Based on a recommendation on stack overflow, i am giving yii framework a spin.
It appears that I am only able to gain shell access to my web server if I log in as root.
I am running through the tutorial, and am having a number of problems typical command to create a web app-
/usr/local/bin/php /home/testuser/public_html/yii/framework/yiic webapp /home/testuser/public_html/demo
Do I have to type /usr/local/bin/php EVERY TIME???
Do I have to type /home/testuser/public_html/yii/framework/yiic in full every time???
Do I have to yype /home/testuser/public_html/demo in full?
As I am logged in as ROOT, I have to chown every file / folder created by root to make the file viewable by testuser!!!
I create a new controller using yii. controller message helloWorld, yii does some funky stuff, but I can't do ANYTHING with the files without chown EVERYTHING!!!
I'm not too confident with SSH, and I know it's all a learning curve, but... having to change file permissions EVERY time, and having to type full directories every time is just a pain.
I know that there are some shortcuts that I will probably learn with time, but if anybody could give me some pointers to make my life about 1M times easier (considering my main objectives at present are to learn yii framework) linux/terminal/shell commands are currently secondary to my requirements.
Here's what I'd do, in this order:
1 - When you login as root issue the command su - testuser. This changes your effective user id and groupid to that of testuser, meaning, you now are operating as that user account. Your current directory should now be the testuser's home directory. To get back to root user just type exit.
2 - Try running php -v without the fullpath. If it prints out a version number then you don't have to use the fullpath to run php. If you get an error then you can add /usr/local/bin to your PATH environment variable in your .profile file which is present in testuser's home directory. If the .profile doesn't exist then you can create it.
3 - Add /home/testuser/public_html/yii/framework to your PATH in testuser's .profile.
After doing all that then the next time you login as root you would be able to do the following:
su - testuser
cd public_html
php yiic webapp demo
And you wont have to worry about permissions since you are creating directories/files as testuser, not root.
See also: StackOverflow question about modifying your PATH
Related
I am having a hard time trying to figure out the issue.
I am creating a Model using this Artisan command,
Artisan::call('make:model',['name' =>'Models\\'.$module.'\\'.$model_name]);
For whatever reasons,
1.there is a lock icon in the file
2.owner of the file is www-data
3.the permission for the file is 644 but when I create the Model from CLI the permission of the file is 757.
It all depends who runs the code, in this case web-server runs the code, thus Apache or NGINX is the owner of newly created file (same goes for uploads).
You can change this using
umask
change user/group of web-server
Best option is to use artisan as its meant to be used, from command line.
I'm new to Laravel and I find this framework awesome.
Artisan is also great but a have a little problem using it.
Let's say that I create a new Controller with Artisan like this
php artisan make:controller Test
There will be a new file in app/Http/Controllers named Test and the permission on this file will be root:root
When I want to edit this file with my editor over ftp I can't because I'm not logged as root.
Is there any ways to tell Artisan to create files with www-data group for example (without doing an chown command) ?
Since you have root shell access, the following command will execute another one using the www-data user-
sudo -u www-data php artisan make:controller Test
Replace www-data with whatever the username your web server operates under, or the username you login to the FTP service with.
When you do this, the controller will be owned by www-data, which is what you want.
Note: do not ever run commands copy-pasted from the internet without knowing exactly what they do, especially in a root shell.
In this case, the -u parameter tells sudo to execute the command as a specific user, not as the root user.
From the manpage:
-u user, --user=user
Run the command as a user other than the default target user (usually root ). The user may be
either a user name or a numeric user ID (UID) prefixed with the ‘#’ character (e.g. #0 for UID
0). When running commands as a UID, many shells require that the ‘#’ be escaped with a backslash
(‘\’). Some security policies may restrict UIDs to those listed in the password database. The
sudoers policy allows UIDs that are not in the password database as long as the targetpw option
is not set. Other security policies may not support this.
I know this is a really old post but I'd also really advise anyone agains editing your Laravel files over FTP. I used to do this in my pre-Laravel days and it NEVER ended well.
Editing over FTP can have all kinds of problems- dropping connection mid-edit being the least of them. Security and live development errors being a much larger concern.
Develop on your local or dev environment, commit/push to git, then either pipeline to your server or handle your FTP uploads and cleanup after the fact. Pipelines are your best bet if your host will allow them. We use Atlassian BitBucket for ours but the set-up and deployment should be relatively similar for most hosts. Check with your host for documentation on their pipeline set-up:
https://www.atlassian.com/continuous-delivery/tutorials/bitbucket-pipelines
There's also some tutorials online for pipelining straight to FTP (if on a shared host, say):
https://www.savjee.be/2016/06/Deploying-website-to-ftp-or-amazon-s3-with-BitBucket-Pipelines/
It is because you ran a command from root user, try to run the command from the user which you using for edit the project via ftp.
I have a Postgres permissions problem, every time i brew install postgres it does so as root user resulting in permissions denial on initdb, createdb and or anything else i try.
I sudo chown the ownership of /usr/local/var/postgres and it seems to change and allow me manual entry into the directory from cmd line, which then only consists of a server.log file listing the error:
postgres cannot access the server configuration file "/usr/local/var/postgres/postgresql.conf": No such file or directory
I then go to initdb and it returns:
The files belonging to this database system will be owned by user "jamesbkemp".
This user must also own the server process.
The database cluster will be initialized with locale "en_GB.UTF-8".
The default database encoding has accordingly been set to "UTF8".
The default text search configuration will be set to "english".
Data page checksums are disabled.
initdb: directory "/usr/local/var/postgres" exists but is not empty
If you want to create a new database system, either remove or empty
the directory "/usr/local/var/postgres" or run initdb
with an argument other than "/usr/local/var/postgres"
I then go back to look at /usr/local/var/postgresand the owner has changed back to root. I really am at a loss after many hours on this as to what's going on. Any ideas folks?
Postgresql install as non root is a pain if not impossible, because it was not designed this way: it is a multi-user service.
The same thing here: apache2 as non-root - you would have to build the server yourself changing the configuration a lot.
Let me add that for an experienced datacenter operator this is a strange idea, like driving a race car in your appartment.
I have an embedded system running linux and I have busybox installed for running different services. One of the services is ftpd, which I start like this from the etc/init.d/rcS file:
tcpsvd 0.0.0.0 21 ftpd -w -v /mnt/flash&
I have two users in the system, root and a regular user. Root user can easily connect to the FTP server, but when I try to login with the regular user's credentials, I get this error:
ftpd[678]: can't change root directory to '/mnt/flash': Operation not permitted
Now, I thought that it must be a directory permission problem, and I started with changing permissions on the /mnt/flash directory first, but after this didn't work, I ended up having all my files in file-system including / to be owned by this regular user and have drwxrwxrwt permissions (just to find the cause of the problem). But I still get this error.
I have also tried to start ftpd with different root folders, including /.
I also couldn't find any config files for the ftpd in my file-system, maybe I need to create one manually? If so, which one and how to tell ftpd to allow user logins?
I'd really appreciate any help. Thanks.
Well, after trying some random things, I discovered that user login works fine if there is no directory changing involved at all:
tcpsvd 0.0.0.0 21 ftpd -w -v &
I suspect that chroot is called otherwise and the user does not have a right to do that.
Under config.php I have:
$config['log_threshold'] = 4;
$config['log_path'] = '/home/myaccount/logFilesFolder';
In index.php I have:
error_reporting(E_ALL);
The only way I can seem to get anything to log is if I chmod that directory to rwx (777), which doesn't seem right to me. That and it doesn't see to be logging all the errors.
In my local/dev environment it seems to be working but on my production server nothing is being logged. I can't seem to figure out why.
The log filename in the configuration settings needs a trailing "/" above making sure the webserver process has writeable access to the directory.
Change the logs owner and group to what owner/group your live web server is running, give it write perms and it should work. I take it that in your local/dev server your CI folder is owned by you that is why you need to chmod it to 777 to make it work.
The directory where you want the log files to be saved needs to be writable.
I have tried a lot of solutions and finally what worked for me was this:
Open system/libraries/Log.php
and change the following lines;
set the value of: $this->log_path to a writable directory, preferably home directory so that there are no permission issues. If you want to change the filename also, search for the variable $filepath and change the name.
Example:
$this->log_path = '/log';
touch /log/
restart the webserver.
The logs will start coming.
I have tried a lot of other options, none worked, this is not neat approach but at least I can see my logs now.
I had the same problem with my Codeigniter 4 project. The log was created successfully in my local window machine but was not creating on the remote Linux machine. I was using a custom path to generate log files under the 'app' folder. So what I did is to change the settings in my config/Logger.php file back to
'path' => WRITEPATH.'logs/',
and it created the log files under writeable/logs folder.