I've got a problem with the Openbravo module management. When I want to rebuild, the Openbravo drop that alert message.:
No write permissions to Openbravo folder. Tomcat is not able to write in this folder. Please change permissions.
Can You help me? I don't know which folder that.
I'm posting this answer keeping in mind that you are working on Linux system.
This problem occurred because your project don't have openbravo permission.
In your machine there is an openbravo user, so now you need to give the folder openbravo permission to do that go to the folder where you install openbravo for example.
cd /opt/
know use ll command and change project owner by running this two command
chown -R openbravo:tomcat6 projectName
after that use this command
chmod -R 775 projectName
Related
In order to get WordPress updates and other functions of WP-ADMIN to work, I ran the following command to "fix" file persmissions.
sudo chown -R daemon:daemon /your-path-to-wordpress
This worked for the admin functionality, but now I am unable upload any files via ftp with user "bitnami". I can connect but not do anything else. How do I fix this to allow both WordPress admin updates to function and keep FTP access?
i have to install a plugin on a red hat server where nagios is already configured.
the plugin to be installed is inode_checker which i got from this link
how to install inode checker in nagios
but when i opened this link i could find a shell script here.
now i am not sure whether i have to place the shell script directly on the server in the location /usr/local/nagios/libexec/ or is there any other way to do it since the other plugins available in this location seems to be different and i am not able to open them.
what am i doing wrong here?please advise.
Yes, this is a bash script so simply download and place it in the folder where you have other scripts sitting. Make sure to make it executable like
chmod +x scriptname
Then you should be able to use it in nagios by creating a Command object. You can find the location of the folder where your scripts are located by looking at the resources.cfg file which should hold something like below:
$USER1$=/usr/lib64/nagios/plugins
Hope this helps.
I have an install target in my Makefile and wish to run some commands that install shared libraries(requires root permissions) and some that install config files into $HOME/.config
Usually I'd just tell the user to run sudo make install, however that results in the config file being installed to /root/.config instead of the actual users config directory.
How do I work around this issue?
Thanks alot.
You can just change the owner and permissions of the config files, although a Makefile that installs per user configuration files, is not a good idea because it would ideally need to find out how many users exist on the system to install the files for each user.
If you use the install command, you could even do
install -v -m644 -o$(USERNAME) -g$(USERGROUP) $(FILE) $(USERHOME)/.config/$(FILE)
A better approach would be to let the program install the default config files from a system wide directory when it doesn't find them, for example
/usr/share/my-application/default-config/config.conf
and then the program would search for the files in the appropriate directoy and copy them to the $HOME directory of the user that is currently running the program, that if the files are modifiable by the user, otherwise you just access them from their system-wide location.
I would like to know the answers and explanation to the following questions:
Which user/group should own the cake files?
If different, which user/group should own the app/tmp folder? (and subfolders)
With the right user/group, what are the correct permissions for production of both folders and files? (which also if set correctly should work on development)
Where is storing of uploaded files done and what ownership/permissions need to be set to that folder. Where should it be relative to app/?
I know 777 fixes errors, but I would like to set it up correctly.
I have heard 660 should be more than enough for production if everything is correctly set up.
Who needs to have read access, who needs to have write access and does anyone need execute?
NOTE: I think I have found the answers and since no one has written a good answer, I will write it.If you are more knowledgeable on the topic and see errors or security issues please let me know, I will correct them.
1) CakePHP ownership
The CakePHP files should be owned by you, the user of the machine (whatever you log in with). Do not have root as owner!
OSX: the johnsmith part of /Users/johnsmith
Linux: the johnsmith part of /home/johnsmith
2) app/tmp ownership.
As per CakePHP documentation:
...make sure the directory app/tmp and all its subdirectories in your
cake installation are writable by the web server user.
Option 1:
The user owner needs to be apache's user. The group owner can be the group that you belong to, so that you also have access to this folder through finder/CLI. Do not have root as owner!
OSX: Apache is preinstalled on OSX lately and the default user of apache is _www. However if you are not sure you can find it out by typing terminal ps aux | grep httpd while apache runs. The last line is the command you just typed, so look above it.
Now that you know your apache user, you have to assign it to app/tmp/. You do this with the following command: sudo chown -R _www app/tmp/
Linux: The default user on linux is usually www-data with group www-data. If you are not sure, use ps aux | grep httpd to find out the user and sudo chown -R _www app/tmp/ to assign ownership to apache of that folder.
Option 2:
You can keep yourself as the user owner, but you set up the group owner to be the a group that apache belongs to. By default apache has it's own group, but you could create a new group and add apache to it.
OSX: The group of apache on OSX by default is the same os the user: _www. You then have to run the following command to se up the ownership: sudo chown -R :_www app/tmp/. Now if you check the permissions with ls -l you should see both your username (johnsmith) and the new group owner - _www.
Linux:* By default the group of apache is www-data so use the same commands to change ownership: sudo chown -R :www-data app/tmp/.
NOTE: Debian/Ubuntu use www-data, while CentOS uses apache.
3) Permissions
For the site to run, apache needs read and write without execute. For you to access it (assuming you are in the group that owns app/tmp) you also need read and write if you will edit manually things with terminal/finder. All other users should have no rights whatsoever. So:
OSX&Linux: sudo chmod -R 660 app/tmp/. The -R part is to do it recursively for all inside folders. The first 6 is for the user owner (OSX:_www or Linux:www-data), the second 6 is for the group owner (OSX:staff or Linux: johnsmith), the 0 is for all other users/guests.
NOTE: According to this pull request for CakePHP it looks like CakePHP 2.4 will have ability to create subfolders in app/tmp/ which means it will need a 7 instead of 6 for the user now becoming 760.
4) Uploads folder
If you want to upload files, you need a similar setup for the img/uploads folder, or wherever you upload. The ownership will be the same, but the permissions need to have execute rights for renaming purposes and folder creation. so the previously 660 should now be 760. Also, ideally, the uploads are out of the webroot/ directory, for which an absolute path is required.
For all files in app/tmp and subfolders you only need rw for the web server process and if needed to use the CLI, the console user.
If someone runs console commands with a user that has super rights or is in the wrong group it messes up things because what one creates can't be read or written from the other and then there are warning or failure messages. Some people (including me when I'm too lazy) fix that with 777 :)
My sqlite db file is this: unable to open database file i chowned all folders until my dbfile to root. but i am still getting this error. but i remember that while creating my django project on server, i created a superuser, and now if i do ls -l i see that the user is that superuser. how is it possible to tell apache that this superuser should have that right to write/read the db file? or how to solve the problem, i am not apache/linux guru..
Execute chown www-data:www-data directory on the directory you want apache to be able to write to.
You should be able to just leave the file as owned by the super user and just change the group so that apache can read/write it as well.
Change the group for the sqlite file and the containing directory. Try this:
cd <directory with sqlite file>
sudo chgrp www-data . <sqlitefile>
You can find write group and www user and change permissions.
Say: cat /etc/passwd - for find right user, It may be apache or http or www.
And say to terminal: cat /etc/group -for find right group.
In my system group=apache, user = apache.