LinuxQuestions.org
Visit Jeremy's Blog.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
Reload this Page Help understadning SFTP logs - invalid st_mode
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices


Reply
  Search this Thread
Old 05-01-2019, 09:41 AM   #1
socalheel
Member
 
Registered: Oct 2012
Location: Raleigh, NC
Distribution: CentOS / RHEL
Posts: 158

Rep: Reputation: 3
Help understadning SFTP logs - invalid st_mode

I am investigating a site-outage that was supposedly caused by moving a folder into another folder.

I cannot find anything in sftp logs to support this but I am not sure about this one entry:

Quote:
in wpe_permissionmgr_determine_update_type, invalid st_mode(193974528) returned on /wp-content

if you'd like the full logs i was provided (i removed the first six columns to scrub "sensitive" data):

Quote:
opening file /var/cache/wpe_uploadtracker/sftp_uploads : 2
SSH2 session opened.
USER username-here (Login failed): Incorrect password
SSH2 session closed.
opening file /var/cache/wpe_uploadtracker/sftp_uploads : 2
SSH2 session opened.
USER username-here (Login failed): Incorrect password
SSH2 session closed.
opening file /var/cache/wpe_uploadtracker/sftp_uploads : 2
SSH2 session opened.
USER username-here: Login successful
USER username-here: Login successful.
opening file /var/cache/wpe_uploadtracker/sftp_uploads : 2
SSH2 session opened.
USER username-here: Login successful
USER username-here: Login successful.
ROOT PRIVS: unable to seteuid(): Operation not permitted
ROOT PRIVS: unable to setegid(): Operation not permitted
RELINQUISH PRIVS: unable to seteuid(PR_ROOT_UID): Operation not permitted
SSH2 session closed.
opening file /var/cache/wpe_uploadtracker/sftp_uploads : 2
SSH2 session opened.
SSH2 session closed.
opening file /var/cache/wpe_uploadtracker/sftp_uploads : 2
SSH2 session opened.
USER username-here: Login successful
USER username-here: Login successful.
SSH2 no transfer timeout, disconnected
ROOT PRIVS: unable to seteuid(): Operation not permitted
ROOT PRIVS: unable to setegid(): Operation not permitted
RELINQUISH PRIVS: unable to seteuid(PR_ROOT_UID): Operation not permitted
SSH2 session closed.
opening file /var/cache/wpe_uploadtracker/sftp_uploads : 2
SSH2 session opened.
USER username-here: Login successful
USER username-here: Login successful.
ROOT PRIVS: unable to seteuid(): Operation not permitted
ROOT PRIVS: unable to setegid(): Operation not permitted
RELINQUISH PRIVS: unable to seteuid(PR_ROOT_UID): Operation not permitted
SSH2 session closed.
ROOT PRIVS: unable to seteuid(): Operation not permitted
ROOT PRIVS: unable to setegid(): Operation not permitted
RELINQUISH PRIVS: unable to seteuid(PR_ROOT_UID): Operation not permitted
SSH2 session closed.
opening file /var/cache/wpe_uploadtracker/sftp_uploads : 2
SSH2 session opened.
USER username-here: Login successful
USER username-here: Login successful.
opening file /var/cache/wpe_uploadtracker/sftp_uploads : 2
SSH2 session opened.
USER username-here: Login successful
USER username-here: Login successful.
ROOT PRIVS: unable to seteuid(): Operation not permitted
ROOT PRIVS: unable to setegid(): Operation not permitted
RELINQUISH PRIVS: unable to seteuid(PR_ROOT_UID): Operation not permitted
SSH2 session closed.
wpe_permissionmgr_determine_update_type: processing arg /wp-content
in wpe_permissionmgr_determine_update_type, invalid st_mode(193974528) returned on /wp-content
wpe_permissionmgr_determine_update_type: processing arg /vagrant/wp-content
chmod of file /vagrant/wp-content to 775 failed
opening file /var/cache/wpe_uploadtracker/sftp_uploads : 2
SSH2 session opened.
USER username-here: Login successful
USER username-here: Login successful.
ROOT PRIVS: unable to seteuid(): Operation not permitted
ROOT PRIVS: unable to setegid(): Operation not permitted
RELINQUISH PRIVS: unable to seteuid(PR_ROOT_UID): Operation not permitted
SSH2 session closed.
SSH2 no transfer timeout, disconnected
ROOT PRIVS: unable to seteuid(): Operation not permitted
ROOT PRIVS: unable to setegid(): Operation not permitted
RELINQUISH PRIVS: unable to seteuid(PR_ROOT_UID): Operation not permitted
SSH2 session closed.
opening file /var/cache/wpe_uploadtracker/sftp_uploads : 2
SSH2 session opened.
USER username-here: Login successful
USER username-here: Login successful.
opening file /var/cache/wpe_uploadtracker/sftp_uploads : 2
SSH2 session opened.
USER username-here: Login successful
USER username-here: Login successful.
SSH2 no transfer timeout, disconnected
ROOT PRIVS: unable to seteuid(): Operation not permitted
ROOT PRIVS: unable to setegid(): Operation not permitted
RELINQUISH PRIVS: unable to seteuid(PR_ROOT_UID): Operation not permitted
SSH2 session closed.
opening file /var/cache/wpe_uploadtracker/sftp_uploads : 2
SSH2 session opened.
USER username-here: Login successful
USER username-here: Login successful.
SSH2 no transfer timeout, disconnected
ROOT PRIVS: unable to seteuid(): Operation not permitted
ROOT PRIVS: unable to setegid(): Operation not permitted
RELINQUISH PRIVS: unable to seteuid(PR_ROOT_UID): Operation not permitted
SSH2 session closed.
opening file /var/cache/wpe_uploadtracker/sftp_uploads : 2
SSH2 session opened.
USER username-here: Login successful
USER username-here: Login successful.
SSH2 no transfer timeout, disconnected
ROOT PRIVS: unable to seteuid(): Operation not permitted
ROOT PRIVS: unable to setegid(): Operation not permitted
RELINQUISH PRIVS: unable to seteuid(PR_ROOT_UID): Operation not permitted
SSH2 session closed.
SSH2 no transfer timeout, disconnected
ROOT PRIVS: unable to seteuid(): Operation not permitted
ROOT PRIVS: unable to setegid(): Operation not permitted
RELINQUISH PRIVS: unable to seteuid(PR_ROOT_UID): Operation not permitted
SSH2 session closed.
opening file /var/cache/wpe_uploadtracker/sftp_uploads : 2
SSH2 session opened.
USER username-here: Login successful
USER username-here: Login successful.
SSH2 no transfer timeout, disconnected
ROOT PRIVS: unable to seteuid(): Operation not permitted
ROOT PRIVS: unable to setegid(): Operation not permitted
RELINQUISH PRIVS: unable to seteuid(PR_ROOT_UID): Operation not permitted
SSH2 session closed.
opening file /var/cache/wpe_uploadtracker/sftp_uploads : 2
SSH2 session opened.
USER username-here: Login successful
USER username-here: Login successful.
ROOT PRIVS: unable to seteuid(): Operation not permitted
ROOT PRIVS: unable to setegid(): Operation not permitted
RELINQUISH PRIVS: unable to seteuid(PR_ROOT_UID): Operation not permitted
SSH2 session closed.
sent SSH_DISCONNECT message: disconnected by user (Application error)
 
Old 05-01-2019, 10:18 AM   #2
smallpond
Senior Member
 
Registered: Feb 2011
Location: Massachusetts, USA
Distribution: Fedora
Posts: 4,143

Rep: Reputation: 1264Reputation: 1264Reputation: 1264Reputation: 1264Reputation: 1264Reputation: 1264Reputation: 1264Reputation: 1264Reputation: 1264
Were the files and directories owned by the same user as the login? Was either root?
 
Old 05-01-2019, 12:00 PM   #3
socalheel
Member
 
Registered: Oct 2012
Location: Raleigh, NC
Distribution: CentOS / RHEL
Posts: 158

Original Poster
Rep: Reputation: 3
hey smallpond, thanks for the reply.

no sir. i logged in as username-01 and the wp-content folder and files are owned by owner/group www-data.

supposedly the folder wp-content was moved into a folder named vagrant, which is also owned by owner/group www-data.

i don't see anywhere in the logs where a request to move wp-content into vagrant was initiated.
 
Old 05-01-2019, 12:19 PM   #4
smallpond
Senior Member
 
Registered: Feb 2011
Location: Massachusetts, USA
Distribution: Fedora
Posts: 4,143

Rep: Reputation: 1264Reputation: 1264Reputation: 1264Reputation: 1264Reputation: 1264Reputation: 1264Reputation: 1264Reputation: 1264Reputation: 1264
I don't know what happens to ownership and permissions when you do that, but this error:

Code:
wpe_permissionmgr_determine_update_type: processing arg /wp-content
in wpe_permissionmgr_determine_update_type, invalid st_mode(193974528) returned on /wp-content
wpe_permissionmgr_determine_update_type: processing arg /vagrant/wp-content
chmod of file /vagrant/wp-content to 775 failed
suggests that a directory named vagrant/wp-content was created and that something went wrong. You can check the file's sizes, ownership and permissions in sftp using ls -l.
 
1 members found this post helpful.
Old 05-01-2019, 12:24 PM   #5
socalheel
Member
 
Registered: Oct 2012
Location: Raleigh, NC
Distribution: CentOS / RHEL
Posts: 158

Original Poster
Rep: Reputation: 3
Quote:
Originally Posted by smallpond View Post

suggests that a directory named vagrant/wp-content was created and that something went wrong.
exactly correct. i just don't see where/how/who tried to create that. the support team where this server is hosted seems to think the wp-content folder was accidentally moved into /vagrant. which is a solid theory, i mean drag/drop errors happen all the time and if someone is using an FTP client, then it's very likely that's what happened. i just don't see where that was actually requested.
 
Old 05-01-2019, 04:33 PM   #6
scasey
LQ Veteran
 
Registered: Feb 2013
Location: Tucson, AZ, USA
Distribution: CentOS 7.9.2009
Posts: 5,732

Rep: Reputation: 2212Reputation: 2212Reputation: 2212Reputation: 2212Reputation: 2212Reputation: 2212Reputation: 2212Reputation: 2212Reputation: 2212Reputation: 2212Reputation: 2212
Given that the content is owned by the (presumably) the web server user, is it possible that the move happened via a web-run script (i.e. CGI) rather than via SFTP?
Just thinkin' out loud...
 
1 members found this post helpful.
Old 05-01-2019, 07:17 PM   #7
socalheel
Member
 
Registered: Oct 2012
Location: Raleigh, NC
Distribution: CentOS / RHEL
Posts: 158

Original Poster
Rep: Reputation: 3
i am definitely not ruling anything out for sure. the site is hosted on wp engine so i do not have full visibility into how the server is built and what all is going on.
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Back up logs file and create a script showing the backed up logs and the running logs Billy_6052 Programming 5 12-13-2014 02:32 AM
logs are not generating inside sftp logs, while acitive directory users are loggin in deepak_message Linux - Server 6 03-24-2013 11:37 AM
understadning /dev/dm-02 mapping and fdisk -l or fdisk -l | less mixxmaster27 Linux - Newbie 2 06-03-2010 12:17 PM
using lstat st_mode flags and masks smoking81 Programming 1 10-03-2008 05:17 AM
Files truncated by sftp/sftp-server at 65kb gato Linux - Networking 1 12-18-2003 10:29 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Server

All times are GMT -5. The time now is 08:13 AM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration