Re: Permissions issue
Don't consider 777 permissions a solution. It's masking the real problem, and opens your system up to a large security hole. Christian On Monday, September 12, 2011, hs_etd wrote: > I did the following > >> in /etc/selinux/config SELINUX=disabled > > and restarted the system. It still didn't help. I did get a different, > yet similar error. This time it wasn't complaining that "etdlab" (my > login) didn't have permission. It was complaining that "apache" did > not have permission to /var/www/rb/data. > > I then did the unrecommeded command: > > chmod -R 777 /var/www/rb and restarted apache. > > It worked! > > Thanks to all for your help. > > -- > Want to help the Review Board project? Donate today at http://www.reviewboard.org/donate/ > Happy user? Let us know at http://www.reviewboard.org/users/ > -~--~~~~--~~--~--~--- > To unsubscribe from this group, send email to reviewboard+unsubscr...@googlegroups.com > For more options, visit this group at http://groups.google.com/group/reviewboard?hl=en -- -- Christian Hammond - chip...@chipx86.com Review Board - http://www.reviewboard.org VMware, Inc. - http://www.vmware.com -- Want to help the Review Board project? Donate today at http://www.reviewboard.org/donate/ Happy user? Let us know at http://www.reviewboard.org/users/ -~--~~~~--~~--~--~--- To unsubscribe from this group, send email to reviewboard+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/reviewboard?hl=en
Re: Permissions issue
I did the following > in /etc/selinux/config SELINUX=disabled and restarted the system. It still didn't help. I did get a different, yet similar error. This time it wasn't complaining that "etdlab" (my login) didn't have permission. It was complaining that "apache" did not have permission to /var/www/rb/data. I then did the unrecommeded command: chmod -R 777 /var/www/rb and restarted apache. It worked! Thanks to all for your help. -- Want to help the Review Board project? Donate today at http://www.reviewboard.org/donate/ Happy user? Let us know at http://www.reviewboard.org/users/ -~--~~~~--~~--~--~--- To unsubscribe from this group, send email to reviewboard+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/reviewboard?hl=en
Re: Permissions issue
On Sun, Sep 11, 2011 at 4:10 AM, Rohini Kumar Tharigonda wrote: > chmod -R 777 /var/www/reviewboard/ I would not recommend doing this. It is very dangerous to allow the apache user, or any untrusted user the ability to write to your web root. It means if there is a vulnerability they will be able to re-write the .wsgi and .py files, or be able to drop a php shell in htdocs. Ideally places in htdocs where apache can write, like uploaded/ would have script handlers disabled. > service iptables stop I doubt this is the issue, the OP got an error on the RB web page, so web access works. I personally like firewalls. > in /etc/selinux/config SELINUX=disabled SELinux can cause things like this. I didn't for me. For me the RB install with a local DB worked with SELinux. Only search and remote DB were blocked by SELinux. But SELinux is a good thing to check. The SELinux logs are in /var/log/audit. > chown -R apache /var/www/reviewboard/data > chown -R apache /var/www/reviewboard/ I my opinion apache should not own the whole reviewboard directory, for the security reason above. Do this instead: chown -R apache:apache /var/www/rb/htdocs/media/uploaded chown -R apache:apache /var/www/rb/data Thanks, Anton -- Want to help the Review Board project? Donate today at http://www.reviewboard.org/donate/ Happy user? Let us know at http://www.reviewboard.org/users/ -~--~~~~--~~--~--~--- To unsubscribe from this group, send email to reviewboard+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/reviewboard?hl=en
Re: Permissions issue
The key may very well be to disable SELinux. I wouldn't recommend 777 permissions, as they can open you up to vulnerabilities. Christian On Sunday, September 11, 2011, Rohini Kumar Tharigonda wrote: > I installed it on fedora15 ( in /var/www/reviewboard/) > > i did the following > > chmod -R 777 /var/www/reviewboard/ > service iptables stop > in /etc/selinux/config SELINUX=disabled > chown -R apache /var/www/reviewboard/data > chown -R apache /var/www/reviewboard/ > > chkconfig httpd on > chkconfig mysqld on > > service httpd restart > service mysqld restart > > > On Sep 10, 9:57 pm, hs_etd wrote: >> Anton, >> >> I am using Fedora 14 x86. >> I am starting apache by /etc/init.d/httpd start >> The path is as you stated: /var/www/rb >> >> I am logged in as "etdlab", but I do a su to get appropriate >> privileges to start apache and mysql. > > -- > Want to help the Review Board project? Donate today at http://www.reviewboard.org/donate/ > Happy user? Let us know at http://www.reviewboard.org/users/ > -~--~~~~--~~--~--~--- > To unsubscribe from this group, send email to reviewboard+unsubscr...@googlegroups.com > For more options, visit this group at http://groups.google.com/group/reviewboard?hl=en -- -- Christian Hammond - chip...@chipx86.com Review Board - http://www.reviewboard.org VMware, Inc. - http://www.vmware.com -- Want to help the Review Board project? Donate today at http://www.reviewboard.org/donate/ Happy user? Let us know at http://www.reviewboard.org/users/ -~--~~~~--~~--~--~--- To unsubscribe from this group, send email to reviewboard+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/reviewboard?hl=en
Re: Permissions issue
I installed it on fedora15 ( in /var/www/reviewboard/) i did the following chmod -R 777 /var/www/reviewboard/ service iptables stop in /etc/selinux/config SELINUX=disabled chown -R apache /var/www/reviewboard/data chown -R apache /var/www/reviewboard/ chkconfig httpd on chkconfig mysqld on service httpd restart service mysqld restart On Sep 10, 9:57 pm, hs_etd wrote: > Anton, > > I am using Fedora 14 x86. > I am starting apache by /etc/init.d/httpd start > The path is as you stated: /var/www/rb > > I am logged in as "etdlab", but I do a su to get appropriate > privileges to start apache and mysql. -- Want to help the Review Board project? Donate today at http://www.reviewboard.org/donate/ Happy user? Let us know at http://www.reviewboard.org/users/ -~--~~~~--~~--~--~--- To unsubscribe from this group, send email to reviewboard+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/reviewboard?hl=en
Re: Permissions issue
Anton, I am using Fedora 14 x86. I am starting apache by /etc/init.d/httpd start The path is as you stated: /var/www/rb I am logged in as "etdlab", but I do a su to get appropriate privileges to start apache and mysql. -- Want to help the Review Board project? Donate today at http://www.reviewboard.org/donate/ Happy user? Let us know at http://www.reviewboard.org/users/ -~--~~~~--~~--~--~--- To unsubscribe from this group, send email to reviewboard+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/reviewboard?hl=en
Re: Permissions issue
Christian, I had started all over again. This time, I didn't change the httpd.conf file and left the User & Group as apache. Before I had changed it to root. Sorry for the confusion. Like before, I changed the owner of the "uploaded" and "data" directories to "apache", but I still get the same error message. -- Want to help the Review Board project? Donate today at http://www.reviewboard.org/donate/ Happy user? Let us know at http://www.reviewboard.org/users/ -~--~~~~--~~--~--~--- To unsubscribe from this group, send email to reviewboard+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/reviewboard?hl=en
Re: Permissions issue
What Linux distro are you using? How are you starting apache? What is the path to rb (/var/www/rb)? Thanks, Anton On Fri, Sep 9, 2011 at 5:52 PM, hs_etd wrote: > Started from scratch but I see the same thing happening. > > ls -ld data returns > > [root@etd-rb rb]# ls -ld data > drwxr-xr-x. 2 apache root 4096 Sep 9 19:46 data > > -- > Want to help the Review Board project? Donate today at > http://www.reviewboard.org/donate/ > Happy user? Let us know at http://www.reviewboard.org/users/ > -~--~~~~--~~--~--~--- > To unsubscribe from this group, send email to > reviewboard+unsubscr...@googlegroups.com > For more options, visit this group at > http://groups.google.com/group/reviewboard?hl=en > -- Want to help the Review Board project? Donate today at http://www.reviewboard.org/donate/ Happy user? Let us know at http://www.reviewboard.org/users/ -~--~~~~--~~--~--~--- To unsubscribe from this group, send email to reviewboard+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/reviewboard?hl=en
Re: Permissions issue
So it looks like the owner is apache, then, not root, and only the user can write to it. The owner/group should both match what the Apache process is running as. Christian -- Christian Hammond - chip...@chipx86.com Review Board - http://www.reviewboard.org VMware, Inc. - http://www.vmware.com On Fri, Sep 9, 2011 at 5:52 PM, hs_etd wrote: > Started from scratch but I see the same thing happening. > > ls -ld data returns > > [root@etd-rb rb]# ls -ld data > drwxr-xr-x. 2 apache root 4096 Sep 9 19:46 data > > -- > Want to help the Review Board project? Donate today at > http://www.reviewboard.org/donate/ > Happy user? Let us know at http://www.reviewboard.org/users/ > -~--~~~~--~~--~--~--- > To unsubscribe from this group, send email to > reviewboard+unsubscr...@googlegroups.com > For more options, visit this group at > http://groups.google.com/group/reviewboard?hl=en > -- Want to help the Review Board project? Donate today at http://www.reviewboard.org/donate/ Happy user? Let us know at http://www.reviewboard.org/users/ -~--~~~~--~~--~--~--- To unsubscribe from this group, send email to reviewboard+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/reviewboard?hl=en
Re: Permissions issue
Started from scratch but I see the same thing happening. ls -ld data returns [root@etd-rb rb]# ls -ld data drwxr-xr-x. 2 apache root 4096 Sep 9 19:46 data -- Want to help the Review Board project? Donate today at http://www.reviewboard.org/donate/ Happy user? Let us know at http://www.reviewboard.org/users/ -~--~~~~--~~--~--~--- To unsubscribe from this group, send email to reviewboard+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/reviewboard?hl=en
Re: Permissions issue
Thanks for your responses. I am going to attemp to start from scratch. I have a feeling I modified one too many configuration files. -- Want to help the Review Board project? Donate today at http://www.reviewboard.org/donate/ Happy user? Let us know at http://www.reviewboard.org/users/ -~--~~~~--~~--~--~--- To unsubscribe from this group, send email to reviewboard+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/reviewboard?hl=en
Re: Permissions issue
Your setup sounds a bit off.. In general, Apache isn't run as root, and it certainly shouldn't be reporting your user in the instructions unless you specifically invoked Apache. So disregard your username in there. "root" sounds more correct, though unsafe (you should never run Apache as root, as it's a major security problem). Can you do ls -ld on the data directory? Christian -- Christian Hammond - chip...@chipx86.com Review Board - http://www.reviewboard.org VMware, Inc. - http://www.vmware.com On Fri, Sep 9, 2011 at 11:04 AM, hs_etd wrote: > Yes. > > Restarted mysqld and restarted httpd > > On Sep 9, 12:32 pm, Christian Hammond wrote: > > Did you restart Apache after? > > > > Christian > > -- > Want to help the Review Board project? Donate today at > http://www.reviewboard.org/donate/ > Happy user? Let us know at http://www.reviewboard.org/users/ > -~--~~~~--~~--~--~--- > To unsubscribe from this group, send email to > reviewboard+unsubscr...@googlegroups.com > For more options, visit this group at > http://groups.google.com/group/reviewboard?hl=en > -- Want to help the Review Board project? Donate today at http://www.reviewboard.org/donate/ Happy user? Let us know at http://www.reviewboard.org/users/ -~--~~~~--~~--~--~--- To unsubscribe from this group, send email to reviewboard+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/reviewboard?hl=en
Re: Permissions issue
Yes. Restarted mysqld and restarted httpd On Sep 9, 12:32 pm, Christian Hammond wrote: > Did you restart Apache after? > > Christian -- Want to help the Review Board project? Donate today at http://www.reviewboard.org/donate/ Happy user? Let us know at http://www.reviewboard.org/users/ -~--~~~~--~~--~--~--- To unsubscribe from this group, send email to reviewboard+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/reviewboard?hl=en
Re: Permissions issue
Yes. Restarted mysql and restart apache On Sep 9, 12:32 pm, Christian Hammond wrote: > Did you restart Apache after? > > Christian > -- Want to help the Review Board project? Donate today at http://www.reviewboard.org/donate/ Happy user? Let us know at http://www.reviewboard.org/users/ -~--~~~~--~~--~--~--- To unsubscribe from this group, send email to reviewboard+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/reviewboard?hl=en
Re: Permissions issue
Did you restart Apache after? Christian On Friday, September 9, 2011, hs_etd wrote: > I am trying to install and configure review board for the 1st time. I > can't seem to overcome the issue stated below. I see the issue > whenever I try to go to the webpage. > > ** > Your site's data directory isn't properly set up. This directory is > where Review Board will store various state and configuration needed > to access repositories. > > Your data directory is currently at: /var/www/review.example.com/data > Permission problems > > The data directory must be writable by the web server. On Linux/Unix/ > Mac, you can fix this by typing: > >$ sudo chown -R etdlab "/var/www/review.example.com/data" > > On Windows, right-click the data directory and change the ownership to > etdlab. > *** > > I did a ps -aux | grep apache and I am running apache as root > I did the same for mysql and this is part of the output > ** > root 2625 --pid-file=/var/run/mysqld/mysqld.pid --basedir=/ > usr --user=mysql > mysql 2714 --basedir=/usr --datadir=/var/lib/mysql -- > user=mysql --log-error=/var/log/mysqld.log . > root 9169 0.0 0.0 4420 736 pts/1S+ 10:06 0:00 grep > --color=auto mysql > * > > I am logged in as etdlab. > I changed the owner for the uploaded and the data directories to > 'etdlab'. It didn't help. I changed it to 'root' and it didn't help > either. > > What configuration do I need to change? > > Thanks > > -- > Want to help the Review Board project? Donate today at http://www.reviewboard.org/donate/ > Happy user? Let us know at http://www.reviewboard.org/users/ > -~--~~~~--~~--~--~--- > To unsubscribe from this group, send email to reviewboard+unsubscr...@googlegroups.com > For more options, visit this group at http://groups.google.com/group/reviewboard?hl=en -- -- Christian Hammond - chip...@chipx86.com Review Board - http://www.reviewboard.org VMware, Inc. - http://www.vmware.com -- Want to help the Review Board project? Donate today at http://www.reviewboard.org/donate/ Happy user? Let us know at http://www.reviewboard.org/users/ -~--~~~~--~~--~--~--- To unsubscribe from this group, send email to reviewboard+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/reviewboard?hl=en
Permissions issue
I am trying to install and configure review board for the 1st time. I can't seem to overcome the issue stated below. I see the issue whenever I try to go to the webpage. ** Your site's data directory isn't properly set up. This directory is where Review Board will store various state and configuration needed to access repositories. Your data directory is currently at: /var/www/review.example.com/data Permission problems The data directory must be writable by the web server. On Linux/Unix/ Mac, you can fix this by typing: $ sudo chown -R etdlab "/var/www/review.example.com/data" On Windows, right-click the data directory and change the ownership to etdlab. *** I did a ps -aux | grep apache and I am running apache as root I did the same for mysql and this is part of the output ** root 2625 --pid-file=/var/run/mysqld/mysqld.pid --basedir=/ usr --user=mysql mysql 2714 --basedir=/usr --datadir=/var/lib/mysql -- user=mysql --log-error=/var/log/mysqld.log . root 9169 0.0 0.0 4420 736 pts/1S+ 10:06 0:00 grep --color=auto mysql * I am logged in as etdlab. I changed the owner for the uploaded and the data directories to 'etdlab'. It didn't help. I changed it to 'root' and it didn't help either. What configuration do I need to change? Thanks -- Want to help the Review Board project? Donate today at http://www.reviewboard.org/donate/ Happy user? Let us know at http://www.reviewboard.org/users/ -~--~~~~--~~--~--~--- To unsubscribe from this group, send email to reviewboard+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/reviewboard?hl=en