Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
Permissions problem with changing parameters
724 views
Skip to first unread message
Hildebrand, Jeff
Jan 15, 2014, 6:16:05 PM1/15/14
to 'support-bugzilla@lists.mozilla.org' (support-bugzilla@lists.mozilla.org)
I'm getting the following error when I click "Save Changes" on the Administration -> Parameters page:
[Wed Jan 15 11:32:08 2014] [error] Error in tempfile() using template /opt/bugzilla/data/params.XXXXX: Could not create temp file /opt/bugzilla/data/params.fTvJa: Permission denied at /opt/bugzilla/Bugzilla/Config.pm line 270.\n
The data directory is drwxrwx--- and owned by the same ID that is running the httpd. Both the httpd.conf file and a ps show the same owner.
Running 4.4.1. Upgraded 4.4 to this. On 4.4 this worked fine so I'm pretty sure it's not the httpd.conf.
Jeffery Hildebrand | Analog Design EDA Engineer
Medical Products - CMPG
Office: +1 858-675-3469 | Cell: +1 (952) 210-8926
www.microsemi.com<http://www.microsemi.com/>
[image001]
Bendtsen, Jon
Jan 15, 2014, 6:26:51 PM1/15/14
to Hildebrand, Jeff, 'support-bugzilla@lists.mozilla.org' (support-bugzilla@lists.mozilla.org)
On 16/01/2014, at 00.16, "Hildebrand, Jeff" <jeff.hi...@microsemi.com>
wrote:
>
> I'm getting the following error when I click "Save Changes" on the Administration -> Parameters page:
>
> [Wed Jan 15 11:32:08 2014] [error] Error in tempfile() using template /opt/bugzilla/data/params.XXXXX: Could not create temp file /opt/bugzilla/data/params.fTvJa: Permission denied at /opt/bugzilla/Bugzilla/Config.pm line 270.\n
>
> The data directory is drwxrwx--- and owned by the same ID that is running the httpd. Both the httpd.conf file and a ps show the same owner.
Temporarely make the directory a+rwx, and then monitor the files and see which username and group it is created with.
JonB
wrote:
>
> I'm getting the following error when I click "Save Changes" on the Administration -> Parameters page:
>
> [Wed Jan 15 11:32:08 2014] [error] Error in tempfile() using template /opt/bugzilla/data/params.XXXXX: Could not create temp file /opt/bugzilla/data/params.fTvJa: Permission denied at /opt/bugzilla/Bugzilla/Config.pm line 270.\n
>
> The data directory is drwxrwx--- and owned by the same ID that is running the httpd. Both the httpd.conf file and a ps show the same owner.
JonB
Hildebrand, Jeff
Jan 15, 2014, 6:43:31 PM1/15/14
to Bendtsen, Jon, 'support-bugzilla@lists.mozilla.org' (support-bugzilla@lists.mozilla.org)
Ok, I tried that.
Rechecked that the data directory is drwxrwxrwx and I got the same error in my /var/log/httpd/ssl_error_log.
No file was created.
Jeffery Hildebrand | Analog Design EDA Engineer
Medical Products - CMPG
Office: +1 858-675-3469 | Cell: +1 (952) 210-8926
www.microsemi.com
Rechecked that the data directory is drwxrwxrwx and I got the same error in my /var/log/httpd/ssl_error_log.
No file was created.
Jeffery Hildebrand | Analog Design EDA Engineer
Medical Products - CMPG
Office: +1 858-675-3469 | Cell: +1 (952) 210-8926
www.microsemi.com
Thorsten Schöning
Jan 16, 2014, 2:56:37 AM1/16/14
to support-...@lists.mozilla.org
Guten Tag Hildebrand, Jeff,
am Donnerstag, 16. Januar 2014 um 00:43 schrieben Sie:
> Rechecked that the data directory is drwxrwxrwx and I got the same
> error in my /var/log/httpd/ssl_error_log.
What's your OS and did you upgrade more than just Bugzilla? How did you
install, using the package manager of your distro or did you install
manually? Do you use mod_perl? I suspect that SELinux or AppArmor or
such denies permission because from my understanding it works in
addition to file permissions.
Mit freundlichen Grüßen,
Thorsten Schöning
--
Thorsten Schöning E-Mail:Thorsten....@AM-SoFT.de
AM-SoFT IT-Systeme http://www.AM-SoFT.de/
Telefon...........05151- 9468- 55
Fax...............05151- 9468- 88
Mobil..............0178-8 9468- 04
AM-SoFT GmbH IT-Systeme, Brandenburger Str. 7c, 31789 Hameln
AG Hannover HRB 207 694 - Geschäftsführer: Andreas Muchow
am Donnerstag, 16. Januar 2014 um 00:43 schrieben Sie:
> Rechecked that the data directory is drwxrwxrwx and I got the same
> error in my /var/log/httpd/ssl_error_log.
install, using the package manager of your distro or did you install
manually? Do you use mod_perl? I suspect that SELinux or AppArmor or
such denies permission because from my understanding it works in
addition to file permissions.
Mit freundlichen Grüßen,
Thorsten Schöning
--
Thorsten Schöning E-Mail:Thorsten....@AM-SoFT.de
AM-SoFT IT-Systeme http://www.AM-SoFT.de/
Telefon...........05151- 9468- 55
Fax...............05151- 9468- 88
Mobil..............0178-8 9468- 04
AM-SoFT GmbH IT-Systeme, Brandenburger Str. 7c, 31789 Hameln
AG Hannover HRB 207 694 - Geschäftsführer: Andreas Muchow
Bendtsen, Jon
Jan 16, 2014, 4:09:36 AM1/16/14
to Hildebrand, Jeff, 'support-bugzilla@lists.mozilla.org' (support-bugzilla@lists.mozilla.org)
On 16/01/2014, at 00.43, "Hildebrand, Jeff" <jeff.hi...@microsemi.com> wrote:
> Ok, I tried that.
can you create a file there from the shell? with that user?
If so, my guess is that it tries to create the file somewhere else. Try to use strace on it.
JonB
> Ok, I tried that.
>
> Rechecked that the data directory is drwxrwxrwx and I got the same error in my /var/log/httpd/ssl_error_log.
>
> No file was created.
> Rechecked that the data directory is drwxrwxrwx and I got the same error in my /var/log/httpd/ssl_error_log.
>
can you create a file there from the shell? with that user?
If so, my guess is that it tries to create the file somewhere else. Try to use strace on it.
JonB
Andre Klapper
Jan 16, 2014, 10:01:57 AM1/16/14
to support-...@lists.mozilla.org
On Thu, 2014-01-16 at 08:56 +0100, Thorsten Schöning wrote:
> Guten Tag Hildebrand, Jeff,
> am Donnerstag, 16. Januar 2014 um 00:43 schrieben Sie:
>
> Guten Tag Hildebrand, Jeff,
> am Donnerstag, 16. Januar 2014 um 00:43 schrieben Sie:
>
> > Rechecked that the data directory is drwxrwxrwx and I got the same
> > error in my /var/log/httpd/ssl_error_log.
>
> > error in my /var/log/httpd/ssl_error_log.
>
> What's your OS and did you upgrade more than just Bugzilla? How did you
> install, using the package manager of your distro or did you install
> manually? Do you use mod_perl? I suspect that SELinux or AppArmor or
> such denies permission because from my understanding it works in
> addition to file permissions.
I can reproduce this problem after freshly installing Bugzilla 4.4 from
> install, using the package manager of your distro or did you install
> manually? Do you use mod_perl? I suspect that SELinux or AppArmor or
> such denies permission because from my understanding it works in
> addition to file permissions.
bzr on Fedora 20 with mod_perl v2.000009.
setsebool -P httpd_enable_homedirs on
setsebool -P httpd_read_user_content on
do not help, and disabling SELinux completely via
echo 0 >/selinux/enforce
neither. Plus I still get the error after running
chmod a+rwx /usr/share/bugzilla44/data
andre
--
Andre Klapper | ak...@gmx.net
http://blogs.gnome.org/aklapper/
Thorsten Schöning
Jan 16, 2014, 10:21:52 AM1/16/14
to support-...@lists.mozilla.org
Guten Tag Andre Klapper,
am Donnerstag, 16. Januar 2014 um 16:01 schrieben Sie:
> I can reproduce this problem after freshly installing Bugzilla 4.4 from
> bzr on Fedora 20 with mod_perl v2.000009.
Works for me on Ubuntu 12.04 LTS Server form bzr as well, with only
write permissions for user and group on the data directory and params
file. And I'm pretty sure that I didn't install SELinux or such.
am Donnerstag, 16. Januar 2014 um 16:01 schrieben Sie:
> I can reproduce this problem after freshly installing Bugzilla 4.4 from
> bzr on Fedora 20 with mod_perl v2.000009.
write permissions for user and group on the data directory and params
file. And I'm pretty sure that I didn't install SELinux or such.
Hildebrand, Jeff
Jan 16, 2014, 11:55:15 AM1/16/14
to Bendtsen, Jon, 'support-bugzilla@lists.mozilla.org' (support-bugzilla@lists.mozilla.org)
My system is CentOS.
Yes, we're using mod_perl.
Going to the data directory, I can create files as the user ID that is running the apache server. Given the log has the full path name it is trying to create, I don't think it's creating it in a different location.
Jeff
Jeffery Hildebrand | Analog Design EDA Engineer
Medical Products - CMPG
Office: +1 858-675-3469 | Cell: +1 (952) 210-8926
www.microsemi.com
-----Original Message-----
From: Bendtsen, Jon [mailto:Jon.Be...@laerdal.dk]
Sent: Thursday, January 16, 2014 1:10 AM
To: Hildebrand, Jeff
Cc: 'support-...@lists.mozilla.org' (support-...@lists.mozilla.org)
Subject: Re: Permissions problem with changing parameters
Yes, we're using mod_perl.
Going to the data directory, I can create files as the user ID that is running the apache server. Given the log has the full path name it is trying to create, I don't think it's creating it in a different location.
Jeff
Jeffery Hildebrand | Analog Design EDA Engineer
Medical Products - CMPG
Office: +1 858-675-3469 | Cell: +1 (952) 210-8926
www.microsemi.com
-----Original Message-----
From: Bendtsen, Jon [mailto:Jon.Be...@laerdal.dk]
Sent: Thursday, January 16, 2014 1:10 AM
To: Hildebrand, Jeff
Cc: 'support-...@lists.mozilla.org' (support-...@lists.mozilla.org)
Subject: Re: Permissions problem with changing parameters
> Rechecked that the data directory is drwxrwxrwx and I got the same error in my /var/log/httpd/ssl_error_log.
>
>
Hildebrand, Jeff
Jan 16, 2014, 3:07:44 PM1/16/14
to Bendtsen, Jon, 'support-bugzilla@lists.mozilla.org' (support-bugzilla@lists.mozilla.org)
I changed the Bugzilla/Config.pm sub "write_params" to put the file in /tmp instead. Here's the code:
sub write_params {
my ($param_data) = @_;
$param_data ||= Bugzilla->params;
my $datadir = bz_locations()->{'datadir'};
my $param_file = "$datadir/params";
# Adding the following line to test, jrah
my $tmpdir = "/tmp/";
local $Data::Dumper::Sortkeys = 1;
my ($fh, $tmpname) = File::Temp::tempfile('params.XXXXX',
DIR => $tmpdir );
# DIR => $datadir );
print $fh (Data::Dumper->Dump([$param_data], ['*param']))
|| die "Can't write param file: $!";
close $fh;
rename $tmpname, $param_file
or die "Can't rename $tmpname to $param_file: $!";
fix_file_permissions($param_file);
# And now we have to reset the params cache so that Bugzilla will re-read
# them.
delete Bugzilla->request_cache->{params};
}
It created the file fine now, but when it tries to move it back to the data directory, I get:
[Thu Jan 16 11:57:21 2014] [error] Can't rename /tmp/params.GCj0S to /opt/bugzilla/data/params: Permission denied at /opt/bugzilla/Bugzilla/Config.pm line 281.\n
But I double checked the directory:
/opt/bugzilla>ls -lad data
drwxrwxrwx. 8 XXX XXX 4096 Jan 16 11:54 data
sub write_params {
my ($param_data) = @_;
$param_data ||= Bugzilla->params;
my $datadir = bz_locations()->{'datadir'};
my $param_file = "$datadir/params";
# Adding the following line to test, jrah
my $tmpdir = "/tmp/";
local $Data::Dumper::Sortkeys = 1;
my ($fh, $tmpname) = File::Temp::tempfile('params.XXXXX',
DIR => $tmpdir );
# DIR => $datadir );
print $fh (Data::Dumper->Dump([$param_data], ['*param']))
|| die "Can't write param file: $!";
close $fh;
rename $tmpname, $param_file
or die "Can't rename $tmpname to $param_file: $!";
fix_file_permissions($param_file);
# And now we have to reset the params cache so that Bugzilla will re-read
# them.
delete Bugzilla->request_cache->{params};
}
It created the file fine now, but when it tries to move it back to the data directory, I get:
[Thu Jan 16 11:57:21 2014] [error] Can't rename /tmp/params.GCj0S to /opt/bugzilla/data/params: Permission denied at /opt/bugzilla/Bugzilla/Config.pm line 281.\n
But I double checked the directory:
/opt/bugzilla>ls -lad data
drwxrwxrwx. 8 XXX XXX 4096 Jan 16 11:54 data
Bendtsen, Jon
Jan 17, 2014, 5:05:14 AM1/17/14
to Hildebrand, Jeff, 'support-bugzilla@lists.mozilla.org' (support-bugzilla@lists.mozilla.org)
On 16/01/2014, at 21.07, "Hildebrand, Jeff" <jeff.hi...@microsemi.com> wrote:
> I changed the Bugzilla/Config.pm sub "write_params" to put the file in /tmp instead. Here's the code:
> sub write_params {
> my ($param_data) = @_;
> $param_data ||= Bugzilla->params;
>
> my $datadir = bz_locations()->{'datadir'};
> my $param_file = "$datadir/params";
> # Adding the following line to test, jrah
> my $tmpdir = "/tmp/";
>
> local $Data::Dumper::Sortkeys = 1;
>
> my ($fh, $tmpname) = File::Temp::tempfile('params.XXXXX',
> DIR => $tmpdir );
> # DIR => $datadir );
>
> print $fh (Data::Dumper->Dump([$param_data], ['*param']))
> || die "Can't write param file: $!";
>
> close $fh;
>
> rename $tmpname, $param_file
> or die "Can't rename $tmpname to $param_file: $!";
>
> fix_file_permissions($param_file);
>
> # And now we have to reset the params cache so that Bugzilla will re-read
> # them.
> delete Bugzilla->request_cache->{params};
> }
>
> It created the file fine now, but when it tries to move it back to the data directory, I get:
which what read/write permissions, user, group, ...
> I changed the Bugzilla/Config.pm sub "write_params" to put the file in /tmp instead. Here's the code:
> sub write_params {
> my ($param_data) = @_;
> $param_data ||= Bugzilla->params;
>
> my $datadir = bz_locations()->{'datadir'};
> my $param_file = "$datadir/params";
> # Adding the following line to test, jrah
> my $tmpdir = "/tmp/";
>
> local $Data::Dumper::Sortkeys = 1;
>
> my ($fh, $tmpname) = File::Temp::tempfile('params.XXXXX',
> DIR => $tmpdir );
> # DIR => $datadir );
>
> print $fh (Data::Dumper->Dump([$param_data], ['*param']))
> || die "Can't write param file: $!";
>
> close $fh;
>
> rename $tmpname, $param_file
> or die "Can't rename $tmpname to $param_file: $!";
>
> fix_file_permissions($param_file);
>
> # And now we have to reset the params cache so that Bugzilla will re-read
> # them.
> delete Bugzilla->request_cache->{params};
> }
>
> It created the file fine now, but when it tries to move it back to the data directory, I get:
> [Thu Jan 16 11:57:21 2014] [error] Can't rename /tmp/params.GCj0S to /opt/bugzilla/data/params: Permission denied at /opt/bugzilla/Bugzilla/Config.pm line 281.\n
JonB
Hildebrand, Jeff
Jan 17, 2014, 12:42:50 PM1/17/14
to Bendtsen, Jon, 'support-bugzilla@lists.mozilla.org' (support-bugzilla@lists.mozilla.org)
Thanks to everyone who responded. Turns out that my IT support changed the machine between our installing 4.4 and the install we did of 4.4.1 this week by turning on selinux and their configuration is what stopped it fromworking.
Andre Klapper
Jan 18, 2014, 1:24:46 PM1/18/14
to support-...@lists.mozilla.org
On Thu, 2014-01-16 at 16:01 +0100, Andre Klapper wrote:
> On Thu, 2014-01-16 at 08:56 +0100, Thorsten Schöning wrote:
> > Guten Tag Hildebrand, Jeff,
> > am Donnerstag, 16. Januar 2014 um 00:43 schrieben Sie:
> On Thu, 2014-01-16 at 08:56 +0100, Thorsten Schöning wrote:
> > Guten Tag Hildebrand, Jeff,
> >
> > > Rechecked that the data directory is drwxrwxrwx and I got the same
> > > error in my /var/log/httpd/ssl_error_log.
> >
> > > Rechecked that the data directory is drwxrwxrwx and I got the same
> > > error in my /var/log/httpd/ssl_error_log.
> >
> > What's your OS and did you upgrade more than just Bugzilla? How did you
> > install, using the package manager of your distro or did you install
> > manually? Do you use mod_perl? I suspect that SELinux or AppArmor or
> > such denies permission because from my understanding it works in
> > addition to file permissions.
>
> > install, using the package manager of your distro or did you install
> > manually? Do you use mod_perl? I suspect that SELinux or AppArmor or
> > such denies permission because from my understanding it works in
> > addition to file permissions.
>
> I can reproduce this problem after freshly installing Bugzilla 4.4 from
> bzr on Fedora 20 with mod_perl v2.000009.
>
> bzr on Fedora 20 with mod_perl v2.000009.
>
> setsebool -P httpd_enable_homedirs on
> setsebool -P httpd_read_user_content on
> do not help, and disabling SELinux completely via
> echo 0 >/selinux/enforce
> neither. Plus I still get the error after running
> chmod a+rwx /usr/share/bugzilla44/data
Alright, SELinux to blame. No issues after running "setenforce 0" which
> setsebool -P httpd_read_user_content on
> do not help, and disabling SELinux completely via
> echo 0 >/selinux/enforce
> neither. Plus I still get the error after running
> chmod a+rwx /usr/share/bugzilla44/data
changes the mode from "enforcing" to "permissive".
There are less pervasive ways to fix this (looking at the SELinux
context of a specific file via "ls -Z" and adjusting it via "chcon").
0 new messages