Chef insufficient Permissions error on file resource - centos

I have a file, let say xyz.sh, mounted from different file system on centos and root user does not have access to change the permissions of the file.
Current permissions are 755 for the file.
My cookbook's file resource checks for the permissions and if it is not 755 then change it to 755.
When I run the cookbook as root user it is giving an exception as 'Insufficient Permissions'.
Now I would have expected this exception if the file had some different permissions and chef tried to change it but not able to do that, but here as permissions are same as expectation, then why am I getting this exception?
Please help me!

Root is supposed to have permission to access any file in most cases (give or take some retrofits of the Unix filesystem model like POSIX ACLs). Regardless, just remove the mode property from the resource and Chef won't try to enforce anything.

Related

Creating symbolic links resulting in 500 error

Currently running a WHM / Cpanel server running Centos. Server seems to be running fine no issues there. However I'm using a deployment process to put files outside of the document root. e.g.
~/deployment
instead of:
~/public_html
Obviously I need to point public_html to this folder so my site will run. So, I'm removing the public_html and creating a symlink and pointing it to the new deployment folder. This results in a 500 error.
So looking at the logs I've discovered that it produces the following error:
Directory "/home/xyz/deployment" is writeable by group
Checking the file permissions looks as though the symlink is 777 where i need it to be 755 for the server to allow viewing.
Is there a setting in WHM ? Is there a setting in Centos? I have another box running that doesn't have this issue so I'm assuming that this is related to the current setup of this machine.
Any help would be appreciated, thanks.
when you create a hard link from a file or folder, This file/folder inherits the accesses and permissions of the original file/folder, and in soft link it will be 777 permission, so i think you can use rsync options for both purpose :
1- have a folder with all files in source
2- have your own permissions in folder

PostgreSQL: Error importing csv file from shared network folder

My goal is to import csv file to postgresql database.
my file is located in network shared folder and I do not have no option to make it in a local folder.
My Folder located in :
"smb://file-srv/doc/myfile.csv"
When I run my this PostgreSQL script:
COPY tbl_data
FROM 'smb://file-srv/doc/myfile.csv' DELIMITER ',' CSV;
I would get this error :
ERROR: could not open file "smb://file-srv/doc/myfile.csv" for reading: No such file or directory
SQL state: 58P01
I have no problem to access the file and open it.
I am using PostgreSQL 9.6 under Ubuntu 16.04.
Please Advice how to fix this problem.
Update
When I try to access the file with postgres user I would have same error:
postgres#file-srv:~$$ cat smb://file-srv/doc/myfile.csv
cat: 'smb://file-srv/doc/myfile.csv' : No such file or directory
As I mention when I user mounted folder I created I can access the file.
it is about permission. you have to check read access on file and folders.
also, logging with superuser access may solve your problem.
In short, this is a permissions issue: Your network share is likely locally mounted to your user's UID, while the PostgreSQL server is running as the postgres user.
Second, when you log into your database, there is not an overlap between the database's users and the system's users, even if you have the same username. This means that when you request a file from your network share, the DB user, in this case postgres, does not have the necessary permissions.
To see this, and assuming you have root access on the box in question, you might try to become the postgres user and see that you cannot access the file:
$ sudo su - postgres
$ cat /run/user/.../smb.../yourfile.csv
Permission denied
The fix to your issue will involve -- somehow -- making the file or share accessible to the postgres user. Copying is certainly the quickest way. But that's off the table. You could mount the share (perhaps as read only) as the postgres user. You might do this in fstab.
However, unless this is going to be an automated detail that happens regularly, this seems like heroics. Without more information as to why you can't copy locally, I suggest copying the file locally.

PostgreSQL : .pcppass file not found, tried other links

I am working on installing PgPoolAdmin on my local ubuntu system for installing it on server later. Currently, I am able to login but I keep getting an error Could not read .pcppass fileFile not found. I have tried this and many other resources, but no luck. Where is it looking for this file?
The username and passowrd in pcp.conf is same as here, just its in plain text in .pcppass and md5 in pcp.conf. Is that correct?
pcp.conf I have on 2 location /var/www/html and /var/www/html/admin-tool/
Its contents :
#insert:hostname:port:username:password
*:*:akshay:PASSWORD
*:*:postgres:PASSWORD
Thank you.
.pcppass needs to accessible by the user that runs your web server. For example, if you are serving pgpoolAdmin through apache2 with default paths and users. The following should solve the issue.
cp ~/.pcpass /var/www/.pcppass
chown www-data:www-data /var/www/.pcppass
chmod 600 /var/www/.pcppass
By default a .pcppass file should be located in the user's $HOME directory. If you have created it elsewhere, then initialize the $PCPPASSFILE environment variable with the filepath. Make sure the file is in this format:hostname:port:username:password. Then you should be able to access the database.
Note: You cannot use wildcards in the password files, as it will give error sometimes. It is better to use exact host/port values for better security.

ctl_dir /root/.libnet-openssh-perl/ is not secure at /usr/local/share/perl/5.18.2/Net/OpenSSH/Compat/Perl.pm line 123

I installed Net::OpenSSH::Compat::Perl recently. All the dependencies were installed without any errors. But when I try to login using the following code
$linux_ses= Net::OpenSSH::Compat::Perl->new($host);
$linux_ses->login($linux_uname,$linux_pass);
I get the following error message:
"ctl_dir /root/.libnet-openssh-perl/ is not secure at /usr/local/share/perl/5.18.2/Net/OpenSSH/Compat/Perl.pm line 123."
I am running the script as root and the file permission of /root/.libnet-openssh-perl/ is 700.
The permissions on /root/ could be too loose. Group writeable could mean able to delete a .libnet-openssh-perl/ by someone other than root, which is not a secure situation.
Please check.

Zend_Search_Lucen - [function.fopen]: failed to open stream: Permission denied

I´m trying to follow the Zend Lucene Search Tutorial from Ganesh H S and it´s giving me an error.
Message: fopen(/home/zerego/application/lucene-data/read.lock.file) [function.fopen]: failed to open stream: Permission denied
And if i click in "function.fopen" it show me an other message:
Exception
Message: Resource 'function.fopen' not found
Stack trace:
#0 /home/zerego/library/Zend/Acl.php(774): Zend_Acl->get('function.fopen')
#1 /home/zerego/application/plugins/AccessCheck.php(26): Zend_Acl->isAllowed('admin', 'function.fopen', 'index')
My folder is with 755 permissions and i have tried with 777 but i thing the problem is with my ACL.
I need to give some kind of permissions in my ACL ? or i need to give those kind of permissions in de .htaccess ?
I think you "click" on the Link shown on your Browser when the error appears or? Your Application trys to open an action "function.fopen" wich is not configured in your acl. But thats not important, the link will send you to php documentation and has nothing to do with your application.
The Error is an permission problem, talk to your webhost if you or the "server" is allowed to write/read from the provided directory (group/user).
I had this problem.
What worked in my case is that, aside from chmod 777, is that I changed the owner of the files to the web server user.
In my case my web server runs as daemon. Make sure that the web server user is set as the owner of the index directory and the index files within the directory.
You can use the chown command to change the owner of the files and the folder.
you might have to do 'sudo chown daemon'. I had to on my mac because the daemon user isn't an actual user on the mac system.