LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices


Reply
  Search this Thread
Old 06-03-2014, 04:56 PM   #1
UltrasonicMadness
Member
 
Registered: Jul 2013
Location: European Union
Distribution: Fedora 20 Xfce Spin
Posts: 43

Rep: Reputation: Disabled
Simple Machines Forum persistently claims that files are not writable


I am trying to set up Simple Machines Forum on a local server. I have tried following many tutorials online and cannot fix this error message. The install.php claims on step 2:

Code:
Checking Files are Writable

Some files need to be writable for SMF to work properly. This step allows you to let the installer make them writable for you. However, in some cases it won't work - in that case, please make the following files 777 (writable, 755 on some hosts):

    attachments
    avatars
    cache
    Packages
    Packages/installed.list
    Smileys
    Themes
    agreement.txt
    Settings.php
    Settings_bak.php
Do you know how I could fix this?

Best regards and thanks in advance
UltrasonicMadness

Last edited by UltrasonicMadness; 06-04-2014 at 04:47 AM.
 
Old 06-03-2014, 05:36 PM   #2
soldersplash
LQ Newbie
 
Registered: May 2009
Location: England, UK
Distribution: Ubuntu 16.04
Posts: 21

Rep: Reputation: 0
Post

Hi There UltrasonicMadness,

The clue is in the question: "However, in some cases it won't work - in that case, please make the following files 777 (writable, 755 on some hosts)"
Some useful reading on Linux File Permissions :- http://www.linux.org/threads/file-pe...ns-chmod.4094/
In short, you can use the "chmod" command to alter permissions on files.
e.g.

Code:
you@your_host:~$ chmod 777 /path/to/the/file
Of course, you as a standard user may well lack the permission to change the permisions In which case you will need to gain root privaleges.

I didn't see what system you are using, Ubuntu uses "sudo" for this:

Code:
you@your_host:~$ sudo chmod 777 /path/to/the/file
[sudo] password for your_username:
<enter password>

Enter your admin password and the chmod will be executed with elevated privaleges.

On other systems it may be you need "su" to gain root privaleges:
Code:
you@your_host:~$ su
password:
<enter root password>
Code:
root@your_host:/home/your_username# sudo chmod 777 /path/to/the/file
This second method leaves you at a root prompt, which isn't a great idea to stay there. You may break stuff too easily (we've all been there ) Use 'su' to get back to normal user prompt

Code:
root@your_host:/home/your_username# su your_username
you@your_host:~$

Hope that helps,
As ever, YMMV,
Soldersplash.
 
Old 06-04-2014, 05:04 AM   #3
UltrasonicMadness
Member
 
Registered: Jul 2013
Location: European Union
Distribution: Fedora 20 Xfce Spin
Posts: 43

Original Poster
Rep: Reputation: Disabled
I have tried this and nothing on the server changes.

Code:
[root@host forum]# chmod 777 attachments
[root@host forum]# chmod 777 avatars
[root@host forum]# chmod 777 cache
[root@host forum]# chmod 777 Packages
[root@host forum]# chmod 777 Packages/installed.list
[root@host forum]# chmod 777 Smileys
[root@host forum]# chmod 777 Themes
[root@host forum]# chmod 777 agreement.txt
[root@host forum]# chmod 777 Settings.php
[root@host forum]# chmod 777 Settings_bak.php
[root@host forum]# service httpd restart
Redirecting to /bin/systemctl restart  httpd.service
[root@host forum]# service mariadb restart
Redirecting to /bin/systemctl restart  mariadb.service
At this point, I started install.php in the browser again. It still gave the warning.

Code:
[root@host forum]# chmod 755 attachments
[root@host forum]# chmod 755 avatars
[root@host forum]# chmod 755 cache
[root@host forum]# chmod 755 Packages
[root@host forum]# chmod 755 Packages/installed.list
[root@host forum]# chmod 755 Smileys
[root@host forum]# chmod 755 Themes
[root@host forum]# chmod 755 agreement.txt
[root@host forum]# chmod 755 Settings.php
[root@host forum]# chmod 755 Settings_bak.php
[root@host forum]# service httpd restart
Redirecting to /bin/systemctl restart  httpd.service
[root@host forum]# service mariadb restart
Redirecting to /bin/systemctl restart  mariadb.service
I then started install.php again, and it still claimed that the files were not writable. Another thing I noticed is that with 777 files, the file manager (Thunar 1.6.3) shows that the file's owner, group (both root) and others (including my non-root user account) have read/write access, wheras with 755, it shows that the owner has read/write access but the group and others have read-only access.

Apologies for not mentioning my distribution, I use Fedora 20 which uses both sudo and su.

Best regards
UltrasonicMadness

Last edited by UltrasonicMadness; 06-04-2014 at 05:12 AM. Reason: Elaboration regarding chmod
 
Old 06-04-2014, 08:05 AM   #4
Habitual
LQ Veteran
 
Registered: Jan 2011
Location: Abingdon, VA
Distribution: Catalina
Posts: 9,374
Blog Entries: 37

Rep: Reputation: Disabled
smf version?

Check out the readme.html for section titled "Set file permissions"
 
Old 06-04-2014, 08:20 AM   #5
jpollard
Senior Member
 
Registered: Dec 2012
Location: Washington DC area
Distribution: Fedora, CentOS, Slackware
Posts: 4,912

Rep: Reputation: 1513Reputation: 1513Reputation: 1513Reputation: 1513Reputation: 1513Reputation: 1513Reputation: 1513Reputation: 1513Reputation: 1513Reputation: 1513Reputation: 1513
What is your local server?

Some distributions (based on RH) use SELinux enhancements to protect the system from potential vulnerabilities in apache, and these features provide mandatory security to anything apache can access - it blocks it from reaching things it shouldn't (both read and write).
 
1 members found this post helpful.
Old 06-04-2014, 09:03 AM   #6
UltrasonicMadness
Member
 
Registered: Jul 2013
Location: European Union
Distribution: Fedora 20 Xfce Spin
Posts: 43

Original Poster
Rep: Reputation: Disabled
Question

I use Fedora 20 Xfce Edition and I'm trying to install SMF 2.0.7.

I remember when I used KDE, there was an application launcher in the menu for SELinux, but I can't find an equivalent in Xfce. I've tried installing setroubleshoot and setools-gui and associated dependencies and they just added confusion.

I checked readme.html but it only gave instructions for FTP clients and claimed that files should use 666, 664, or 644 permissions (presumably making them non-executable).

Best regards
UltrasonicMadness

Last edited by UltrasonicMadness; 06-04-2014 at 09:14 AM. Reason: Clarification
 
Old 06-04-2014, 10:26 AM   #7
jpollard
Senior Member
 
Registered: Dec 2012
Location: Washington DC area
Distribution: Fedora, CentOS, Slackware
Posts: 4,912

Rep: Reputation: 1513Reputation: 1513Reputation: 1513Reputation: 1513Reputation: 1513Reputation: 1513Reputation: 1513Reputation: 1513Reputation: 1513Reputation: 1513Reputation: 1513
There are mandatory security labels that prevent Apache from accessing anything that isn't explicitly authorized as permitted. This includes the ability to even execute CGI procedures, PHP, even the types of filesystems that can be accessed (NFS/CIFS).

Just the list of possible flags (not the labels):
Code:
allow_httpd_anon_write --> off
allow_httpd_mod_auth_ntlm_winbind --> off
allow_httpd_mod_auth_pam --> off
allow_httpd_sys_script_anon_write --> off
httpd_builtin_scripting --> on
httpd_can_check_spam --> off
httpd_can_connect_ftp --> off
httpd_can_connect_ldap --> off
httpd_can_connect_zabbix --> off
httpd_can_network_connect --> off
httpd_can_network_connect_cobbler --> off
httpd_can_network_connect_db --> off
httpd_can_network_memcache --> off
httpd_can_network_relay --> off
httpd_can_sendmail --> off
httpd_dbus_avahi --> off
httpd_enable_cgi --> on
httpd_enable_ftp_server --> off
httpd_enable_homedirs --> off
httpd_execmem --> off
httpd_graceful_shutdown --> off
httpd_manage_ipa --> off
httpd_read_user_content --> off
httpd_run_stickshift --> off
httpd_setrlimit --> off
httpd_ssi_exec --> off
httpd_tmp_exec --> off
httpd_tty_comm --> on
httpd_unified --> off
httpd_use_cifs --> off
httpd_use_fusefs --> off
httpd_use_gpg --> off
httpd_use_nfs --> off
httpd_verify_dns --> off
The type labels used:
Code:
httpd_sys_script_exec_t - required type for CGI (read only)
httpd_sys_content_t - read only system data
httpd_sys_rw_content_t - read write system data
httpd_user_content_t - read only user data
httpd_user_rw_content_t - read write user data
The "httpd_sys_script_exec_t", "httpd_sys_content_t" and "httpd_sys_rw_content_t" are used by the apache administrator, and permit the appropriate access, and can prevent any defacing attacks on static data.

This also prevents apache from adding funky data (unless the file/directory is marked read/write).
 
Old 06-04-2014, 11:10 AM   #8
UltrasonicMadness
Member
 
Registered: Jul 2013
Location: European Union
Distribution: Fedora 20 Xfce Spin
Posts: 43

Original Poster
Rep: Reputation: Disabled
Question

How would I go about this? I know SELinux is the problem because the installer got past that step when I disabled it.
 
Old 06-04-2014, 02:42 PM   #9
jpollard
Senior Member
 
Registered: Dec 2012
Location: Washington DC area
Distribution: Fedora, CentOS, Slackware
Posts: 4,912

Rep: Reputation: 1513Reputation: 1513Reputation: 1513Reputation: 1513Reputation: 1513Reputation: 1513Reputation: 1513Reputation: 1513Reputation: 1513Reputation: 1513Reputation: 1513
First, identify the labels you need to have. Data that is supposed to be constant gets the types identified for constants. Variable data gets the other. If you are using a database, then the boolean flag for database support is needed.

Then identify the boolean flags you need (most likely, only those for CGI, or possibly PHP).

You can always start with a "restorecon -R /var/www" (assuming that is where the files are). This will set the default (which is read only), then you can test to see which ones must be changed.

Last edited by jpollard; 06-04-2014 at 02:44 PM.
 
Old 06-04-2014, 04:12 PM   #10
UltrasonicMadness
Member
 
Registered: Jul 2013
Location: European Union
Distribution: Fedora 20 Xfce Spin
Posts: 43

Original Poster
Rep: Reputation: Disabled
Thumbs up

Got it! I typed this in /var/www/html (the forum's files being in /var/www/html/forum)

Code:
chcon -R -t httpd_sys_rw_content_t forum
-R meaning recursive, -t meaning type and forum being the folder to apply it to.

Best regards
UltrasonicMadness
 
Old 06-04-2014, 06:34 PM   #11
jpollard
Senior Member
 
Registered: Dec 2012
Location: Washington DC area
Distribution: Fedora, CentOS, Slackware
Posts: 4,912

Rep: Reputation: 1513Reputation: 1513Reputation: 1513Reputation: 1513Reputation: 1513Reputation: 1513Reputation: 1513Reputation: 1513Reputation: 1513Reputation: 1513Reputation: 1513
That is fine if the only things in that directory are supposed to be modified by the application.

But if there are some forms and such.. then those should be httpd_sys_content_t.

(but for all I know, this could be the data storage for the thing...

Glad its working.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Simple Machines Forum stopped displaying correctly dpeterson3 Linux - Software 3 12-03-2009 05:50 PM
Would a new forum for Virtual machines and Dual booting be good? Chris Stegman Linux - Software 19 04-02-2009 06:29 AM
LXer: Simple Machines Forum LXer Syndicated Linux News 0 03-04-2008 11:50 PM
virtual machines forum bskrakes LQ Suggestions & Feedback 22 05-14-2007 05:04 AM
Is there a simple way to launch commands on other machines? BrianK Linux - Networking 3 01-04-2004 04:30 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Software

All times are GMT -5. The time now is 02:19 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration