Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 3 > Installation/Configuration

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 12th February 2011, 13:10
awd.pt awd.pt is offline
Member
 
Join Date: Apr 2006
Location: Ericeira/Porugal
Posts: 57
Thanks: 9
Thanked 3 Times in 2 Posts
Send a message via MSN to awd.pt
Default Wrong permissions on web folder

I'm having the following problem.

I'm running latest ISPConfig3 release on CentOS 5.5.

All the sites are running with Fast-CGI and suExec.

Each time I make any modification on a site by SPConfig Panel I have to manually change the perms to 711 on the web folder.

On /etc/group I have this:
Quote:
...
client32:x:5043:apache
...
The output of groups apache shows:
Quote:
apache : apache ispconfig client2 client3 client4 client5 client6 ... client32 ...
The perm on a site when I create are:
Quote:
[root@ISPC30 srmvfr.pt]# ls -l
total 16
drwxr-x--x 2 web60 client35 4096 Feb 10 16:22 cgi-bin
lrwxrwxrwx 1 web60 client35 34 Feb 10 16:22 log -> /var/log/ispconfig/httpd/srmvfr.pt
drwxr-x--x 2 web60 client35 4096 Feb 10 16:22 ssl
drwxrwxrwx 2 web60 client35 4096 Feb 10 16:22 tmp
drwx--x--- 13 web60 client35 4096 Feb 11 12:43 web
[root@ISPC30 srmvfr.pt]#
And I always get a Permission denied until i change them to:
Quote:
[root@ISPC30 srmvfr.pt]# ls -l
total 16
drwxr-x--x 2 web60 client35 4096 Feb 10 16:22 cgi-bin
lrwxrwxrwx 1 web60 client35 34 Feb 10 16:22 log -> /var/log/ispconfig/httpd/srmvfr.pt
drwxr-x--x 2 web60 client35 4096 Feb 10 16:22 ssl
drwxrwxrwx 2 web60 client35 4096 Feb 10 16:22 tmp
drwx--x--x 13 web60 client35 4096 Feb 11 12:43 web
[root@ISPC30 srmvfr.pt]#
Other workaround is to change the group owner of the web directory to apache.

I need help on sorting this out.

I followed the multiserver installation as detailed on the ISPConfig Manual I bought.

I have a dedicated mysql server, that is my multiserver setup.

Thank you in advance,
Sergio Rosa
Reply With Quote
Sponsored Links
  #2  
Old 13th February 2011, 22:20
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lneburg, Germany
Posts: 36,804
Thanks: 840
Thanked 5,613 Times in 4,424 Posts
Default

Quote:
drwx--x--- 13 web60 client35 4096 Feb 11 12:43 web
This are the correct permissions for the site.

Under which user and group does the apache server run on your server?
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #3  
Old 14th February 2011, 02:03
awd.pt awd.pt is offline
Member
 
Join Date: Apr 2006
Location: Ericeira/Porugal
Posts: 57
Thanks: 9
Thanked 3 Times in 2 Posts
Send a message via MSN to awd.pt
Default

hello till,

yes, does are the right perms. But with them apache can't access the directory.

Apache (web server) is running as user/group apache.
Reply With Quote
  #4  
Old 14th February 2011, 11:04
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lneburg, Germany
Posts: 36,804
Thanks: 840
Thanked 5,613 Times in 4,424 Posts
Default

But then apache must be able to access the directory. Do you have any security extensions like selinux enabled that might prevent apache accessing the files?
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #5  
Old 14th February 2011, 13:40
awd.pt awd.pt is offline
Member
 
Join Date: Apr 2006
Location: Ericeira/Porugal
Posts: 57
Thanks: 9
Thanked 3 Times in 2 Posts
Send a message via MSN to awd.pt
Default

Quote:
Originally Posted by till View Post
But then apache must be able to access the directory. Do you have any security extensions like selinux enabled that might prevent apache accessing the files?
Quote:
[root@ISPC30 ]# selinuxenabled
[root@ISPC30 ]# echo $?
1
[root@ISPC30 ]#
0 enable
1 disable

selinux is disable.

What other thing might be causing this?

I've banged my head to the wall but I can't see what is wrong.
Reply With Quote
  #6  
Old 14th February 2011, 13:51
awd.pt awd.pt is offline
Member
 
Join Date: Apr 2006
Location: Ericeira/Porugal
Posts: 57
Thanks: 9
Thanked 3 Times in 2 Posts
Send a message via MSN to awd.pt
Default

just another info, showing that everything should be fine...

Quote:
[root@ISPC30 ~]# id apache
uid=48(apache) gid=48(apache) groups=48(apache),5004(ispconfig),5005(client2),50 06(client3),5007(client4),5008(client5),5009(clien t6),5010(client7),5011(client8),5012(client9),5013 (client10).......
Reply With Quote
  #7  
Old 14th February 2011, 13:56
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lneburg, Germany
Posts: 36,804
Thanks: 840
Thanked 5,613 Times in 4,424 Posts
Default

I have no idea.

What is the exact error message that you get in the error.log of the website?
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #8  
Old 14th February 2011, 14:56
awd.pt awd.pt is offline
Member
 
Join Date: Apr 2006
Location: Ericeira/Porugal
Posts: 57
Thanks: 9
Thanked 3 Times in 2 Posts
Send a message via MSN to awd.pt
Default

Quote:
Originally Posted by log/error.log

[Mon Feb 14 12:47:07 2011] [crit] [client 213.13.150.21] (13)Permission denied: /var/www/thecandystory.com/web/.htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable
[Mon Feb 14 12:47:07 2011] [error] [client 213.13.150.21] File does not exist: /var/www/error/403.html
Quote:
Originally Posted by ls -l
drwxr-x--x 2 web62 client38 4096 Feb 10 16:26 cgi-bin
lrwxrwxrwx 1 web62 client38 42 Feb 10 16:26 log -> /var/log/ispconfig/httpd/thecandystory.com
drwxr-x--x 2 web62 client38 4096 Feb 10 16:26 ssl
drwxrwxrwx 2 web62 client38 4096 Feb 10 16:26 tmp
drwx--x--- 7 web62 client38 4096 Feb 11 17:55 web
Quote:
Originally Posted by ls -la /web
...
[root@ISPC30 thecandystory.com]# ls -l web/
total 1192

-rw-r--r-- 1 web62 client38 2349 Feb 16 2009 index.html
-rw-r--r-- 1 web62 client38 4524 Feb 16 2009 index.php

....

no .htaccess in web directory
If I activate the account apache in order to login (su - apache) when I try do browse the user's directories I get an "access denied". No matter if apache belongs to the group or not.

For some reason CentOS is not respecting the user/group permissions and access.

Any tool I can use to debug this dam thing?

Last edited by awd.pt; 14th February 2011 at 14:58.
Reply With Quote
  #9  
Old 14th February 2011, 15:03
awd.pt awd.pt is offline
Member
 
Join Date: Apr 2006
Location: Ericeira/Porugal
Posts: 57
Thanks: 9
Thanked 3 Times in 2 Posts
Send a message via MSN to awd.pt
Default

I think that a litle thing was missed by me.

Quote:
Originally Posted by df-kh
...
nfs-srv:/export/ispc30 144G 31G 106G 23% /var/www
...
on the nfs server, the export is made like this
Quote:
Originally Posted by cat /etc/exports
...
/export/ispc30 ispc30(rw,no_root_squash)
...
I think that this might be the problem.

Any suggestion on what flags to use to export the mpoint?
Reply With Quote
  #10  
Old 15th February 2011, 13:09
awd.pt awd.pt is offline
Member
 
Join Date: Apr 2006
Location: Ericeira/Porugal
Posts: 57
Thanks: 9
Thanked 3 Times in 2 Posts
Send a message via MSN to awd.pt
 
Default

Just to update this, it might be of some utility.

If the /var/www is mounted from a remote nfs server you'll have trouble with the permissions of the web directory.

I moved all data to a system disk and everything is running fine now.

Thank you 4 your help.
Reply With Quote
The Following User Says Thank You to awd.pt For This Useful Post:
till (15th February 2011)
Reply

Bookmarks

Tags
ispconfig 3 permissions

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
web folder privileges are getting reset by ISPConfig wpwood3 Installation/Configuration 3 29th March 2010 23:59
ispconfig wordpress and directory/file permissions willebanks Installation/Configuration 4 9th March 2010 22:52
Web Users and permissions vaio1 General 5 31st July 2008 09:31
How to make visible folder on the web? lano Server Operation 2 7th October 2007 20:52


All times are GMT +2. The time now is 21:27.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.