Post install permissions on webroot

Having trouble installing serendipity?
Post Reply
chintan
Regular
Posts: 7
Joined: Fri Apr 02, 2010 10:10 pm

Post install permissions on webroot

Post by chintan »

Hello,
I installed serendipity in my root directory (httpdocs/).
Pre installation I did the following with permissions as root user:
1) chmod 777 httpdocs
2) chmod 777 templates_c
3) chmod 777 uploads

Post install I did the following again with root user:
1) chmod 755 httpdocs

Now after that I just went in to the admin panel to change the permalinks and I keep getting this error

Attempting to write /var/www/vhosts/xxxxx.com/httpdocs/.htaccess file...
Warning: fclose(): supplied argument is not a valid stream resource in /var/www/vhosts/xxxxx.com/httpdocs/include/functions_installer.inc.php on line 822
Done

Also any other settings I change and save are reverted to the old default settings during installation.

So basically I cannot change any settings from administration panel without setting the permissions for httpdocs back to 777. I do not want to leave the httpdocs world writeable to 777.. is this required to be able to make any changes through the serendipity admin panel?

Thanks

-Chintan

p.s. I am using a sqlite DB which is also writeable by apache
chintan
Regular
Posts: 7
Joined: Fri Apr 02, 2010 10:10 pm

Re: Post install permissions on webroot

Post by chintan »

I did some more digging and it occurs to me that this is a DB r/w problem. I went through the installation again except for this time I picked MySQL as the database instead of SQLite and post-installation when I reverted the httpdocs permissions to 755, everything seemed to work as intended.

So the question really is what and where should I place serendipity.db sqlite DB for an SQLite installation so that apache could write to it? Simply setting the permission to the SQLite serendipity.db to 777 in the httpdocs directory did not do it, I had to set the httpdocs directory to 777 for apache to be able to write to the SQLite DB. Please help or point to instructions for an SQLite DB - serendipity install..
garvinhicking
Core Developer
Posts: 30022
Joined: Tue Sep 16, 2003 9:45 pm
Location: Cologne, Germany
Contact:

Re: Post install permissions on webroot

Post by garvinhicking »

Hi!

Post-.install s9y needs to have write privileges to

file .htaccess
file serendipity_config_local.inc.php
(possible the sqlite file)
directory templates_c/
(directories plugins/ and templates/if you plan to use Spartacus automatic plugin/theme download)

On your installation I suppose the write privileges for the .db file were revoked. The directory itself would not need full write privileges, as long as the files therein are still accessible...

HTH,
Garvin
# Garvin Hicking (s9y Developer)
# Did I help you? Consider making me happy: http://wishes.garv.in/
# or use my PayPal account "paypal {at} supergarv (dot) de"
# My "other" hobby: http://flickr.garv.in/
chintan
Regular
Posts: 7
Joined: Fri Apr 02, 2010 10:10 pm

Re: Post install permissions on webroot

Post by chintan »

Below are the permissions of the installation directory, I believe they are correct. I still cannot write to the sqlite DB and none of my settings in the admin panel get saved..
I also keep getting this error while trying to save settings in admin panel

"Attempting to write /var/www/vhosts/xxxxx.com/httpdocs/serendipity/.htaccess file...
Warning: fclose(): supplied argument is not a valid stream resource in /var/www/vhosts/xxxx.com/httpdocs/serendipity/include/functions_installer.inc.php on line 822
Done"

drwxr-xr-x 14 app3admin psacln 4096 Apr 2 16:53 .
drwxr-xr-x 10 app3admin root 4096 Apr 1 16:44 ..
drwxrwxrwx 2 apache apache 4096 Apr 1 16:57 archives
drwxr-xr-x 11 app3admin psacln 4096 Apr 1 16:44 bundled-libs
-rw-r--r-- 1 app3admin psacln 251442 Apr 1 16:44 checksums.inc.php
-rw-r--r-- 1 app3admin psacln 9520 Apr 1 16:44 comment.php
drwxr-xr-x 5 app3admin psacln 4096 Apr 1 16:45 deployment
drwxr-xr-x 2 app3admin psacln 4096 Apr 1 16:45 docs
-rw-r--r-- 1 app3admin psacln 1571 Apr 1 16:44 exit.php
-rwxrwxrwx 1 apache apache 343 Apr 2 16:58 .htaccess
drwxr-xr-x 10 app3admin psacln 4096 Apr 1 16:47 htmlarea
drwxr-xr-x 5 app3admin psacln 4096 Apr 1 16:47 include
-rw-r--r-- 1 app3admin psacln 25110 Apr 1 16:45 index.php
drwxr-xr-x 3 app3admin psacln 4096 Apr 1 16:47 lang
drwxr-xr-x 32 app3admin psacln 4096 Apr 1 16:49 plugins
-rw-r--r-- 1 app3admin psacln 10428 Apr 1 16:45 rss.php
-rw-r--r-- 1 app3admin psacln 12730 Apr 1 16:50 serendipity_admin_image_selector.php
-rw-r--r-- 1 app3admin psacln 24276 Apr 1 16:49 serendipity_admin.php
-rw-r--r-- 1 app3admin psacln 15149 Apr 1 16:50 serendipity_config.inc.php
-rwxrwxrwx 1 apache apache 646 Apr 1 17:07 serendipity_config_local.inc.php
-rw-r--r-- 1 app3admin psacln 2499 Apr 1 16:49 serendipity.css.php
-rwxrwxrwx 1 apache apache 129024 Apr 2 16:53 serendipity.db
-rw-r--r-- 1 app3admin psacln 526 Apr 1 16:50 serendipity_define.js.php
-rw-r--r-- 1 app3admin psacln 15068 Apr 1 16:50 serendipity_editor.js
-rw-r--r-- 1 app3admin psacln 448 Apr 1 16:50 serendipity_xmlrpc.php
drwxr-xr-x 2 app3admin psacln 4096 Apr 1 16:50 sql
drwxr-xr-x 26 app3admin psacln 4096 Apr 1 16:51 templates
drwxrwxrwx 2 app3admin psacln 4096 Apr 1 17:16 templates_c
drwxrwxrwx 2 app3admin psacln 4096 Apr 1 16:51 uploads
-rw-r--r-- 1 app3admin psacln 1469 Apr 1 16:50 wfwcomment.php
chintan
Regular
Posts: 7
Joined: Fri Apr 02, 2010 10:10 pm

Re: Post install permissions on webroot

Post by chintan »

I think I figured it out after a lot of googl-ing..
If you are doing an sqlite install then the directory where the sqlite DB resides needs to be writeable by apache.

http://www.mail-archive.com/sqlite-user ... 12037.html

By default the sqlite db (serendipity.db if you do a default install) resides in the webroot directory during installation.. you can specify a different directory during install (something like DB/serendipity.db) where the database gets created. Once done, you can set the permissions on the "DB" directory to "757" and the serendipity.db or another sqlite file to "644" (given that apache / webserver is the owner of the file).

I am not sure if there is any documentation for a serendipity Sqlite install but if not then it possibly needs to updated..
garvinhicking
Core Developer
Posts: 30022
Joined: Tue Sep 16, 2003 9:45 pm
Location: Cologne, Germany
Contact:

Re: Post install permissions on webroot

Post by garvinhicking »

Hi!

The path entered in the s9y configuration, is it exactly /var/www/vhosts/xxxxx.com/httpdocs/serendipity ? It could be that you accidentally changed the directory and now its trying to write to something other than that current directory?

The "serendipity.db" file though strikes me as odd. Usually serendipity uses a hash to protect the databasename, like "serendipity2908gd09f8344802933.db" - it should never only be called "serendipity.db" - did you manually change anything there?

Regards,
Garvin
# Garvin Hicking (s9y Developer)
# Did I help you? Consider making me happy: http://wishes.garv.in/
# or use my PayPal account "paypal {at} supergarv (dot) de"
# My "other" hobby: http://flickr.garv.in/
chintan
Regular
Posts: 7
Joined: Fri Apr 02, 2010 10:10 pm

Re: Post install permissions on webroot

Post by chintan »

the path entered in the s9y config is "DB/serendipity"(relative to the webroot). Then I had to give write priviledges to /DB after I removed the write permissions from webroot post install, for s9y to be able to write to DB.

The default install created a "serendipity.db" without a hash in webroot. The appended hash I believe would just create a "security by obscurity" measure to prevent a hacker from guessing the DB name? are there any other reasons behind using this hash? I did not change anything in the default install and am using s9y v 1.5.2 .. I believe the htaccess file prevents the user from downloading the DB, are there any other security settings that need to be tweaked to work with an sqlite install?
garvinhicking
Core Developer
Posts: 30022
Joined: Tue Sep 16, 2003 9:45 pm
Location: Cologne, Germany
Contact:

Re: Post install permissions on webroot

Post by garvinhicking »

Hi!

Usually the serendipityPath must be a FULL path to the site, including the document-root. Only serendipityHTTPPath should contain a path relative to something...
The default install created a "serendipity.db" without a hash in webroot. The appended hash I believe would just create a "security by obscurity" measure to prevent a hacker from guessing the DB name? are there any other reasons behind using this hash? I did not change anything in the default install and am using s9y v 1.5.2 .. I believe the htaccess file prevents the user from downloading the DB, are there any other security settings that need to be tweaked to work with an sqlite install?
It's not really "by obscurity", since the hash effectively is as secure as a password. I'll have a look at how the hash could be missing from the installation, but if you are using apache the htaccess password does indeed protect you -- but there are servers that don't support that, thus the extra layer of hashing.

Best regards,
Garvin
# Garvin Hicking (s9y Developer)
# Did I help you? Consider making me happy: http://wishes.garv.in/
# or use my PayPal account "paypal {at} supergarv (dot) de"
# My "other" hobby: http://flickr.garv.in/
chintan
Regular
Posts: 7
Joined: Fri Apr 02, 2010 10:10 pm

Re: Post install permissions on webroot

Post by chintan »

Thanks Garvin.. you've been a lot of help..
-Chintan
Post Reply