LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware
User Name
Password
Slackware This Forum is for the discussion of Slackware Linux.

Notices


Reply
  Search this Thread
Old 05-08-2017, 12:52 AM   #1
glupa4e
Member
 
Registered: Jan 2011
Posts: 250

Rep: Reputation: 2
Icecast 2.4 - Listener Authentication - Failed to open authentication database: Permission denied


Hello,

I am trying to set listener authentication in Icecast up. But i get problems. Here is part of my icecast.xml:

Code:
  <mount type="normal">
        <mount-name>/example.ogg</mount-name>

        <max-listeners>10</max-listeners>

        <authentication type="htpasswd">
                <option name="filename" value="myauth"/>
                <option name="allow_duplicate_users" value="1"/>
        </authentication>
  <mount type="normal">
          <max-listeners>10</max-listeners>
      </mount>
  <paths>
        <!-- basedir is only used if chroot is enabled -->
        <basedir>/usr/share/icecast</basedir>

        <!-- Note that if <chroot> is turned on below, these paths must both
             be relative to the new root, not the original root -->
        <logdir>../../../var/log/icecast</logdir>
        <webroot>/web</webroot>
        <adminroot>/admin</adminroot>
        <!-- <pidfile>/usr/share/icecast/icecast.pid</pidfile> -->

       <alias source="/" destination="/status.xsl"/>
        <!-- The certificate file needs to contain both public and private part.
             Both should be PEM encoded.
        <ssl-certificate>/usr/share/icecast/icecast.pem</ssl-certificate>
        -->
    </paths>

    <logging>
        <accesslog>access.log</accesslog>
        <errorlog>error.log</errorlog>
        <!-- <playlistlog>playlist.log</playlistlog> -->
        <loglevel>3</loglevel> <!-- 4 Debug, 3 Info, 2 Warn, 1 Error -->

</paths>

    <logging>
        <accesslog>access.log</accesslog>
        <errorlog>error.log</errorlog>
        <!-- <playlistlog>playlist.log</playlistlog> -->
        <loglevel>3</loglevel> <!-- 4 Debug, 3 Info, 2 Warn, 1 Error -->
        <logsize>10000</logsize> <!-- Max size of a logfile -->
        <!-- If logarchive is enabled (1), then when logsize is reached
             the logfile will be moved to [error|access|playlist].log.DATESTAMP,
             otherwise it will be moved to [error|access|playlist].log.old.
             Default is non-archive mode (i.e. overwrite)
        -->
        <!-- <logarchive>1</logarchive> -->
    </logging>

   <security>
        <chroot>1</chroot>

        <changeowner>
            <user>glupa4e</user>
            <group>users</group>
        </changeowner>

    </security>
When i try to add a user via the web interface i get
User add failed - check the icecast error log

Here is the log message:
Code:
[2017-05-07  19:40:09] WARN auth_htpasswd/htpasswd_recheckfile failed to check status of myauth
[2017-05-07  19:40:09] WARN auth_htpasswd/htpasswd_adduser Failed to open authentication database "myauth": Permission denied
[2017-05-07  19:40:09] WARN auth_htpasswd/htpasswd_recheckfile failed to check status of myauth
[2017-05-07  19:40:09] INFO fserve/fserve_client_create checking for file /style.css (/web/style.css)
[2017-05-07  19:40:11] INFO format-vorbis/initial_vorbis_page seen initial vorbis header
Please let me know where should be the myauth database created, i mean path, in order to be able to set the right permissions. I am starting Icecast as root, but it runs as a normal user.

I know that this is not specific Slackware question, but perhaps you have experience with it.

Thanks!
 
Old 05-20-2017, 02:49 AM   #2
glupa4e
Member
 
Registered: Jan 2011
Posts: 250

Original Poster
Rep: Reputation: 2
Another case

As stated here i changed the configuration to explicitly point to the auth file:
Code:
<authentication type="htpasswd">
                <option name="filename" value="/usr/share/icecast/icecastauth"/>
                <option name="allow_duplicate_users" value="1"/>
        </authentication>
The file exists and it is chowned by the user Icecast is running under. Additionally the user has Write permissions to that file. I am able to browse and edit that file using Dolphin with the user Icecast is running under.
This time another message comes to the log
Code:
[2017-05-20  06:00:31] WARN auth_htpasswd/htpasswd_recheckfile failed to check status of /usr/share/icecast/icecastauth
[2017-05-20  06:00:31] WARN auth_htpasswd/htpasswd_adduser Failed to open authentication database "/usr/share/icecast/icecastauth": No such file or directory
[2017-05-20  06:00:31] WARN auth_htpasswd/htpasswd_recheckfile failed to check status of /usr/share/icecast/icecastauth
Probably to the ones of You who are able to read source code this could be a clue for the problem.
 
Old 07-22-2017, 02:53 PM   #3
glupa4e
Member
 
Registered: Jan 2011
Posts: 250

Original Poster
Rep: Reputation: 2
After an upgrade to the recent versions of the system packages for 14.2 and kernel to 4.4.75, i had to no longer start Icecast as root and then change to another user. Now i can start Icecst as a normal user. So my current configuration now looks like:

Code:
   <fileserve>1</fileserve>

    <paths>
        <!-- basedir is only used if chroot is enabled -->
        <basedir>/usr/share/icecast</basedir>

        <!-- Note that if <chroot> is turned on below, these paths must both
             be relative to the new root, not the original root -->
        <logdir>../../../var/log/icecast</logdir>
        <webroot>/usr/share/icecast/web</webroot>
        <alias source="/" destination="/status.xsl"/>
        <!-- The certificate file needs to contain both public and private part.
             Both should be PEM encoded.
        <ssl-certificate>/usr/share/icecast/icecast.pem</ssl-certificate>
        -->
    </paths>

<security>
        <chroot>0</chroot>

        <changeowner>
            <user>user</user>
            <group>users</group>
        </changeowner>

    </security>
Probably it could help someone
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Can't login as root - Debian 8.5 - authentication failed. remaining authentication methods 'publickey password' LnxRider Debian 11 07-31-2016 12:06 AM
[SOLVED] Apache 2 Warning: Unknown: failed to open stream: Permission denied madsovenielsen Linux - Server 2 06-14-2010 12:04 PM
Warning: Unknown: failed to open stream: Permission denied in Unknown on line 0 migabriel.84 Linux - Server 1 11-25-2009 04:36 PM
DBI Connect Failed:Access denied for user ''@'localhost' to database <database> error kaplan71 Linux - Software 3 06-05-2009 01:39 PM
move_uploaded_file failed to open stream: Permission denied zawmn83 Linux - Server 3 05-04-2009 04:36 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware

All times are GMT -5. The time now is 07:34 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration