After composer install symfony cache:clear, I lose permission in app/cache directory and I must execute chmod 777 command again.
This should be connected with ownership of that directory or?
The problem here is, that executing composer with your current user lets Symfony create cache-files with your user and not the www-data user (or whatever user for your webserver is configured).
Try running composer install / bin/console with your webserver's user, eg. sudo -u www-data bin/console cache:clear / sudo -u www-data composer install.
Regards
tried to look on the side of ACL ubuntu
HTTPDUSER=`ps axo user,comm | grep -E '[a]pache|[h]ttpd|[_]www|[w]ww-data|[n]ginx' | grep -v root | head -1 | cut -d\ -f1`
sudo setfacl -R -m u:"$HTTPDUSER":rwX -m u:`whoami`:rwX app/cache
sudo setfacl -dR -m u:"$HTTPDUSER":rwX -m u:`whoami`:rwX app/cache
In setfacl command add more "-m" option with users needed
You can found more exemple in documentation
http://symfony.com/doc/current/book/installation.html#checking-symfony-application-configuration-and-setup
Related
There are a few posts on how to use Docker + SSH. There are also posts on how to edit files mounted in a docker container, such that editing them won't cause the permissions to become root.
I'm trying to combine the 2 things, so I can SSH into a docker container and edit files without messing up their permissions.
For, using the correct file permissions, I use:
- /etc/passwd:/etc/passwd:ro
- /etc/group:/etc/group:ro
in my docker-compose.yml and
docker compose -f commands/dev/docker-compose.yml run \
--service-ports \
--user $(id -u) \
develop \
bash
so that when I start the docker container, my user is the same user as my local computer.
However, this breaks up my SSH setup inside the Docker container:
useradd -rm -d /home/ubuntu -s /bin/bash -g root -G sudo ubuntu
echo 'ubuntu:ubuntu' | chpasswd
# passwd -d ubuntu
apt install -y --no-install-recommends openssh-server vim-tiny sudo
# See: https://stackoverflow.com/questions/22886470/start-sshd-automatically-with-docker-container
sed 's#session\s*required\s*pam_loginuid.so#session optional pam_loginuid.so#g' -i /etc/pam.d/sshd
mkdir /var/run/sshd
bash -c 'install -m755 <(printf "#!/bin/sh\nexit 0") /usr/sbin/policy-rc.d'
ex +'%s/^#\zeListenAddress/\1/g' -scwq /etc/ssh/sshd_config
ex +'%s/^#\zeHostKey .*ssh_host_.*_key/\1/g' -scwq /etc/ssh/sshd_config
RUNLEVEL=1 dpkg-reconfigure openssh-server
ssh-keygen -A -v
update-rc.d ssh defaults
# Configure sudo
ex +"%s/^%sudo.*$/%sudo ALL=(ALL:ALL) NOPASSWD:ALL/g" -scwq! /etc/sudoers
Here I'm creating a user called ubuntu with password ubuntu for SSH-ing. This lets me SSH in ubuntu#localhost using the password ubuntu.
The issue is that by mounting the /etc/passwd file into my container, I erase the ubuntu user inside the container. This means when I try to ssh in with ssh -p 9002 ubuntu#localhost, the authentication fails (9002 is what I bind port 22 in the container to on the host).
Does anyone have a solution?
Here's a first pass answer.
I can use:
useradd -rm -d /home/yourusername -s /bin/bash -g root -G sudo yourusername
instead of
useradd -rm -d /home/ubuntu -s /bin/bash -g root -G sudo ubuntu
echo 'ubuntu:ubuntu' | chpasswd
then, I:
Run the ssh server in the container with:
su root
/usr/sbin/sshd -D -o ListenAddress=0.0.0.0 -o PermitRootLogin=yes
I can ssh into the container as root (using the root password "root", which I set with RUN echo 'root:root' | chpasswd in the Dockerfile).
Then, I can do su yourusername, to switch my user.
While this works, it is pretty annoying since I need to bake the user name into the Docker container.
I want to create a cloud9 automated setup script for an application, which uses couchdb for database. Part of the script, is the setup of the application database, which needs couchdb running, in order to function properly.
The problem is that the only available solution about couchdb on cloud9 helps you instantiate couchdb as a foreground procedure. So if you want to test the correctness of the instantiation, or execute any other command you need to open a second terminal tab as documented in the above solution, but this is not functional in my case.
So how do I make couchdb run in the background?
Ok CouchDB can be executed in the background on Cloud9, if you pass the parameter -b to the executable, or by reconfiguring the executable to run in the background by default. But if you try to run couchdb like this, you will run into unexisting log files and permission errors when couchdb tries to create them.
So following the bellow steps will get couchdb up and running smoothly.
1. Create log files (and give proper permissions to couchdb user)
sudo su couchdb -c 'touch /var/log/couchdb/couchdb.stdout'
sudo su couchdb -c 'touch /var/log/couchdb/couchdb.stderr'
sudo chown couchdb: /var/log/couchdb
sudo chmod u+w /var/log/couchdb
2. Create CouchDB pid storage dir
sudo mkdir -p /var/run/couchdb
sudo chown couchdb:couchdb /var/run/couchdb
3.Reconfigure Executable
sudo nano /usr/bin/couchdb
Change STDERR_FILE:couchdb.stderr with STDERR_FILE:/var/log/couchdb/couchdb.stderr
And STDERR_FILE:couchdb.stdout with STDERR_FILE:/var/log/couchdb/couchdb.stdout
4.Run in background
sudo su couchdb -c '/usr/bin/couchdb -b'
5.Test
curl http://127.0.0.1:5984
+Bonus1
If you want to run CouchDB on the background, without the -b parameter, like this: sudo su couchdb -c /usr/bin/couchdb then in step 3, when reconfiguring the couchdb executable, you should also change BACKGROUND=false with BACKGROUND=true
+Bonus2
bash script version: Create a .sh file, add the following commands and run it on cloud9 workspace to properly set up couchdb for background execution. After executing the script start CouchDB with sudo su couchdb -c /usr/bin/couchdb.
sudo su couchdb -c 'touch /var/log/couchdb/couchdb.stdout'
sudo su couchdb -c 'touch /var/log/couchdb/couchdb.stderr'
sudo chown couchdb: /var/log/couchdb
sudo chmod u+w /var/log/couchdb
sudo mkdir -p /var/run/couchdb
sudo chown couchdb:couchdb /var/run/couchdb
sudo sed -i 's_couchdb.stderr_/var/log/couchdb/couchdb.stderr_g' /usr/bin/couchdb
sudo sed -i 's_couchdb.stdout_/var/log/couchdb/couchdb.stdout_g' /usr/bin/couchdb
sudo sed -i 's_BACKGROUND=false_BACKGROUND=true_g' /usr/bin/couchdb
Hi I added a user using useradd command so that he have no home directory:
useradd -M -u 1110 brinst
Then I wanted too add a home directory for the same user using usermod but that didn't work out:
usermod -m -d /home/lagha brinst
usermod: no changes
How can I create a home directory with all it's folders and hidden files for this user when he doesn't have an old one? - that seems to be easy but somehow it's not working.
mkdir /home/brinst
usermod -d /home/brinst brinst
More cleaner way:
mkhomedir_helper brinst
create user with command like
sudo useradd my-new-user -m -d /home/my-new-user
I am trying to follow this documentation and install docker machine on my EC2 instance. However, the curl command:
curl -L https://github.com/docker/machine/releases/download/v0.8.2/docker-machine-`uname -s`-`uname -m` >/usr/local/bin/docker-machine
quits with the error:
-bash: /usr/local/bin/docker-machine: Permission denied
I tried to curl into the home directory, hoping that it would change the permissions on the directory and then copy it to destination, but it didn't work.
How can I by-pass this? Clearly, the ec2-user is lacking the root privileges on some directories.
-v When given the -v (validate) option, sudo will update the user's cached credentials, authenticating the user's password if necessary.
For the sudoers plugin, this extends the sudo timeout for another 5
minutes (or whatever the timeout is set to by the security policy) but
does not run a command. Not all security policies support cached
credentials.
ec2-user is in sudoers list by default.
[ec2-user ~]$ sudo -v
[ec2-user ~]$
Try this:
sudo bash -c "curl -L https://github.com/docker/machine/releases/download/v0.8.2/docker-machine-`uname -s`-`uname -m` >/usr/local/bin/docker-machine"
If you want to make the saved file an executable for all:
sudo chmod a+x /usr/local/bin/docker-machine
I have a .sh file (lets say adduser.sh) that is executed via a cronjob that contains the commands to create an FTP user.
The adduser.sh file looks like so...
#!/bin/bash
mkdir /var/www/vhosts/domain/path;
useradd -d /var/www/vhosts/domain/path -ou <uid> -g <group> -s /bin/false <username>;
echo <password> | passwd <username> --stdin;
Now here is my problem. If I run it directly through SSH using...
sh adduser.sh
...no problems and it works as intended.
But if I let the cronjob run it the directory is created but the user is not added.
What gives?
As it stands, there is an alternative to useradd known as adduser. In Debian or Ubuntu, adduser is a perl script and performs sequential functions like create the user using adduser, assign it to a group, create home directory etc.
As per adduser man page-
adduser and addgroup are friendlier front ends to the low level tools
like useradd, groupadd and usermod programs, by default choosing
Debian policy conformant UID and GID values, creating a home directory
with skeletal configuration, running a custom script, and other
features.
In Fedora, RedHat, and CentOS, adduser is just a symbolic link to useradd.
[root#hobbit ~]# which /usr/sbin/adduser
lrwxrwxrwx 1 root root 7 2012-09-20 20:20 /usr/sbin/adduser -> useradd
If you are on any on the above OS then you can try adduser redirect 2> to a add_user.log file and check the file to see if something goes wrong.
I have resolved this simply adding /usr/bin/ to the useradd function.
#!/bin/bash
mkdir /var/www/vhosts/domain/path;
/usr/bin/useradd -d /var/www/vhosts/domain/path -ou <uid> -g <group> -s /bin/false <username>;
echo <password> | passwd <username> --stdin;
Thanks everyone for helping me get on the right track. Hope this helps someone out there.