I can edit other users but when trying to edit the built in super user in order to add 2 factor authentication I get 500 Internal Server Error.
Ideas?
Weirdly seems to be resolved with permission changes ie selinux.
sudo chcon -R -t httpd_sys_rw_content_t /var/www/html
use at own risk
Related
I have a dedicated server running CentOS.
I have installed
WHM/Cpanel. On my server, I have a domain (example.com) and a user
(example).
The website domain example.com points to /home/example/public_html/. However, my project is Laravel, so the index point is in /public. I need to change the document root from
/home/example/public_html/ to /home/example/public_html/public
I ran the following commands:
nano /var/cpanel/userdata/example/example.com
nano /var/cpanel/userdata/example/example.com_SSL
rm -vf /var/cpanel/userdata/example/example.com.cache
rm -vf /var/cpanel/userdata/example/example.com_SSL.cache
/scripts/updateuserdatacache
/scripts/rebuildhttpdconf
service httpd restart
The problem:
When I run these commands, I see that nothing changed and I see DO NOT HAVE PERMISSION page of Laravel index.php (root not public).
When I run these commands for an empty project I see the results, and when I copy and paste the Laravel project I again see the permission denied page.
What is it?
As per numerous references online, Laravel documentation, and scouring answers here on SO, I am a bit baffled as to why I have set my directory permissions precisely as expected, but still am getting "Permission Denied" fatals.
I have applied the following to the storage & bootstrap/cache directories.
chown -R apache:apache storage bootstrap/cache
chmod -R ug+rwx storage bootstrap/cache
Just shy of being a total security idiot and 777'ing those directories...which I will NOT do. (So, please do not even bother offering that as a suggestion!) I'm at a loss for what could still be wrong here.
Anyone else dealt with this?
GAME CHANGER UPDATE
NOTE: I just discovered the cause. Which drastically changes the scope of this question now. It seems that selinux was the issue. When I did setenforce 0, this fixed the problem.
So, now the question is what do I need to do in selinux to make this work without disabling selinux entirely?
Okay...so, it seems that the answer lies in setting up selinux to allow apache to have rw access to directories. (All commands ran as root)
First, run this command (assuming an OS of RHEL/Centos);
chcon -R -t httpd_sys_rw_content_t /path/to/web/root
Then make that change persistent with this command;
semanage fcontext -a -t httpd_sys_rw_content_t "/path(/.*)?"
This fixed my problem!
Solution found here;
SELinux Apache Setup for Web Servers
I have this website. The problem I have is
The freelancer-ngohungphuc.rhcloud.com page isn’t working
freelancer-ngohungphuc.rhcloud.com is currently unable to handle this
request.
500
I develop this website using Laravel 5.1. So what I have to do to fix this error.
Although you can usually check logs to see why you are getting a 500 error, it would appear that this is due to insufficient permissions - which need to be set on the storage and bootstrap/cache folders (as per the docs).
The folders both need to be writeable by your web server, so whilst 777 permissions will definitely work 775 should be fine (and more secure).
Doing this via a command line can be done with the following command (run it with sudo if you need to elevate to root permissions) chomd 777 -R storage bootstrap/cache or chomd 775 -R storage bootstrap/cache.
Doing this via an FTP client is doable, generally speaking you can just right click on the folder and choosing to edit permissions from there.
In some instances, vendor may need to be done too - from my experiences anyway.
These folders are all inside the root project directory for your Laravel application.
Edit
Excerpt from bottom of error log:
PHP Parse error: syntax error, unexpected 'class' (T_CLASS), expecting identifier (T_STRING) or variable (T_VARIABLE)
This would indicate that the PHP version you are running is not >= 5.5.9 (one of the Laravel requirements).
This is confirmed in the screenshot shown of the OpenShift configuration. The version of PHP needs to be updated for Laravel to work - this wasn't just a permission issue.
I've a VPS with debian, apache 2.0, php, everything! (nope, just the essential).
I need to give acccess to some user to specific folder. (different, but base is /var/www/ and every user should have a personal folder)
I managed to create accounts that have a specific home, and can't "browse" up (hard... but i did searching in WHOLE google).
Well, they can't create, modify enything in that folder (their home).
If I try with one of these account, it gives me:
Response: 550 Rename failed.
Well, I think: permission error, than i do
chown user path
/etc/init.d/vsftpd restart
I enter with user in ftp, and try to login, error:
Response: 500 OOPS: vsftpd: refusing to run with writable root inside chroot()
eError: Critical error: Could not connect to server
Well, I've to chown root path to let user access againt to fpt.
Again, no right to edit/create/delete, I think: OK! chmod 777 the entire folder and sub..
Response: 500 OOPS: vsftpd: refusing to run with writable root inside chroot()
eError: Critical error: Could not connect to server
So, this is an impasse, and obviously I'm doing something wrong.
I've now googled the error, and found: edit vsftpd.conf adding:
allow_writeable_chroot=YES
allow_writable_chroot=YES
(Just in case I had vsftpd-ext instead of vsftpd)
Here how I created the account for ftp
1) /# useradd -d path -s /dev/null user > /dev/null 2>&1
2) Edited etc/shells file adding this: /dev/null
3) Edited etc/vsftpd.conf removig comment on
local_enable=YES
write_enable=YES
Thanks to anyone can help, and sorry if my english is really bad, but I think you should blame Italian School System... okok, my fault!
Solution
After a lot of trouble (really, A LOT!), i found what was the problem, and fixed:
Problem is Debian 7 + vsftpd 2.x
This vsftpd versione doesn't allow allow_writeable_chroot=YES
Fortunately some angel found this bug and created a fixed version of vsftpd.
To use it just:
Add
deb http://ftp.cyconet.org/debian wheezy-updates main non-free contrib
to sources.list with this command
echo "deb http://ftp.cyconet.org/debian wheezy-updates main non-free contrib" >> /etc/apt/sources.list.
aptitude update
aptitude install -t wheezy-updates debian-cyconet-archive-keyring vsftpd
echo "allow_writeable_chroot=YES" >> /etc/vsftpd.conf
/etc/init.d/vsftpd restart
After doing this you can create an account and use writable root inside chroot(), with the method I posted in question.
Thanks to The Frontier Group
I've installed Symfony on Mac Os X and do:
chmod -R 777 app/cache app/log
Try do this:
php app/console cache:clear
And get back error:
[RuntimeException]
Unable to write in the "/Users/anton/Sites/local/Symfony/app/cache/dev" directory
Try to fix it! Thanks!
If you are on Mac you can use ACL as it is explained here.
From the project directory:
sudo chmod +a "_www allow delete,write,append,file_inherit,directory_inherit" app/cache app/logs
sudo chmod +a "whoami allow delete,write,append,file_inherit,directory_inherit" app/cache app/logs
_www in the first line is the name of which is running the web server
You have to change whoami in the second line as it is you when you type php app/console cache:clear. (usually the name of your home folder)
Apparently your web server (apache?) already created some files or dirs in the cache folder (so they are owned be the web servers user, probably www-data). In this case a chmod isn't enough, you have to execute a chown -R anton app/cache app/log.
To avoid the general problem of different owners of different cache files, your console user and the user executing php for the web server should be the same. There are different ways to accomplish this. You could:
Change your apache configuration, so the apache runs with your user (anton) rather than www-data
Drop mod_php and use php5-fpm instead (and configure it to use your user)
Use fast_cgi