On Fri, February 23, 2024 02:46, Oliver Welter wrote: > Check the permissions of the full path/folder and check if it s a real > file or a (broken) symlink
# ll -d /usr/local/etc/openxpki/ drwxr-xr-- 13 openxpki openxpki 20 Feb 22 08:45 /usr/local/etc/openxpki/ # ll -d /usr/local/etc/openxpki/webui/ drwxr-xr-- 2 openxpki openxpki 3 Feb 13 14:19 /usr/local/etc/openxpki/webui/ # ll -d /usr/local/etc/openxpki/webui/default.conf -rw-r--r-- 1 openxpki openxpki 4729 Feb 13 14:19 /usr/local/etc/openxpki/webui/default.conf # file /usr/local/etc/openxpki/webui/default.conf /usr/local/etc/openxpki/webui/default.conf: ASCII text I changed the ownership on the entire ./etc/openxpki tree to openxpki:openxpki. I still see this in the ssl error log: [Fri Feb 23 07:49:47.771405 2024] [fcgid:warn] [pid 58294] [client 192.168.216.89:59891] mod_fcgid: stderr: [Fri Feb 23 07:49:47 2024] webui.fcgi: Can't open config file '/usr/local/etc/openxpki/webui/default.conf' (permission denied) at /usr/local/lib/perl5/site_perl/OpenXPKI/Client/Config.pm line 327., referer: https://192.168.216.89/openxpki/ ll /usr/local/etc/openxpki/webui/ total 6 -rw-r--r-- 1 openxpki openxpki 4729 Feb 13 14:19 default.conf These permissions allow anyone to read '/usr/local/etc/openxpki/webui/default.conf'. So what permission is webui.fcgi looking for? As a check I temporarily changed the ownership of this file to www:Www which made no difference. I get the same errors. Thanks, -- *** e-Mail is NOT a SECURE channel *** Do NOT transmit sensitive data via e-Mail Unencrypted messages have no legal claim to privacy Do NOT open attachments nor follow links sent by e-Mail James B. Byrne mailto:[email protected] Harte & Lyne Limited http://www.harte-lyne.ca 9 Brockley Drive vox: +1 905 561 1241 Hamilton, Ontario fax: +1 905 561 0757 Canada L8E 3C3 _______________________________________________ OpenXPKI-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openxpki-users
