Could not open file lol.json: Permission denied using Jq? - linux

I am facing some kind of permission issue here. I am able to read a file with cat, make changes to it using nano but for some reason, jq is having permission issues. Here is what I am facing:
msp#coolpad:~/projects/lol$ jq .name lol.json
jq: error: Could not open file lol.json: Permission denied
On checking permissions, this is what I get:
msp#coolpad:~/projects/lol$ ls -l
total 4
-rw-rw-r-- 1 msp msp 0 Sep 27 04:04 lol-domains.txt
-rwxrwxrwx 1 msp msp 593 Sep 27 04:38 lol.json
As you can see, I have tried giving it 777 permission, still it's showing Permission denied. I know this is not a good idea to set 777 permission and I fully intend to change it back to 664 once the issue is resolved. Anyhelp would be appriciated.
Update 1: I have tried re-installing jq from snap but still, it doesn't solve the problem.
Update 2: Output of cat lol.json
msp#coolpad:~$ cat lol.json
{"name":"lol"}
Update 3: Output of echo '{"name":"lol"}' | jq .name
msp#coolpad:~$ echo '{"name":"lol"}' | jq .name
"lol"
Update 4: One work-around that poped up in comments:
cat lol.json | jq .name

You installed jq through Ubuntu's snap. Uninstall it and re-install it through apt:
sudo snap remove jq
sudo apt install jq
Snap packages have "confinement" which is either "strict" or "classic". In this case jq was packaged as "strict" meaning it has its own /tmp/snap.jq/ directory and cannot read the system /tmp directory and a bunch of other directories. Packages that want to use "classic confinement" have to be manually approved by the people in charge of Snapcraft and you must pass --classic when installing them, like this: sudo snap install <package_name> --classic.
Just never install command line tools with snap, at least without --classic. This error is intended behavior and they're not going to change it.

Related

Laravel Permission denied error on Linux Server

I am facing a very strange error with my Laravel application on the production server (Linux). Whenever the users of my application login for the first time in morning, they get a permission denied error which read something like
file_put_contents(/var/www/html/PROJECT/storage/framework/cache/data/0c/e5/0ce52dca12715a327eb4c1b4bff36293ea67c719): Failed to open stream: No such file or directory
To overcome this, the first thing I have to do in the morning is to give permission to the entire project by
sudo chmod -R 777 PROJECT
And then it runs just fine.
This is slowly getting very annoying as it is happening every morning. Why are the permissions getting revoked automatically and is there a permanent solution for this?
Please help me and thank you all in advance
I think your application run some command also. That's why your storage permission is overrated by system user. (by which user cron execute).
The thing is, storage directory should have write access to both system user and webserver(apache/nginx)
BTW, Symfony framework has some nice solution for this kind of situation which also can be application in Laravel Application.
Please look at this:
https://symfony.com/doc/current/setup/file_permissions.html
In your case, this command would be like:
HTTPDUSER=$(ps axo user,comm | grep -E '[a]pache|[h]ttpd|[_]www|[w]ww-data|[n]ginx' | grep -v root | head -1 | cut -d\ -f1)
sudo setfacl -dR -m u:"$HTTPDUSER":rwX -m u:$(whoami):rwX /var/www/html/PROJECT/storage
sudo setfacl -R -m u:"$HTTPDUSER":rwX -m u:$(whoami):rwX /var/www/html/PROJECT/storage
You can also achieve above solution if you know know what is your webserver user.
sudo chown -R "$local_user":"$webserver_user" "/var/www/html/PROJECT/storage"
sudo chmod -R 0777 "/var/www/html/PROJECT/storage"
If my opinion, setfacl is better solution if you have setfacl installed in your server.
You can check if your webserver has enough permission to the directory instead of giving 777 to the project as this is your production environment which is not at all recommendable.
Also try php artisan cache:clear

tar creates 0-byte files and issues permission denied errors

I am working in a CentOS environment and am setting up perlbrew (App::perlbrew/0.87) locally. I've essentially been following the steps here. I have set up perlbrew similarly in the past and no issues, but now am having a strange problem. It is worth noting that I was able to set up perlbrew and install perl locally on the same machine, same environment, for a different user.
The problem is this, perlbrew is installed, but cannot install any version of perl because after downloading the dist it fails to extract the tar.gz.
Here is some information about the install. Perlbrew and cpanm seem to be in place and functioning fine.
-bash-4.1$ env | grep PERL
PERLBREW_SHELLRC_VERSION=0.87
PERLBREW_ROOT=/my/home/dir/perl5/perlbrew
PERLBREW_HOME=/my/home/dir/.perlbrew
-bash-4.1$ env | grep perl
OLDPWD=/my/home/dir/perl5/perlbrew
PERLBREW_ROOT=/my/home/dir/perl5/perlbrew
PATH=/my/home/dir/perl5/perlbrew/bin:/usr/local/bin:/bin:...
PWD=/my/home/dir/perl5/perlbrew/dists
PERLBREW_HOME=/my/home/dir/.perlbrew
-bash-4.1$ which perlbrew
~/perl5/perlbrew/bin/perlbrew
My .bash_profile contains only:
source ~/perl5/perlbrew/etc/bashrc
-bash-4.1$ perlbrew available
perl-5.31.6
perl-5.30.1
perl-5.28.2
perl-5.26.3
perl-5.24.4
...
However, when I try to install, I start getting errors from tar.
-bash-4.1$ perlbrew install perl-5.30.1
tar: perl-5.30.1/.dir-locals.el: Cannot close: Permission denied
tar: perl-5.30.1/.dir-locals.el: Cannot utime: Permission denied
tar: perl-5.30.1/.lgtm.yml: Cannot close: Permission denied
tar: perl-5.30.1/.lgtm.yml: Cannot utime: Permission denied
...
it goes on and on for every file.
I think the key output here is:
Failed to extract /my/home/dir/perl5/perlbrew/dists/perl-5.30.1.tar.gz at /my/home/dir/perl5/perlbrew/bin/perlbrew line 1631
If I navigate to where perlbrew downloads the dist and try to extract it manually, it fails.
-bash-4.1$ cd /my/home/dir/perl5/perlbrew/dists/
-bash-4.1$ ll
total 17308
drwxrwxrwx. 4 myUserID myGroup 11776 Dec 2 15:10 perl-5.30.1
-rwxrwxrwx. 1 myUserID myGroup 17712574 Nov 25 14:46 perl-5.30.1.tar.gz
-bash-4.1$ tar -xvf perl-5.30.1.tar.gz
perl-5.30.1/
perl-5.30.1/.dir-locals.el
tar: perl-5.30.1/.dir-locals.el: Cannot close: Permission denied
tar: perl-5.30.1/.dir-locals.el: Cannot utime: Permission denied
perl-5.30.1/.lgtm.yml
tar: perl-5.30.1/.lgtm.yml: Cannot close: Permission denied
tar: perl-5.30.1/.lgtm.yml: Cannot utime: Permission denied
perl-5.30.1/.metaconf-exclusions.txt
The perl-5.30.1 directory is created and files are made but they are not really extracted. It's just full of 0kb files where everything should be.
I've tested tar by creating tarballs from files I create and zipping and unzipping and whatnot, everything seems to work there fine. All the files are owned by my user/group, so I don't get why I can't extract this file.
Does anyone know what could be the cause of this behavior?
EDIT: This was actually done on a different machine configured the same way as it turns out!
I want to note again that I was able to successfully perform the install on a different user by the same method on the same machine and didn't run into this issue.
One user, #DavidMitchell commented about additional permissions shown by ls -lZ that might influence things. Note that I am using SGE on this machine and have to qlogin to process most tasks.
Before and after qlogins:
In the perl/dist folder before qlogin.
-bash-4.1$ ls -lZ
-rwxrwxrwx. myUser myGroup system_u:object_r:nfs_t:s0 perl-5.30.1.tar.gz
AFTER qlogin
-bash-4.2$ ls -lZ
-rwxrwxrwx myUser MyGroup ? perl-5.30.1.tar.gz
So there's a '?' there, so that's interesting. I checked on another machine and user with successful installation and it seems to show the same thing though, so maybe this isn't the issue. Will continue to look into it further, appreciate any further advice!

laravel centOS 7 chmod 755/775 permission denied"could not be opened: failed to open stream: Permission denied", only allows if I set to 777

I have linux:
Linux version 3.10.0-693.21.1.el7.x86_64
(builder#kbuilder.dev.centos.org) (gcc version 4.8.5 20150623 (Red Hat
4.8.5-16) (GCC) ) #1 SMP Wed Mar 7 19:03:37 UTC 2018
If I set the permission to 777 on storage, laravel works, but if I set it to 755 or 775 it says:
"The stream or file
"/home/admin/domains/linkshift.eu/public_html/storage/logs/laravel-2018-11-08.log"
could not be opened: failed to open stream: Permission denied"
I have tried searching for an answer, but nothing else worked, I have tried doing
Permissions Issue with Laravel on CentOS
but it still doesn't work
Edit: I also have direct admin installed
Look like the log file is generated using root user and you are running the laravel from a different user. Make sure the log file is written by same user. Or give permission to your user.
sudo chown -R laravel-user:laravel-user /path/to/your/laravel/root/directory
Run these commands after every deploy
chmod -R 775 storage/framework
chmod -R 775 storage/logs
chmod -R 775 bootstrap/cache
Still If not working, It can maybe also because of SELinux.
Check selinux status on terminal:
sestatus
If status is enabled, write command for disable SElinux (not recommended)
setenforce Permissive
or you can do like below.
yum install policycoreutils-python -y # might not be necessary, try the below first
semanage fcontext -a -t httpd_sys_rw_content_t "/path/to/your/laravel/root/directory/storage(/.*)?" # add a new httpd read write content to sellinux for the specific folder, -m for modify
semanage fcontext -a -t httpd_sys_rw_content_t "/path/to/your/laravel/root/directory/bootstrap/cache(/.*)?" # same as the above for b/cache
restorecon -Rv /var/www/html/ # this command is very important to, it's like a restart to apply the new rules
Selinux is intended to restrict access even to root users, so only the necessary stuff might be accessed, at least on a generalist overview, it's extra security, disabling it is not a good practise, there are many links to learn Selinux, but for this case it is not even required.
Could you show the result of
ls -l /home/admin/domains/linkshift.eu/public_html/storage/logs
and have you tried
php artisan config:cache
php artisan config:clear
composer dump-autoload -o

Less with Symfony and Assetic. Permissions for node_modules so I don't need sudo?

I am trying to get less installed properly to run with Symfony and Assetic. I have a permissions issue. This is on Ubuntu 12.04 LTS.
How do I set permissions so that I can run app/console assetic:dump without needing sudo?
I've installed less using
sudo npm install -g less
node_modules gets installed in /usr/lib/node_modules
user "nobody" is the owner of /usr/lib/node_modules/less
group is my user group.
I have set node, node_paths and apply_to in my config.yml.
It works fine from a browser in the Symfony dev environment. My less files are happily being compiled into css.
If I run app/console assetic:dump it says "Cannot find module 'less'". It took me a while to discover that it's a permissions problem. It works if I run sudo assetic:dump.
It seems wrong to run app/console with sudo. Do I need to change ownership of /usr/lib/node_modules? Everything seems to have world and group read access .
I don't understand how Apache manages to run it okay under www-data.
chown $(id -un):$(id -Gn | cut -d' ' -f1) /usr/lib/node_modules
with this you won't need to install using sudo ever again.
Explanation
id -un is the same as whoami it prints your username in the terminal
id -Gn print the groups you are in separated by spaces.
id -Gn | cut -d' ' -f1 -> this part takes the first group
chown [username]:[group] [filename] changes the owner of the file
So basically you change the owner from root user to yourself.
Downside and Workaround
Other users on your mac will not be able to modify this file since you own it.
But you can also let them by setting permissions for the group
chmod 775 /usr/lib/node_modules

Unable to start CouchDB

Just installed CouchDb using brew on mac mountain lion. Everything went well till I hit the following issue to start the server I do not know erlnag and could not analyze the dump file
`couchdb
Apache CouchDB 1.2.1 (LogLevel=info) is starting.
{"init terminating in do_boot",{{badmatch,{error,{bad_return,{{couch_app,start,[normal,["/usr/local/etc/couchdb/default.ini","/usr/local/etc/couchdb/local.ini"]]},{'EXIT',{{badmatch,{error,shutdown}},[{couch_server_sup,start_server,1,[{file,"couch_server_sup.erl"},{line,98}]},{application_master,start_it_old,4,[{file,"application_master.erl"},{line,274}]}]}}}}}},[{couch,start,0,[{file,"couch.erl"},{line,18}]},{init,start_it,1,[]},{init,start_em,1,[]}]}}
Crash dump was written to: erl_crash.dump
init terminating in do_boot ()`
Any help much appreciated.
I have left the configurations files as it is
Often this is due to incorrect permissions on various configuration files & directories. It can be caused by running as a sudo / root user for example.
You can try fixing this using the following, but you may need to either create/add yourself to a couchdb group, or use a different user:group combination.
sudo chown -R couchdb:couchdb /etc/couchdb /var/lib/couchdb /var/run/couchdb /var/log/couchdb
sudo chmod -R 770 /etc/couchdb /var/lib/couchdb /var/run/couchdb /var/log/couchdb
sudo find /etc/couchdb /var/lib/couchdb /var/run/couchdb /var/log/couchdb -type f | sudo xargs chmod 660
```
See the chmod section in http://wiki.apache.org/couchdb/Installing_on_OSX for more detail.
I've had this problem when attempting to load a configuration file that doesn't exist, I was starting CouchDB with the -a option to supply additional configuration, and if that file doesn't exist I get an error similar to the one reported:
$ couchdb -a /does/not/exist.ini
{"init terminating in do_boot",{{badmatch,{error,{bad_return,{{couch_app,start,[normal,["/usr/local/etc/couchdb/default.ini","/usr/local/etc/couchdb/local.ini"]]},{'EXIT',{{badmatch,{error,{error,enoent}}},[{couch_server_sup,start_server,1,[{file,"couch_server_sup.erl"},{line,56}]},{application_master,start_it_old,4,[{file,"application_master.erl"},{line,269}]}]}}}}}},[{couch,start,0,[{file,"couch.erl"},{line,18}]},{init,start_it,1,[]},{init,start_em,1,[]}]}}
sudo apt-get install libicu-dev
Provide Proper permissions

Resources