[CWB] File access permission check failed

mansur 6688000 at gmail.com
Sat Jan 26 14:32:41 CET 2019 

Hi, Chao!

Great! Make sure you don't leave SELinux disabled, it is a bad solution.
Something like this should help you to configure SELinux properly:
1) Add rule for that directory:
semanage fcontext -a -t httpd_sys_rw_content_t "/opt/CQPData(/.*)?"
2) Apply that rule:
restorecon -R -v /opt/CQPData

If you don't have semanage installed, then:
yum install -y policycoreutils-python

With best wishes,
Mansur


Am Sa., 26. Jan. 2019 um 16:11 Uhr schrieb Chao Sun <chao.sun at sydney.edu.au
>:

> Hi Mansur,
>
> Thank you very much, you are a gem!
>
> This is exactly the case and I didn’t realise there’s such thing exist in
> RH enterprise (used Ubuntu/Arch in the past).
>
> I have temporarily disabled SELinux and all problem solved. Upload area is
> viewable and upload seems to be fine.
>
> Can’t believe how much time I wasted on this issue. If you didn’t point it
> out I might get stuck there forever.
>
> Best Regards,
> Chao
>
> *Dr CHAO SUN *| Data Scientist
> Faculty of Arts and Social Sciences | *The University of Sydney*
> Rm N302 off Lobby J, Quadrangle A14 | The University of Sydney | NSW | 2006
> *T* +61 2 9351 4240  | *F* +61 2 9351 5333
> *E* chao.sun at sydney.edu.au | *W* sydney.edu.au
> CRICOS 00026A
>
> On 26 Jan 2019, at 10:23 pm, mansur <6688000 at gmail.com> wrote:
>
> Hello, Chao!
>
> Do you have SELinux enabled? If yes, try to check its permissions...
>
> With best wishes,
> Mansur
>
> Am Sa., 26. Jan. 2019 um 06:04 Uhr schrieb Chao Sun <
> chao.sun at sydney.edu.au>:
>
>> Hello,
>>
>> I am recently rebuilding a CQPweb server on Redhat and hit on this
>> problem that I have never met in the past.
>>
>> When I try to upload .vrt files, I got this error message:
>>
>> ERROR: CWB registry dir ``/opt/CQPData/reg'' seems not to exist, or is
>> not readable!
>>
>>
>> I then run the system diagnosis from the admin page, and in order to be
>> certain on the username that the script is running under (I know it’s
>> apache under RH and www-data under Ubuntu), I have added “.exec(‘whoami’)’
>> to the end of the check script in cqp.inc.php.
>>
>> if (!is_readable($cwb_registry))
>>                         {
>>                                 $infoblob .= "$EOL    CHECK FAILED.
>> Ensure that $cwb_registry"
>>                                         . " is readable by the username
>> this script is running under.$EOL".*exec('whoami')*;
>>                                 break;
>>                         }
>>                         else
>>                                 $infoblob .= " yes it is!$EOL$EOL";
>>
>>
>> And the output confirmed the user of php script is apache.
>>
>> Checking that CWB registry is readable by this user...
>>     CHECK FAILED. Ensure that /opt/CQPData/reg is readable by the username this script is running under.*apache*
>>
>> The problem is that before doing this check, I have already set the
>> file/directory permissions to the target directories.
>> I then added user apache to the group mysql, added user mysql to the
>> group apache. Then changed apache:apache as the directory owner, and even
>> set the permission on all directory to 777 recursively.
>>
>> None of the above file permissions solve the problem, and the directory
>> /opt/CQPData/reg is always unreadable to CQPWeb.
>> The permission settings to the directories are as following at the moment:
>>
>> /opt/CQPData
>>
>> drwxrwxr-x. 7 apache apache 70 Jan 19 13:05 CQPData
>>
>>
>> Sub directories:
>>
>> drwxrwxr-x. 2 apache apache   6 Jan 19 13:04 cache
>> drwxrwxr-x. 2 apache apache   6 Jan 19 13:04 data
>> drwxrwxr-x. 2 mysql  apache   6 Jan 19 13:04 mysql
>> drwxrwxrwx. 2 apache apache   6 Jan 26 13:14 reg
>> drwxrwxr-x. 2 apache apache 100 Jan 26 12:45 uploads
>>
>>
>> The registry directory is open to everyone, needless to say to the owner
>> user and group.
>>
>> I don’t think this is related to the MySQL settings though, but reset all
>> the options as instructed in the admin manual to grant privileges etc.
>>
>> Please help on debugging this issue. Thanks in advance!
>>
>> Regards,
>> Chao
>>
>> *Dr CHAO SUN *| Data Scientist
>> Faculty of Arts and Social Sciences | *The University of Sydney*
>> Rm N302 off Lobby J, Quadrangle A14 | The University of Sydney | NSW |
>> 2006
>> *T* +61 2 9351 4240  | *F* +61 2 9351 5333
>> *E* chao.sun at sydney.edu.au | *W* sydney.edu.au
>> CRICOS 00026A
>>
>>
>> _______________________________________________
>> CWB mailing list
>> CWB at sslmit.unibo.it
>> http://liste.sslmit.unibo.it/mailman/listinfo/cwb
>> <https://protect-au.mimecast.com/s/_BdvC6X13RtLO22vCp1v5b?domain=liste.sslmit.unibo.it>
>>
> _______________________________________________
> CWB mailing list
> CWB at sslmit.unibo.it
>
> https://protect-au.mimecast.com/s/_BdvC6X13RtLO22vCp1v5b?domain=liste.sslmit.unibo.it
>
>
> _______________________________________________
> CWB mailing list
> CWB at sslmit.unibo.it
> http://liste.sslmit.unibo.it/mailman/listinfo/cwb
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://liste.sslmit.unibo.it/pipermail/cwb/attachments/20190126/570fb9a0/attachment.html>

More information about the CWB mailing list