Hi,
today I recognized that I'm not able to remove a directory from the media database. It was actually created with the managing tool so the userid/groupid should be ok. But when trying to remove it an error is given that there is no write access to that directory.
I checked this it, the properties of that directory is '777'.
Regards, Thomas
P.S.: Is it a good idea to implement the CVS tree into a live site?
Cannot remove directory from media database
-
garvinhicking
- Core Developer
- Posts: 30022
- Joined: Tue Sep 16, 2003 9:45 pm
- Location: Cologne, Germany
- Contact:
Re: Cannot remove directory from media database
Hi Thomas!
Can you give some more information? What is the exact path location? Does it contain subdirectories? Is it below the root of the upload folder, or within other subfolders? Are there any files in the directory? Did you check the permissions of those files?
Does your server have safe_mode on? CGI or Module PHP?
About the CVS tree - this is usually no problem, because no sensitive data is contained therein...
Can you give some more information? What is the exact path location? Does it contain subdirectories? Is it below the root of the upload folder, or within other subfolders? Are there any files in the directory? Did you check the permissions of those files?
Does your server have safe_mode on? CGI or Module PHP?
About the CVS tree - this is usually no problem, because no sensitive data is contained therein...
# Garvin Hicking (s9y Developer)
# Did I help you? Consider making me happy: http://wishes.garv.in/
# or use my PayPal account "paypal {at} supergarv (dot) de"
# My "other" hobby: http://flickr.garv.in/
# Did I help you? Consider making me happy: http://wishes.garv.in/
# or use my PayPal account "paypal {at} supergarv (dot) de"
# My "other" hobby: http://flickr.garv.in/
Hi,
The directory I'm speaking about has the name '0904' (without quotes). The absolute path information is /home/www/web106/html/uploads/0904/ and does not contain any subdirectory or image in it.
The permission of the directory '0904' is 777. safe_mode is set to off. The owner is the user under which the webserver runs (wwwrun/www). Because my user is something else I'm not even able to remove it via FTP nor via my Confixx panel (which executes the scripts under my userid/groupid).
HTH, regards, Thomas
/home/www/web106/html/ is the path to the website directory. s9y is installed in the root directory (in Apache terms DOCUMENT_ROOT for my domain). So the uploads directory is /home/www/web106/html/uploads/.What is the exact path location?
The directory I'm speaking about has the name '0904' (without quotes). The absolute path information is /home/www/web106/html/uploads/0904/ and does not contain any subdirectory or image in it.
The permission of the directory '0904' is 777. safe_mode is set to off. The owner is the user under which the webserver runs (wwwrun/www). Because my user is something else I'm not even able to remove it via FTP nor via my Confixx panel (which executes the scripts under my userid/groupid).
HTH, regards, Thomas
-
garvinhicking
- Core Developer
- Posts: 30022
- Joined: Tue Sep 16, 2003 9:45 pm
- Location: Cologne, Germany
- Contact:
Well, there seems to be something quite wrong - because if the permissions are '777', *Every* user would be able to delete that file.
Including your FTP user. So I suppose there are some files left in the directory? Did you check for hidden files, beginning with '.'?
Regards,
Garvin.
Including your FTP user. So I suppose there are some files left in the directory? Did you check for hidden files, beginning with '.'?
Regards,
Garvin.
# Garvin Hicking (s9y Developer)
# Did I help you? Consider making me happy: http://wishes.garv.in/
# or use my PayPal account "paypal {at} supergarv (dot) de"
# My "other" hobby: http://flickr.garv.in/
# Did I help you? Consider making me happy: http://wishes.garv.in/
# or use my PayPal account "paypal {at} supergarv (dot) de"
# My "other" hobby: http://flickr.garv.in/
Well, the owner of the directory (not file) is the wwwrun user under which the webserver runs. The FTP user differs in that case and is my own user and so is not able to delete the directory because he's not the owner.
So a script running started through the usual browser should be able to delete the directory - which is not the case here within s9y.
I checked the directory with a ftp client. Actually there's no file inside the directory, even no '.*' file (except if there's something else created by s9y created with a starting '.').
In the media db administration I could also mark to delete files outside the dir which means in my understanding that the script tries to remove the dir recursivly.
Regards, Thomas
So a script running started through the usual browser should be able to delete the directory - which is not the case here within s9y.
I checked the directory with a ftp client. Actually there's no file inside the directory, even no '.*' file (except if there's something else created by s9y created with a starting '.').
In the media db administration I could also mark to delete files outside the dir which means in my understanding that the script tries to remove the dir recursivly.
Regards, Thomas
-
garvinhicking
- Core Developer
- Posts: 30022
- Joined: Tue Sep 16, 2003 9:45 pm
- Location: Cologne, Germany
- Contact:
Hi Thomas!
For security reasons, s9y does not offer a recursive deletion; the checkbox only tells that if you uploaded files via FTP, s9y tries to delete them as well.
So, to get it all together:
/home/www/web106/html/uploads/0904/ is the directory you want to remove. There are no files and no subdirectories for that. The 0904 directory is 777. This should mean, that *any* user is allowed to remove the directory and files therein, no matter if its owned by nobody, wwwrun or ftponly...
Regards,
Garvin.
For security reasons, s9y does not offer a recursive deletion; the checkbox only tells that if you uploaded files via FTP, s9y tries to delete them as well.
So, to get it all together:
/home/www/web106/html/uploads/0904/ is the directory you want to remove. There are no files and no subdirectories for that. The 0904 directory is 777. This should mean, that *any* user is allowed to remove the directory and files therein, no matter if its owned by nobody, wwwrun or ftponly...
Regards,
Garvin.
# Garvin Hicking (s9y Developer)
# Did I help you? Consider making me happy: http://wishes.garv.in/
# or use my PayPal account "paypal {at} supergarv (dot) de"
# My "other" hobby: http://flickr.garv.in/
# Did I help you? Consider making me happy: http://wishes.garv.in/
# or use my PayPal account "paypal {at} supergarv (dot) de"
# My "other" hobby: http://flickr.garv.in/
Hi,
sorry, but if you're not an owner of a directory you're not allowed to remove it as any other user except root. Another exception might be that if you're sitting in front of a console or are logged in via telnet.
I do not have the possibiliy, I only can use the Confixx panel or FTP. And possibly some scripts which finally run again under the apache's user.
Actually I created a file to remove the file with following code:
And the directory was removed.
Regards, Thomas
sorry, but if you're not an owner of a directory you're not allowed to remove it as any other user except root. Another exception might be that if you're sitting in front of a console or are logged in via telnet.
I do not have the possibiliy, I only can use the Confixx panel or FTP. And possibly some scripts which finally run again under the apache's user.
Actually I created a file to remove the file with following code:
Code: Select all
<?php
$dir = 'uploads/0904';
if ( rmdir ( $dir ) ) {
echo "Success<br />\n";
} else {
echo "Error!<br />\n";
}
?>Regards, Thomas
Hi,
had some time and investigated the code.
Truly the error is in the file serendipty_admin_images.inc.php.
Take a look at line 196-213:
In line 198 you're testing if $newdir is a directory. In line 199 you're testing if $serendipity['serendipityPath'] is writeable. And if not you're generating an error saying that $newdir is not writeable. This doesn't make sense actually.
$newdir is a combination of $serendipity['serendipityPath'] + $serendipity['uploadPath'] + $serendipity['POST']['newDirectoryName'];
I'd rather suggest to test $serendipity['serendipityPath'] + $serendipity['uploadPath'] if it is writeable since the upper directory should be writeable to the user as well if he wants to remove a subdirectory.
So the change could be (in line 199):
For the media database is doesn't matter if the serendipityPath is writeable or not.
This are just my 5 Eurocents for this problem. I hope someone is watching that too.
Regards, Thomas
Edited 2 minutes afterwards
it is enough when changing $serendipity['serendipityPath'] to $serendipity['uploadPath'].
Tried that and it worked as well.
P.S.: You guys must have either a really huge practise writing the word 'serendipity' or you're all men of steel ...
had some time and investigated the code.
Truly the error is in the file serendipty_admin_images.inc.php.
Take a look at line 196-213:
Code: Select all
case 'delete':
$path = $serendipity['serendipityPath'] . $new_dir;
if (is_dir($path)) {
if (!is_writable($serendipity['serendipityPath'])) {
printf(DIRECTORY_WRITE_ERROR, $new_dir);
} else {
// Directory exists and is writable. Now dive within subdirectories and kill 'em all.
serendipity_killPath(
$serendipity['serendipityPath'] . $serendipity['uploadPath'],
$serendipity['POST']['newDirectoryName'],
(isset($serendipity['POST']['forceDelete']) ? true : false)
);
}
} else {
printf(ERROR_NO_DIRECTORY, $new_dir);
}
echo '<br /><hr />';
break;$newdir is a combination of $serendipity['serendipityPath'] + $serendipity['uploadPath'] + $serendipity['POST']['newDirectoryName'];
I'd rather suggest to test $serendipity['serendipityPath'] + $serendipity['uploadPath'] if it is writeable since the upper directory should be writeable to the user as well if he wants to remove a subdirectory.
So the change could be (in line 199):
Code: Select all
if (!is_writable($serendipity['serendipityPath'].$serendipity['uploadPath'])) {This are just my 5 Eurocents for this problem. I hope someone is watching that too.
Regards, Thomas
Edited 2 minutes afterwards
it is enough when changing $serendipity['serendipityPath'] to $serendipity['uploadPath'].
Tried that and it worked as well.
P.S.: You guys must have either a really huge practise writing the word 'serendipity' or you're all men of steel ...
-
garvinhicking
- Core Developer
- Posts: 30022
- Joined: Tue Sep 16, 2003 9:45 pm
- Location: Cologne, Germany
- Contact:
Hi Thomas!
Thanks a lot for looking so deeply into that! I have committed your changes to our CVS, and of course your changes were right. Sorry for not spotting the real problem earlier!
Best regards,
A Man Of Steel.
Thanks a lot for looking so deeply into that! I have committed your changes to our CVS, and of course your changes were right. Sorry for not spotting the real problem earlier!
Best regards,
A Man Of Steel.
# Garvin Hicking (s9y Developer)
# Did I help you? Consider making me happy: http://wishes.garv.in/
# or use my PayPal account "paypal {at} supergarv (dot) de"
# My "other" hobby: http://flickr.garv.in/
# Did I help you? Consider making me happy: http://wishes.garv.in/
# or use my PayPal account "paypal {at} supergarv (dot) de"
# My "other" hobby: http://flickr.garv.in/