Laravel persistent permissions for php artisan config:cache file creation - linux

I've followed this guide to set permissions for Laravel 9 running on WSL2 through docker. Everything works great, but whenever I run
php artisan config:cache
The /bootstrap/cache/config.php file does not get updated as you would expect.
ls -l returns the following after running config:cache:
-rw-r--r-- 1 www-data www-data 26933 Nov 16 08:10 config.php
The linked guide above sets the folder permissions to -rwxrwxr--, which then gets overrode by the config:cache command.
Is there any way to persist the permissions on this file without having to run chmod every single time I modify the .ENV or config files?
EDIT
After digging around some more, it looks like everything BUT the 'debug' variable is being updated in the bootstrap/cache/config.php file. Manually changing the debug value to true and re-running php artisan config:cache will revert debug back to false. I'm 100% sure my .ENV is set to true, as well as the backup in my config/app.php file. I'm running in the 'local' environment.
How do I get that debug value to persist?

Run
sudo chmod -R 777 /bootstrap/cache/config.php
sudo chmod -R 777 /bootstrap/cache
You can also run
sudo php artisan config:clear
sudo php artisan optimize:clear

Related

How to fix denied permission to access a directory if that directory was added during docker build?

I using the following Dockerfile to extend a docker image:
FROM solr:6.6
COPY --chown=solr:solr ./services-core/search/A12Core /A12Core/
Note that solr:6.6 has a USER solr statement.
When running a container built from that Dockerfile I get a permission denied when trying to access a file or directory under /A12Core:
$ docker run -it 2f3c58f093e6 /bin/bash
solr#c091f0cd9127:/opt/solr$ cd /A12Core
solr#c091f0cd9127:/A12Core$ cd conf
bash: cd: conf: Permission denied
solr#c091f0cd9127:/A12Core$ ls -l
total 8
drw-r--r-- 3 solr solr 4096 Aug 31 14:21 conf
-rw-r--r-- 1 solr solr 158 Jun 28 14:25 core.properties
solr#c091f0cd9127:/A12Core$ whoami
solr
solr#c091f0cd9127:/A12Core$
What do I need to do in order to get permission to access the fiels and folders in the /A12Core directory?
Note that I'm running the docker build from windows 7. My docker version is 18.03.0-ce.
Your directory does not have execute permission:
drw-r--r-- 3 solr solr 4096 Aug 31 14:21 conf
Without that, you cannot cd into the directory according to Linux filesystem permissions. You can fix that in your host with a chmod:
chmod +x conf
If you perform this command inside your Dockerfile (with a RUN line), it will result in any modified file being copied to a new layer, so if you run this recursively, it could double the size of your image, hence the suggestion to fix it on your build host if possible.
I had another answer here, which was wrong (but still solved your problem :), but now I see the typo in your Dockerfile. Let's take a look at this line.
COPY --chown=solr:solr ./services-core/search/A12Core /A12Core/
The COPY command checks if the target path in the container exists. If not, it creates it, before copying.
It takes A12Core from ./services-core/search.
Then it checks if path /A12Core exists.
Obviously, it does not. So, the command creates it with permissions root:root.
Lastly, it copies contents of A12Core to newly created A12Core.
In the end your have everything in /A12Core, but it belongs to root and you can't access it.
Since solr docker image already sets USER solr, the way to go would be
RUN mkdir /A12Core
COPY ./services-core/search/A12Core /A12Core
As the docs say
The USER instruction sets the user name ... the user group ... for any RUN, CMD and ENTRYPOINT instructions that follow it in the Dockerfile.

CentOS 7 Symfony 2 Unable to create the cache directory Issue [duplicate]

I've downloaded 2.0.4... I can't get pass the "can't create cache directory" cause of permissions problem...
I've tried chmod 777 -R symfony
-- to all folders, still can't create cache dir
I've tried setfacl but it says unrecognized -m option....
My system does not support chmod +a
I've done chown -R myuser:apache symfony
-- still nothing
I've tried umask(0000) and umask(0002) in console.php/app_dev.php/app.php
-- still nothing
When I refresh the page to http://localhost/symfony/web/app_dev.php, I get a SElinux alert... is this causing something? I'm not sure... all symfony content is word writable.
I'm not sure if it's me... but it's driving me nuts, maybe I just should stop using symfony2.
I'm using Fedora 13.
It seems that you will need to switch SELinux to Permissive state. You can do so executing as root user:
setenforce 0
PHP's umask may have no effect when default apache umask is different.
Originally I used to use setfact, but this adds overhead for deployment.
What worked for me on ubuntu servers is:
Set default apache umask.
Edit /etc/apache2/envvars and add this line in the end of file:
umask 0002
Reload apache service
Add your deploy user to www-data group, add www-data to your deploy user group.
adduser www-data `whoami`
adduser `whoami` www-data
Logout or restart server for this to take effect.
Remove app/cache, app/logs dirs
Try to load page in browser, notice how app/cache dir is created by www-data user and has write group permission. Try to clear cache in console and verify that no errors occurred.
Remove app/cache, app/logs dirs
Run cache:clear, notice how app/cache dir is created by user deploy user and has write group permission. Try to load page in browser, and verify that no errors occurred.
Now you can forget about cache and logs permissions on this particular server for all subsequent projects.

Chmod in Shell Script does not work

i am running a small server using Ubuntu 12.04. I am logged in as a non-root user via SSH public key authentication. This server runs apache which is supposed to run a symfony2 website.
I want to write a shell script that ensures that every file and directory in my symfony2 app has the right owner and the right access rights. The script I use is this:
#!/bin/bash
chown -R www-data:www-data portal
chmod -R 755 portal
php portal/bin/console cache:clear --env=dev
php portal/bin/console cache:clear --env=prod
The script has been granted the exec right via chmod +x setup (setup is the name of the script)
I try to execute it as an root via ./setup.
There are no error messages displayed. But after running it the chown and chmod does not seem to work. the owner is still the same (root:root)
If I execute these commands manually in the console they work.
Why is this? What can I do to solve the problem?
Kind regards
Thomas

Cherokee: accessing uwsgi configuration file

I'm running into a permissions problem with Cherokee+uWSGI on Ubuntu Server 13.10 intended for a Django production environment. When I start uWSGI manually as root user prior to launching cherokee, everything goes smooth:
sudo uwsgi --ini /home/instytut21/instytut21l/instytut21/uwsgi.ini
But when I try to access the site through the server (running as www-data) without that, I keep getting a 503 Service Unavailable response and the following message in the logs:
sudo cat /var/log/cherokee/instytut21.error.log
realpath() of /home/instytut21/instytut21.pl/instytut21/uwsgi.ini failed:
[core/utils.c line 3574]
I've spent a good while trying to figure out what causes the problem. I've tried giving ownership to $USER:www-data and www-data:www-data with all kinds of file permissions ranging from 600 to 777.
I don't want to run the server as root for security reasons. How can I make the ini file accessible to cherokee?
I finally found a solution to a similar problem at www-data permissions? . I slightly modified it and solved my problem by executing the following commands.
Own the whole directory by me and group www-data:
sudo chown -R $USER:www-data /home/instytut21/instytut21.pl/
Grant all permissions to the group:
sudo chmod -R g+rwx /home/instytut21/instytut21.pl/
Ensure all uploaded filed get the same permissions:
sudo chmod -R g+s /home/instytut21/instytut21.pl/

Cache/Log permissions in Symfony2 on Amazon Linux AMI

I've set up Symfony2 on the AWS Linux AMI (a free tier micro instance) and set up PHP-FPM and nginx successfully.
My Symfony app works.. until I use the command line to clear the cache. When I do this the /app/logs and app/cache/ folder becomes owned by root and the app can no longer write to it.
I can manually chmod 777 / chown nginx:nginx these files after each cache clear, but there must be a better way?
I've tried using a bash function to su nginx; before it clears the cache, but that doesn't work.
Before cache folder before cache clear:
drwxrwxrwx 11 nginx nginx 4096 Nov 4 13:23 dev
drwxrwxrwx 10 nginx nginx 4096 Nov 4 20:39 prod
And after:
drwxrwxrwx 11 nginx nginx 4096 Nov 4 13:23 dev
drwxr-xr-x 10 root root 4096 Nov 4 20:39 prod
Is this something I can fix in the app, or is there a way of setting up the permissions so they don't become rooted?
Edit: I should also mention I tried:
sudo chmod +a "nginx allow delete,write,append,file_inherit,directory_inherit" app/cache app/logs
But the server doesn't recognise +a.
Also tried using:
setfacl -R -m u:nginx:rwx app/cache app/logs
Which doesn't error, but doesn't fix the issue.
sudo -u nginx php app/console cache:clear
Edit:
Can't accept this answer yet but this worked for me:
So I successfully enabled ACL on my mount following the guide here: http://blog.dsyph3r.com/2011/09/symfony2-using-setfacl-for-cache-and.html
For newbies like, me note the label of the drive is (somewhat strangely) "Label=/" in fstab.
Once that was done I used
setfacl -R -m u:nginx:rwx app/cache app/logs
setfacl -dR -m u:nginx:rwx app/cache app/logs
Now I can clear cache at will it seems.
Original (only use if you cannot or will not enabled ACL):
I followed a help page which got me to set umask(0000); in numerous places, namely the app/app*.phps and the app/console script. This seems to have worked, but I'm not sure of the implications.
Leaving question open for non-umask solutions. Looking into activating ACL on my mount, but new to that and it all seems.. strangely named.

Resources