Hi all,

suddenly ALL permissions are wrong on 1 of my servers. The folders and subfolders in /var/www are owned by group 10590, which does not exist in /etc/group.
If i delete and then restore a site everything gets fixed, but i have more than 500 sites on the server. :eek: How does it come to such a problem?!

Please help asap
Thanks!!!

Please help ASAP, my a** is burning :eek:, how do i get the right permissions at once, as i said above, deleting and restoring site does do the job... The next question will be whys that happening, but first i need to fix that permission crap...

Please help ASAP, my a** is burning :eek:, how do i get the right permissions at once, as i said above, deleting and restoring site does do the job... The next question will be whys that happening, but first i need to fix that permission crap...

PASTE some examples.. it will help to find solution as soon as it is possible

what kind of examples

ALL the folders and subfolders in /var/www are owned by www-data:10590, and 10590 does not exist as ID or group name in /etc/group...

no idea hows that happened, yesterday everything was OK - up and running w/o any problems ....

what kind of examples
/etc/group

www-data:10590 is :LOL:
as i know if you have webs in /var/www (i.e.)
webs are numbered like : /var/www/web44/web/[content of webpage]

permissons must be
server:/var/www# ls -la | grep web44
drwxr-xr-x 9 domain_admin web44 4096 2008-06-12 22:13 web44
lrwxrwxrwx 1 www-data web44 22 2008-05-30 12:04 www.domain.com -> /var/www/web44

so www.domain.com is 777 because its symlink to /var/www/web44 and web44 is folder with 755 and its owned by domain admin and domain group so if you have web44 it should be "chown domain_admin.web44".
(symlinks are owned by www-data)

Are there any records of web[number] in /etc/group ? (i.e. web44:x:10044:admispconfig,domain.com_admin)

Please run the following SQL statements in the ispconfig database:

update isp_isp_web set status = 'u' where status = '';
update isp_isp_user set status = 'u' where status = '';

Then change a setting in one of the sites in ispconfig and click on save.

Please run the following SQL statements in the ispconfig database:

update isp_isp_web set status = 'u' where status = '';
update isp_isp_user set status = 'u' where status = '';

Then change a setting in one of the sites in ispconfig and click on save.

lol :) straight to solution thnx

Please run the following SQL statements in the ispconfig database:

update isp_isp_web set status = 'u' where status = '';
update isp_isp_user set status = 'u' where status = '';

Then change a setting in one of the sites in ispconfig and click on save.

Thanks Till!!!

Thats exactly what i was looking for!
But unfortunately it doesn't work for me. I have tried exactly your suggestion:

mysql -u root -p
use db_ispconfig;
update isp_isp_web set status = 'u' where status = '';
update isp_isp_user set status = 'u' where status = '';
quit
/root/ispconfig/php/bin/php /root/ispconfig/scripts/writeconf.php

the output is something like this:

start
UPDATE: 594
UPDATE: 595
UPDATE: 596
etc etc etc

UPDATE USER: 1
UPDATE USER: 2
UPDATE USER: 6
etc etc etc

ende

there were also a couple of warnings like this:

UPDATE USER: 746

Warning: symlink(): File exists in /root/ispconfig/scripts/lib/config.lib.php on line 933
UPDATE USER: 1494

after that:

cd /var/www
ls -la

drwxrwxrwx 8 admin_user 10590 4096 2008-06-28 08:50 web168
lrwxrwxrwx 1 www-data 10590 15 2008-03-20 11:25 www.example.org -> /var/www/web168


(changed to 777, so the users at least can get the mails in their Maildirs...)

So i suppose the problem should be somewhere in the ispc database, in case the writeconf.php is started after a modification flag has been set to every user and site? This is really wired i am totally confused...

@ blocker: That looks all fine so far. What is your problem?

@ blocker: That looks all fine so far. What is your problem?

Hi Till,

my problem is that web168 (and all the other webs) has a group ownership of 10590 (such group name or group ID does no exist in /etc/group), this leads for example to another issue - users can not get their mails in the Maildir because (Permission denied)

example of a directory structure:

drwxrwxrwx 8 admin_user 10590 4096 2008-06-28 08:50 web168
lrwxrwxrwx 1 www-data 10590 15 2008-03-20 11:25 www.example.org -> /var/www/web168

/var/www/web168# ls -la
drwxrwxrwx 8 admin_user 10590 4096 2008-06-28 08:50 .
drwxr-xr-x 539 www-data 10590 36864 2008-06-28 10:01 ..
drwxrwxrwx 2 admin_user 10590 4096 2007-06-29 12:13 cgi-bin
-rw------- 1 admin_user web168 24 2008-06-28 08:50 .forward
-rw-rw-r-- 1 www-data web168 26 2008-06-30 04:06 .htpasswd
drwxrwxrwx 4 admin_user web168 4096 2008-06-02 00:30 log
lrwxrwxrwx 1 root root 40 2008-06-28 08:50 Maildir -> /var/www/web168/user/admin_user/Maildir
drwxrwxrwx 2 admin_user web168 4096 2007-06-29 12:13 phptmp
-rw-r--r-- 1 root root 478 2008-06-28 08:50 .procmailrc
lrwxrwxrwx 1 root root 47 2008-06-28 08:50 .spamassassin -> /var/www/web168/user/admin_user/.spamassassin/
drwxrwxrwx 2 admin_user 10590 4096 2007-06-29 12:13 ssl
drwxrwxrwx 3 admin_user 10590 4096 2007-06-29 12:13 user
lrwxrwxrwx 1 root root 48 2008-06-28 08:50 .vacation.cache -> /var/www/web168/user/admin_user/.vacation.cache
drwxrwxrwx 12 admin_user 10590 4096 2007-12-10 12:52 web


Thanks!

Please have a look in the file /etc/group Doe this look ok, are the other groups there or does it look corrupted somewhere?

Please have a look in the file /etc/group Doe this look ok, are the other groups there or does it look corrupted somewhere?

it doesn't look to be corrupted it has 592 rows, example of such record web168:

web168:x:10168:admispconfig,admin_user

but noticed somethhing strange:

ispconfigend:x:20000:


is on row 406, is that normal

but noticed somethhing strange:

ispconfigend:x:20000:


is on row 406, is that normal
No. Did you add that group manually?

No. Did you add that group manually?

no, but the server has been moved recently to new hardware, probably thats the time point when something went wrong

All recent ispconfig versions add the ispconfigend group automatically.