As per numerous references online, Laravel documentation, and scouring answers here on SO, I am a bit baffled as to why I have set my directory permissions precisely as expected, but still am getting "Permission Denied" fatals.
I have applied the following to the storage & bootstrap/cache directories.
chown -R apache:apache storage bootstrap/cache
chmod -R ug+rwx storage bootstrap/cache
Just shy of being a total security idiot and 777'ing those directories...which I will NOT do. (So, please do not even bother offering that as a suggestion!) I'm at a loss for what could still be wrong here.
Anyone else dealt with this?
GAME CHANGER UPDATE
NOTE: I just discovered the cause. Which drastically changes the scope of this question now. It seems that selinux was the issue. When I did setenforce 0, this fixed the problem.
So, now the question is what do I need to do in selinux to make this work without disabling selinux entirely?
Okay...so, it seems that the answer lies in setting up selinux to allow apache to have rw access to directories. (All commands ran as root)
First, run this command (assuming an OS of RHEL/Centos);
chcon -R -t httpd_sys_rw_content_t /path/to/web/root
Then make that change persistent with this command;
semanage fcontext -a -t httpd_sys_rw_content_t "/path(/.*)?"
This fixed my problem!
Solution found here;
SELinux Apache Setup for Web Servers
Related
I have a couple of projects on a homestead box.
last week i cloned a project from git and i noticed that when the logger was called the logfile was created and written to but the second time it complained it had no write access.
I didnt pay attention to it much because i was in a hurry, so i just deleted the log everytime.
But now, returning to a laravel 6 project i worked on previously i see the same problem suddenly occur.
This time is different, instead of not being able to write to existing logs, this time its also not able to create the logs.
I did a 777 on the storage dir and the log file error went away but now it complains it cant write session files?!
ErrorException
file_put_contents(/home/vagrant/code/laravel6_project/storage/framework/sessions/hA3459VveGgYn761YijeEBcQgNylx0mToIRyLhkR):
failed to open stream: Permission denied
Why would something that worked fine suddenly break in regard to permissions.
I dont want to go on and chmod 777 everything everytime over and over again.
All files have owner: vagrant:vagrant and this is what it always was as far as i can tell.
anyway, i figured perhaps something changed with an update or something so now in the vagrant machine i tried
sudo chmod -R vagrant:www-data
but its being ignored... folder is still vagrant:vagrant.
stumped...
There are lots of questions on this exact problem with many more times of different suggested solutions but none work for me.
Im starting to suspect the virtual machine is corrupted or something..
any ideas?
someone suggested to check if perhaps the wrong user was specified in:
/etc/php/7.3/fpm/pool.d/www.conf
perhaps it said user = www-data instead of user = vagrant
all the other versions like:
/etc/php/7.1/fpm/pool.d/www.conf
/etc/php/7.2/fpm/pool.d/www.conf
/etc/php/7.4/fpm/pool.d/www.conf
indeed all had: user = vagrant but the /var/log/php7.3-fpm.log says:
user = www-data
so i was very confident i had found the problem but after changing it to user=vagrant and restarting apache still the same error.
going nuts...
So,
editing the /etc/php/7.3/fpm/pool.d/www.conf and setting:
user = vagrant
group = vagrant
fixed it , but only after restarting the VM!
simply doing:
sudo apachectl restart
somehow didn't cut it.
I can edit other users but when trying to edit the built in super user in order to add 2 factor authentication I get 500 Internal Server Error.
Ideas?
Weirdly seems to be resolved with permission changes ie selinux.
sudo chcon -R -t httpd_sys_rw_content_t /var/www/html
use at own risk
I've setup a project more than a month ago and all of a sudden (this afternoon) I started getting the following error:
ErrorException in Filesystem.php line 111: file_put_contents(/var/www/html/project/api/storage/framework/cache/d8/00/d800874b5dc22b961e0ee92f8d1c5a09c24ee911): failed to open stream: No such file or directory
I've done research and tried the following with no success:
php artisan cache:clear
chmod -R 777 storage (I know this is not ideal)
composer update
Nothing is working. Before the chmod I was getting a permission error. I'm tapped out of ideas. Does anyone know what is causing this and how to resolve it?
You gave 777 to /storage folder but did you also make sure it's in same group as apache server is running?
Generally apache is in www-data group, add storage and bootstrap folder to be written by this group:
chgrp -R www-data /storage /bootstrap
Assign current user and group permission to read and write:
chmod -R ug+rw /storage /bootstrap
I'm 99% sure this will do it.
My server runs CentOS 7 and somehow Selinux was set to enforcing which breaks Laravel for some reason. I remember changing it when I first set up Laravel, but somehow it reverted back.
So setting it to permissive or disabled fixed it for me.
https://www.centos.org/docs/5/html/5.2/Deployment_Guide/sec-sel-enable-disable.html
I've installed Symfony on Mac Os X and do:
chmod -R 777 app/cache app/log
Try do this:
php app/console cache:clear
And get back error:
[RuntimeException]
Unable to write in the "/Users/anton/Sites/local/Symfony/app/cache/dev" directory
Try to fix it! Thanks!
If you are on Mac you can use ACL as it is explained here.
From the project directory:
sudo chmod +a "_www allow delete,write,append,file_inherit,directory_inherit" app/cache app/logs
sudo chmod +a "whoami allow delete,write,append,file_inherit,directory_inherit" app/cache app/logs
_www in the first line is the name of which is running the web server
You have to change whoami in the second line as it is you when you type php app/console cache:clear. (usually the name of your home folder)
Apparently your web server (apache?) already created some files or dirs in the cache folder (so they are owned be the web servers user, probably www-data). In this case a chmod isn't enough, you have to execute a chown -R anton app/cache app/log.
To avoid the general problem of different owners of different cache files, your console user and the user executing php for the web server should be the same. There are different ways to accomplish this. You could:
Change your apache configuration, so the apache runs with your user (anton) rather than www-data
Drop mod_php and use php5-fpm instead (and configure it to use your user)
Use fast_cgi
I restored my Mac form a Time Machine backup, and now I can't check files into my svn repo.
I have tried svnadmin recover, but it fails:
svnadmin: Can't open file 'WriteAssist/db/write-lock': Permission denied
The directory is owned by the "admin" user that I set up for bootstrapping the machine. My current user is "andersprivat".
Should I just chown the entire tree? Doing a chmod 777 would presumably work, but seems like a big security hole.
In the end svnadmin recover appeared to do nothing at all for me.
I ended up having to chmod -R 777 all the files to be allowed to check in at all, then manually handling all in-flight issues. Did not leave me loving svn any more than I already did. When it works it's great, but getting it up when it has stumbled is a b*tch.