Laravel and AWS Elastic Beanstalk - File Permissions - laravel

I've created a Laravel app and deployed it to an EC2 instance using Elastic Beanstalk. Everything seems to work except that PHP can't write to the storage directory so I get this error:
Error in exception handler: The stream or file "/var/app/current/site/app/storage/logs/laravel.log"
could not be opened: failed to open stream:
No such file or directory in /var/app/current/site/vendor/monolog/monolog/src/Monolog/Handler/StreamHandler.php:84
This looks like a permissions problem to me, so I've tried using the instructions at http://docs.aws.amazon.com/elasticbeanstalk/latest/dg/customize-containers-ec2.html to set the permissions.
I have one file 01permissions.config in the .ebextensions directory:
commands:
storage_permissions:
command: chmod -R 755 $EB_CONFIG_APP_ONDECK/site/app/storage
I get the following errors in server logs:
[ERROR] Command storage_permissions (chmod -R 755 $EB_CONFIG_APP_ONDECK/site/app/storage) failed
[DEBUG] Command storage_permissions output: chmod: cannot access ‘/site/app/storage’: No such file or directory
Any ideas what's going on here?

The issue was that I had ignored the logs directory so it wasn't on the server at all. It's not that the server couldn't write to it, it's that it didn't exist.
The default permissions for an instance created by Elastic Beanstalk are:
File 664
Dir 775
They are deployed and owned by the Apache user.

For anyone else with this problem... this would have worked:
container_commands:
01storage_permissions:
command: "chmod -fR 755 /var/app/ondeck/app/storage"

Related

Laravel - Every new day I have this error : failed to open stream: Permission denied

i tried by giving permission (775) to bootstrap/cache and storage folder - it works fine on that day but next day it gives error again with new created log file.
The stream or file "/var/www/public_html/myProject/storage/logs/laravel-2021-03-31.log" could not be opened in append mode: failed to open stream: Permission denied in /var/www/public_html/myProject/vendor/monolog/monolog/src/Monolog/Handler/StreamHandler.php:111
i found the solution here:
i have two users on linux server
1 : ubuntu
2 : www-data
i added ubuntu user to www-data group and same as wwww-data to ubuntu group.
so now both users can read there files,
second thing i did is -> i updated app/config/logging.php
and define the permissions (0666) for newly created log file for "daily" and "single".
This might help you:
sudo chown -R www-data:www-data /var/www/{laravel_project_name}
link:
https://dev.to/613596/permission-denied-for-laravel-8-storage-logs-solved-2021-12ld
You have permission issue in your path /var/www/public_html/myProject/storage/logs/.
Try to run the following command
Change the files/directories group to apache/nginx, I used www-data it's the default user of apache on Ubuntu (Use your http server user/group name instead of www-data)
sudo chown :www-data -R /var/www/public_html/myProject/storage/
Now change the file permission once again
sudo chmod 775 -R /var/www/public_html/myProject/storage/
You can also add UID, GID, SID to handle more efficiently

Laravel on ElasticBeanstalk 'log file permission denied' error keeps coming up even the permission is set in the .ebextensions config file

I am deploying my Laravel application to the ElasticBeanstalk environment. But I am having issue with laravel.log file permissions.
I deployed my application using "eb deploy" command. After I deployed, I access my application. But it is throwing the following error.
The stream or file "/var/app/current/storage/logs/laravel.log" could not be opened: failed to open stream: Permission denied
To solve the issue, I ssh into the server and run the following command.
sudo -u root chmod 777 -R /var/app/current/storage/logs
The problem is solved. Now my application is working. But I deploy my application again running "be deploy" command. After the deployment, the issue popped up again. To solve the issue in a consistent way. I tried to run the command in the .ebextensions config file as follow.
container_commands:
01-migrations:
command: "php artisan migrate --force"
02-log-storage-permissions:
command: "sudo -u root chmod -R 777 /var/app/current/storage/logs/"
I could deploy my application. But the issue still persists. It seems like the command is not working. What is wrong with my configuration and how can I fix it?
I believe that this is because container_commands run when your application is in the staging folder. Thus, after you run 02-log-storage-permissions, your /var/app/current will be replaced anyway with the staging folder. So your chmod wont persist.
To rectify the issue, you can try one of the two options:
Use
02-log-storage-permissions:
command: "sudo -u chmod -R 777 ./storage/logs/"
to change the logs in staging folder.
use postdeploy hook to run your script:
after the Elastic Beanstalk platform engine deploys the application and proxy server.

"laravel.log could not be opened" error on Elastic Beanstalk

I've deployed a Laravel application on AWS ElasticBeanstalk (PHP 7.3 running on 64bit Amazon Linux/2.9.7).
The application runs fine when it does, but randomly throws following error for few requests.
PHP Fatal error: Uncaught UnexpectedValueException: The stream or
file "/var/app/current/storage/logs/laravel.log" could not be opened:
failed to open stream: Permission denied in
/var/app/current/vendor/monolog/monolog/src/Monolog/Handler/StreamHandler.php:110\nStack
trace:\n#0
/var/app/current/vendor/monolog/monolog/src/Monolog/Handler/AbstractProcessingHandler.php(42):
Monolog\Handler\StreamHandler->write(Array)\n#1
/var/app/current/vendor/monolog/monolog/src/Monolog/Logger.php(323):
Monolog\Handler\AbstractProcessingHandler->handle(Array)\n#2
/var/app/current/vendor/monolog/monolog/src/Monolog/Logger.php(541):
Monolog\Logger->addRecord(400, 'Unhandled Excep...', Array)\n#3
/var/app/current/vendor/laravel/framework/src/Illuminate/Log/Logger.php(174):
Monolog\Logger->error('Unhandled Excep...', Array)\n#4
/var/app/current/vendor/laravel/framework/src/Illuminate/Log/Logger.php(87):
Illuminate\Log\Logger->writeLog('error', 'Unhandled Excep...',
Array)\n#5
/var/app/current/vendor/laravel/framework/src/Illuminate/Log/LogManager.php(54
in
/var/app/current/vendor/monolog/monolog/src/Monolog/Handler/StreamHandler.php
on line 110
I dont understand why it throws error for some requests only and not others. Nonetheless i tried applying the permissions to the storage and bootstrap folders as suggested by few posts through .ebextensions as below but did not get it working.
"/opt/elasticbeanstalk/hooks/appdeploy/post/99_make_storage_writable.sh":
mode: "000755"
owner: root
group: root
content: |
#!/usr/bin/env bash
echo "Making /storage and /bootstrap writeable..."
chmod -R 777 /var/app/current/storage
chmod -R 777 /var/app/current/bootstrap
Can someone please help me here? I'm new to Laravel and AWS both and very confused as to what might be wrong here.
The problem is your setting the owner to root:root and the apache user is ec2-user.
When you delete the existing log, the correct user will create the new log and it'll work as needed. You could also chown the files to the ec2-user and that would work too.

xampp ubuntu laravel The stream or file "/storage/logs/laravel log" could not be opened: failed to open stream: Permission denied

installed laravel on my xampp installation on ubuntu. opened it in browser. got the error:
The stream or file /storage/logs/laravel log could not be opened: failed to open stream: Permission denied
how to fix? (i've already found an answer, will post right now)
the problem is that the user under which the apache runs doesn't have access to the folder. in xampp on ubuntu, the user of main apache process is root. but apache workers run under daemon user. the solution is to grant daemon access to the /storage dir. (if you'll only grant to /storage/logs than you'll fix this error, but the same error will occur with sibling dirs. thus the storage itself folder:
sudo chown -R daemon /path-to-your-project/storage
now the daemon user has access to this folder (and you don't but do you need it?
if you have better solutions, please feel free to share them here!
Add to composer.json
"scripts": {
"post-install-cmd": [
"chgrp -R www-data storage bootstrap/cache",
"chmod -R ug+rwx storage bootstrap/cache"
]
}
Then run composer install or update solve your issue

Laravel 5.5: laravel.log could not be opened: Permission denied

I'm trying to run a simple Laravel command line on my Elastic Beanstalk instance: php artisan queue:work
But I keep getting the following error:
In StreamHandler.php line 107:
The stream or file "/var/app/current/storage/logs/laravel.log" could
not be opened: failed to open stream: Permission denied
I've tried every solution I can find on SO (except the chmod -R 777 advice that seems to trail this question everywhere).
I've tried deleting the existing laravel.log and then using touch to create a new one, and then making sure webapp is the owner.
I've also tried:
sudo chmod -R 755 /var/app/current/storage/
sudo chown -R webapp /var/app/current/storage/
When I list the logs directory, everything looks as I think it should:
-rwxr-xr-x 1 webapp webapp 0 Apr 4 14:38 laravel.log
The storage directory also looks fine:
drwxr-xr-x 6 webapp webapp 4096 Apr 3 19:33 storage
But I'm still getting the above error! Can anyone explain why (not just give a solution).
Thank you
So the simple answer is that I was running the command as ec2-user. As a solution, I could either:
Change the ownership of laravel.log to ec2-user
Run the command as the owner (eg. sudo -u webapp php artisan queue:work)
Switch to root with sudo su to see how it would be run during deployment (ie. as root)
Nothing was especially wrong.
When you log into an EBS instance via ssh, you're logged in as ec2-user.
I don't believe the ec2-user is part of the webapp group which is actually executing PHP & apache/nginx.
Try adding your ec2-user to the webapp group by creating an ebextension in the root of your Laravel project under .ebextensions/ec2user.config
users:
ec2-user:
groups:
- webapp
Prove this is the problem by turning off selinux with the command
sudo setenforce 0
This should allow writing, but you've turned off added security server-wide. That's bad. Turn SELinux back
sudo setenforce 1
Then finally use SELinux to allow writing of the file by using this command
sudo chcon -R -t httpd_sys_rw_content_t storage
And you're off!

Resources