0>>
You can clearly see that both projects were using different loggers to show output. I don't want to output log on STDOUT so I changed my logger to ActiveSupport by creating an initializer file.
config/initializer/logger.rb
Rails.logger = ActiveSupport::Logger.new('log/production.log')
Now it started logging on production.log.
EDIT: I tried doing the same in production.rb, but don't know why it always got overwritten. So i decided to put in initializer. I don't know weather it has any performance issues. Also I don't know how it was changing automatically to #<RailsStdoutLogging::StdoutLogger:0x00007fe3b5bc3540 as writing on production.log should be a default behaviour. Please let me know if you know better reason.
I had the same problem related to production log.
To trace back issue with web server:
tail -f /var/log/apache2/error.log
Message from application: Permission denied - /var/www/APPLICATION-NAME/log/invitation.log (Errno::EACCES)
cd /var/www/APPLICATION-NAME/log
using the comman ll you will get log permissions
total 28
drwxr-sr-x 2 www-data www-data 4096 Sep 18 03:55 ./
drwxrwsr-x 14 www-data www-data 4096 Sep 24 23:52 ../
-rw-r--r-- 1 root www-data 71 Sep 18 03:55 agent_invitation.log
-rwxrwxrwx 1 root www-data 71 Sep 18 03:55 email.log*
-rw-r--r-- 1 root www-data 71 Sep 18 03:55 invitation.log
-rw-r--r-- 1 root www-data 71 Sep 18 03:55 messages.log
-rw-r--r-- 1 root www-data 51 Sep 13 01:32 production.log
Solution:
Have to change owner from root to other user:
chown www-data:www-data ./ -R
Now use ll to see the permissions
total 28
drwxr-sr-x 2 www-data www-data 4096 Sep 18 03:55 ./
drwxrwsr-x 14 www-data www-data 4096 Sep 24 23:52 ../
-rw-r--r-- 1 www-data www-data 71 Sep 18 03:55 agent_invitation.log
-rwxrwxrwx 1 www-data www-data 71 Sep 18 03:55 email.log*
-rw-r--r-- 1 www-data www-data 71 Sep 18 03:55 invitation.log
-rw-r--r-- 1 www-data www-data 71 Sep 18 03:55 messages.log
-rw-r--r-- 1 www-data www-data 51 Sep 13 01:32 production.log
Restart you web server:
sudo service apache2 restart
now check production logs.
Related
Somehow I've made an error where my Perl files, located on a Linux server, must be set at 775 for me to edit them via Sublime, on my Windows laptop.
I can change the files to 755 and they'll run properly, but I can't edit them unless they're set to 775. When I try to save them I get a Permission Denied error.
Everything is owned by www-data
drwxr-xr-x 2 www-data www-data 4096 Jun 10 08:00 cgi-bin
The Perl file within cgi-bin directory is as well
-rwxr-xr-x 1 www-data www-data 960 Jun 10 01:22 perly.pl
When I log in via the Sublime editor I log in as the original user I created my server with "danny", and he is a member of the www-data group.
Can anyone figure out where I making a mistake or the wrong assumption?
I'm trying to setup a minecraft server for my kid and screen is giving me fits. I've been following this tutorial and I've already consulted this AskUbuntu answer. I'm running on Ubuntu 16.04.5 x64. I have created the following Service file and linked it to /etc/systemd/system/minecraft.service.
[Unit]
Description=Minecraft Server
Documentation=
Wants=network.target
After=network.target
[Service]
User=minecraft
Group=minecraft
Nice=5
EnvironmentFile=-/var/minecraft/unit.conf
KillMode=none
SuccessExitStatus=0 1
ProtectHome=true
ProtectSystem=full
PrivateDevices=true
NoNewPrivileges=true
PrivateTmp=true
InaccessibleDirectories=/root /sys /srv -/opt /media -/lost+found
ReadWriteDirectories=/var/minecraft/server /usr/bin/screen
WorkingDirectory=/var/minecraft/server
#ExecStartPre= /usr/bin/screen -dmS Minecraft
ExecStart= /usr/bin/screen -dm -S Minecraft '/usr/bin/java -Xmx1500M -Xms1024M -jar /var/minecraft/server/craftbukkit-1.13.jar'
ExecStop=/usr/bin/screen -S minecraft -p 0 -X stuff "stop^M"
[Install]
WantedBy=multi-user.target
When I monitor the service startup, I get the following in the journalctl logs:
Aug 05 14:55:41 spigot-1 systemd[1]: Started Minecraft Server.
Aug 05 14:55:41 spigot-1 screen[9869]: No screen session found.
Per the SO post I referenced, I already changed the permissions in /var/run/screen. This is the current setup:
root#spigot-1:/var/minecraft/server# ls -alR /var/run/screen/
/var/run/screen/:
total 0
drwxrwxrwx 4 root root 80 Aug 5 14:12 .
drwxr-xr-x 23 root root 860 Aug 5 14:11 ..
drwx------ 2 minecraft minecraft 40 Aug 5 14:55 S-minecraft
drwx------ 2 root root 40 Aug 5 14:50 S-root
/var/run/screen/S-minecraft:
total 0
drwx------ 2 minecraft minecraft 40 Aug 5 14:55 .
drwxrwxrwx 4 root root 80 Aug 5 14:12 ..
/var/run/screen/S-root:
total 0
drwx------ 2 root root 40 Aug 5 14:50 .
drwxrwxrwx 4 root root 80 Aug 5 14:12 ..
** Debug Notes **
You'll see the commented ExecStartPre command in there... all that happens if I try to start the screen session with that command is I get a second 'No screen session found' error.
I can launch the server from the command line using 'screen -dmS Minecraft [..]' and reattach. I can do this both as root and as the 'minecraft' user.
Any help would be greatly appreciated
I don't have Ubuntu to hand, but I tried something similar on Fedora 24 and had a similar error. To investigate I added an strace to the screen command and removed PrivateTmp so that I could get the trace output.
ExecStart=/bin/strace -o /tmp/s -f screen -dm -S me bash -c 'sleep 999'
In the output I found that at the end, screen was trying to open a pseudo-tty and failed to do so:
open("/dev/ptmx", O_RDWR) = -1 EACCES (Permission denied)
...
write(1, "No more PTYs.\r\nSorry, could not "..., 52) = 52
I added some ls -l /dev commands to the Unit to see what the effect of the PrivateDevices=true option had been. There was indeed a /dev/ptmx file, but unlike my real /dev it was a symbolic link to /dev/pts/ptmx, instead of just being the special character device. For some reason on my system I have:
$ ls -l /dev/ptmx /dev/pts/ptmx
crw-rw-rw- 1 root tty 5, 2 Aug 6 14:29 /dev/ptmx
c--------- 1 root root 5, 2 Jun 27 08:29 /dev/pts/ptmx
(This is probably a bug depending on the version of systemd and udev.)
So when /dev/ptmx is replaced in the private namespace by a symbolic link to /dev/pts/ptmx, you can no longer open a new pty. A simple fix for testing was sudo chmod a+rw /dev/pts/ptmx which indeed made the Unit work and start the screen process.
This may not be the case for you, but you could undertake a similar debug method to try to find the problem.
I'm setting up a new website on a new Ubuntu droplet at Digital Ocean. I set this up previously on a different droplet and rsynced the website contents to it. I followed directions I found on the web, but didn't keep detailed-enough notes. I'm just trying to replicate this on the new Droplet. But I've messed up somehow. My knowledge of permissions, etc. is rudimentary :-(
My server has: /var/www/html
This is what I did:
• sudo usermod -a -G www-data [myusername]
• sudo chown -R www-data:www-data /var/www
• sudo chmod -R g+rw /var/www
• sudo chmod -R g+rws /var/www
I then created “/var/www/howardmann.us/public_html” for my website.
(I didn't put the public_html directory in var/www/html. I didn't on my other Droplet. Perhaps I should.)
sudo ls -la /var/www
total 16
drwxrwsr-x 4 www-data www-data 4096 Feb 25 15:43 .
drwxr-xr-x 14 root root 4096 Feb 24 14:27 ..
drwxr-sr-x 3 root www-data 4096 Feb 25 15:43 howardmann.us
drwxrwsr-x 2 www-data www-data 4096 Feb 25 15:42 html
sudo ls -la /var/www/howardmann.us/public_html
total 8
drwxr-sr-x 2 root www-data 4096 Feb 25 15:43 .
drwxr-sr-x 3 root www-data 4096 Feb 25 15:43 ..
Now, excerpts of rsync script (successful to my other Droplet) result from my laptop now:
1.
howardm$ ./deploy.sh
sending incremental file list
rsync: failed to set times on "/var/www/howardmann.us/public_html/.": Operation not permitted (1)
rsync: recv_generator: mkdir "/var/www/howardmann.us/public_html/css" failed: Permission denied (13)
* Skipping any contents from this failed directory *
3.
rsync: mkstemp "/var/www/howardmann.us/public_html/.DS_Store.8zaaQg" failed: Permission denied (13)
Question: How do I fix ownership and permissions on the server directories for 1) proper permissions for a website and 2) permit a rsync deploy?
For comparison, here is the status of my current working web site on the other Droplet:
howardm#howardmann:~$ ls -la /var/www/
total 20
drwxrwxr-x 5 howardm www-data 4096 Mar 5 2016 .
drwxr-xr-x 13 root root 4096 Mar 28 2015 ..
drwxrwxr-x 4 howardm www-data 4096 Jun 8 2016 howardmann.us
drwxrwxr-x 2 howardm www-data 4096 Mar 29 2015 html
Thanks!
Howard
Well, I fixed this after reading some more about permissions for a website.
My website folder is titled howardmann.us, which contains a public_html folder with the website contents.
So: /var/www/howardmann.us/public_html. (/var/www also contains a html directory)
I achieved the relevant ownership/permissions with:
sudo chown -R howardm:www-data /var/www/
I'm the owner, and www-data the group.
sudo usermod -a -G www-data [myusersername]
I'm a member of the www-data group
sudo chmod -R 2775 /var/www/
This yields the proper permissions, I believe for a web site.
I made sure the same owner:group applied to all these directories:
ls -l /var/www
total 8
drwxr-sr-x 3 howardm www-data 4096 Feb 26 19:23 howardmann.us
drwxrwsr-x 2 howardm www-data 4096 Feb 25 15:42 html
ls -l /var/www/howardmann.us
total 4
drwxr-xr-x 11 howardm www-data 4096 Feb 5 2017 public_html
Now rsync works without errors.
If anyone believes these ownership/permissions for a website are (substantially) improper, please comment.
Howard
I downloaded nagiosql_320.tar.gz and installed NagiosQL. When I click on check configuration file, it shows error as:
Cannot find the Nagios binary or no execute permissions!
I created symlink as below for nagios binary with following permission.
lrwxrwxrwx 1 root root 28 Jul 5 16:07 /usr/sbin/nagios -> /usr/local/nagios/bin/nagios
-rwxr-x--- 1 nagios apache 692624 Jun 27 14:40 /usr/local/nagios/bin/nagios
How can I correct the error?
chmod +x /usr/local/nagios/bin/nagios and try again
I'm using Docker to run an Apache instance. My docker file goes something like this:
FROM ubuntu
MAINTAINER your.face#gmail.com
RUN cat /etc/passwd
RUN cat /etc/group
RUN apt-get update && apt-get install -yq apache2 php5 libapache2-mod-php5 php5-mysql
RUN apt-get install -yq openssh-server
RUN mkdir /var/run/sshd
ENV APACHE_RUN_USER www-data
ENV APACHE_RUN_GROUP www-data
ENV APACHE_LOG_DIR /var/log/apache2
EXPOSE 80
ADD config/apache2/000-default.conf /etc/apache2/sites-available/000-default.conf
ADD config/php5/php.ini /etc/php5/apache2/php.ini
ADD config/start.sh /tmp/start.sh
ADD src /var/www
RUN chown -R root:www-data /var/www
RUN chmod u+rwx,g+rx,o+rx /var/www
RUN find /var/www -type d -exec chmod u+rwx,g+rx,o+rx {} +
RUN find /var/www -type f -exec chmod u+rw,g+rw,o+r {} +
#essentially: CMD ["/usr/sbin/apache2ctl", "-D", "FOREGROUND"]
CMD ["/tmp/start.sh"]
However, when I build the container and run it, I only ever get 403 errors.
Notice that I've specified that Apache should run as www-data in www-data group, and that /var/www has been recursively chownd to belong to root:www-data.
Also, all directories are searchable and readable, and all files are readable and writeable by the www-data group (well, according to ls -la and namei -m they are anyways).
How do I fix these permissions issues? I cant figure it out.
Actual error from the Apache error.log:
[Fri May 23 18:33:27.663087 2014] [core:error] [pid 14] (13)Permission denied: [client 11.11.11.11:61689] AH00035: access to /index.php denied (filesystem path '/var/www/index.php') because search permissions are missing on a component of the path
EDIT:
output of ls -laR /var/www at the end of the Dockerfile:
Step 21 : RUN ls -laR /var/www
---> Running in 74fd3609dfc8
/var/www:
total 1036
drwxr-xr-x 67 root www-data 4096 May 23 18:38 .
drwxr-xr-x 26 root root 4096 May 23 18:38 ..
-rw-rw-r-- 1 root www-data 28 May 23 12:22 .gitignore
-rw-rw-r-- 1 root www-data 501 May 23 12:22 .htaccess
-rw-rw-r-- 1 root www-data 7566 May 23 12:22 index.php
Output of namei -m /var/www/index.php at the end of the Dockerfile:
Step 22 : RUN namei -m /var/www/index.php
---> Running in 1203f0353090
f: /var/www/index.php
drwxr-xr-x /
drwxr-xr-x var
drwxr-xr-x www
-rw-rw-r-- index.php
EDIT2
After trying a whole bunch of things, including chmod -R 777 just to see if I could get anything to work, I tried putting the source files added from the Dockerfile into /var/www/html, the default location for Apache files to be served.
I matched the default file permissions exactly (I think), and it still isn't working. The default index.html that comes with Apache loads just fine, but the added src folder still have a 403 access denied error.
I changed the Dockerfile to ADD src /var/www/html/src and the permissions were set using:
RUN find /var/www/html -type d -exec chmod u+rwx,g+rx,o+rx {} +
RUN find /var/www/html -type f -exec chmod u+rw,g+r,o+r {} +
No luck. Below is some of the output of ls -laR on /var/www. Notice that the permissions for the html folder and index.html that come with an apache2 install match those of the added src folder:
Step 19 : RUN ls -laR /var/www/
---> Running in 0520950d0426
/var/www/:
total 12
drwxr-xr-x 6 root root 4096 May 23 19:23 .
drwxr-xr-x 24 root root 4096 May 23 19:23 ..
drwxr-xr-x 5 root root 4096 May 23 19:23 html
/var/www/html:
total 24
drwxr-xr-x 5 root root 4096 May 23 19:23 .
drwxr-xr-x 6 root root 4096 May 23 19:23 ..
-rw-r--r-- 1 root root 11510 May 23 18:28 index.html
drwxr-xr-x 47 root root 4096 May 23 19:23 src
/var/www/html/src:
total 1032
drwxr-xr-x 47 root root 4096 May 23 19:23 .
drwxr-xr-x 5 root root 4096 May 23 19:23 ..
-rw-r--r-- 1 root root 28 May 23 12:22 .gitignore
-rw-r--r-- 1 root root 501 May 23 12:22 .htaccess
-rw-r--r-- 1 root root 7566 May 23 12:22 index.php
Perhaps chmod doesn't work quite the way I thought it does??
EDIT3
A final bit of information. The Docker container is being built by buildbot, which I've been assuming runs as root. I haven't been able to reproduce this scenario without using buildbot to do the building.
Building everything via sudo docker build -t apache . type commands on my laptop works fine, but the problems arise when buildbot does it. No idea why :^/
I just ran into this after posting a similar question at Running app inside Docker as non-root user.
My guess is you can't chmod/ chown files that were added via the ADD command. – thom_nic Jun 19 at 14:14
Actually you can. You just need to issue a a RUN command after the ADD for the file location that will be INSIDE your container. For example
ADD extras/dockerstart.sh /usr/local/servicemix/bin/
RUN chmod 755 /usr/local/bin/dockerstart.sh
Hope that helps. It worked for me.
I encountered a similar issue; however my container was using VOLUME to map directories across the container.
Changing the permissions on the directory that maps to /var/www/html itself remedied the 403 Forbidden errors.
docker-host$ ls -ld /var/www/html
drwxr--r-- 53 me staff 1802 Mar 8 22:33 .
docker-host$ chmod a+x /var/www/html
docker-host$ ls -ld /var/www/html
drwxr-xr-x 53 me staff 1802 Mar 8 22:33 .
Note that chmod must be applied on the Docker host, not within the container. Executing it within the container effects no change to the directory.
docker-container$ chmod a+x /var/www/html
docker-container$ ls -ld /var/www/html
drwxr--r-- 53 me staff 1802 Mar 8 22:33 .