Hello,
when deploying ACLs created on OTRS 6.0.40, I get an error message: There was an error synchronizing the ACLs.
Backend ERROR: OTRS-CGI-666 Perl: 5.26.3 OS: linux Time: Thu May 16 10:30:02 2024
Message: Can't write '/opt/otrs/Kernel/Config/Files/ZZZACL.pm':
RequestURI: /otrs/index.pl?Action=AdminACL;Subaction=ACLDeploy
Traceback (1159919):
Module: Kernel::System::Main::FileWrite Line: 501
Module: Kernel::System::ACL::DB::ACL::ACLDump Line: 955
Module: Kernel::Modules::AdminACL::Run Line: 362
Module: Kernel::System::Web::InterfaceAgent::Run Line: 1172
Module: ModPerl::ROOT::ModPerl::Registry::opt_otrs_bin_cgi_2dbin_index_2epl::handler Line: 39
Module: (eval) (v1.99) Line: 207
Module: ModPerl::RegistryCooker::run (v1.99) Line: 207
Module: ModPerl::RegistryCooker::default_handler (v1.99) Line: 173
Module: ModPerl::Registry::handler (v1.99) Line: 32
the file ZZZACL.pm does not exist in the Files folder.
I've tried to run the rebuild config command, but it still doesn't work.
Can you please help?
Thanks
Mehdi
ACL deployment error message
Moderator: crythias
-
root
- Administrator
- Posts: 4281
- Joined: 18 Dec 2007, 12:23
- Znuny Version: Znuny and Znuny LTS
- Real Name: Roy Kaldung
- Company: Znuny
- Contact:
Re: ACL deployment error message
Hi,
Probably sth. wen wrong with the permissions. Re-run the SetPermissions module.
- Roy
Probably sth. wen wrong with the permissions. Re-run the SetPermissions module.
- Roy
Znuny and Znuny LTS running on CentOS / RHEL / Debian / SLES / MySQL / PostgreSQL / Oracle / OpenLDAP / Active Directory / SSO
Use a test system - always.
Do you need professional services? Check out https://www.znuny.com/
Do you want to contribute or want to know where it goes ?
Use a test system - always.
Do you need professional services? Check out https://www.znuny.com/
Do you want to contribute or want to know where it goes ?
-
mehdiabd
- Znuny newbie
- Posts: 24
- Joined: 12 Jun 2020, 15:49
- Znuny Version: 5.0.37
- Real Name: Mehdi ABDENNADHER
Re: ACL deployment error message
Hello Roy,
I've just run the permission set but I still get the same error message and the ZZZACL file still doesn't exist in the /opt/otrs/Kernel/Config/Files/ folder.
Thanks again for your feedback,
Mehdi
I've just run the permission set but I still get the same error message and the ZZZACL file still doesn't exist in the /opt/otrs/Kernel/Config/Files/ folder.
Thanks again for your feedback,
Mehdi
-
root
- Administrator
- Posts: 4281
- Joined: 18 Dec 2007, 12:23
- Znuny Version: Znuny and Znuny LTS
- Real Name: Roy Kaldung
- Company: Znuny
- Contact:
Re: ACL deployment error message
Hi,
What is the output of the command "id otrs" and what't the user and group the web server is running?
- Roy
What is the output of the command "id otrs" and what't the user and group the web server is running?
- Roy
Znuny and Znuny LTS running on CentOS / RHEL / Debian / SLES / MySQL / PostgreSQL / Oracle / OpenLDAP / Active Directory / SSO
Use a test system - always.
Do you need professional services? Check out https://www.znuny.com/
Do you want to contribute or want to know where it goes ?
Use a test system - always.
Do you need professional services? Check out https://www.znuny.com/
Do you want to contribute or want to know where it goes ?
-
mehdiabd
- Znuny newbie
- Posts: 24
- Joined: 12 Jun 2020, 15:49
- Znuny Version: 5.0.37
- Real Name: Mehdi ABDENNADHER
Re: ACL deployment error message
id otrs:
uid=1006(otrs) gid=1006(otrs) groups=1006(otrs),48(apache)
and the command is :
./otrs.SetPermissions.pl --web-group=apache --otrs-user=otrs /opt/otrs
thank you in advance for your feedback,
Mehdi
uid=1006(otrs) gid=1006(otrs) groups=1006(otrs),48(apache)
and the command is :
./otrs.SetPermissions.pl --web-group=apache --otrs-user=otrs /opt/otrs
thank you in advance for your feedback,
Mehdi
-
root
- Administrator
- Posts: 4281
- Joined: 18 Dec 2007, 12:23
- Znuny Version: Znuny and Znuny LTS
- Real Name: Roy Kaldung
- Company: Znuny
- Contact:
Re: ACL deployment error message
Hi,
And what does "ls -ld /opt/otrs/Kernel/Config/" return?
- Roy
And what does "ls -ld /opt/otrs/Kernel/Config/" return?
- Roy
Znuny and Znuny LTS running on CentOS / RHEL / Debian / SLES / MySQL / PostgreSQL / Oracle / OpenLDAP / Active Directory / SSO
Use a test system - always.
Do you need professional services? Check out https://www.znuny.com/
Do you want to contribute or want to know where it goes ?
Use a test system - always.
Do you need professional services? Check out https://www.znuny.com/
Do you want to contribute or want to know where it goes ?
-
mehdiabd
- Znuny newbie
- Posts: 24
- Joined: 12 Jun 2020, 15:49
- Znuny Version: 5.0.37
- Real Name: Mehdi ABDENNADHER
Re: ACL deployment error message
drwxrwsr-x. 3 otrs apache 38 Apr 5 2023 /opt/otrs/Kernel/Config/
Mehdi
Mehdi
-
root
- Administrator
- Posts: 4281
- Joined: 18 Dec 2007, 12:23
- Znuny Version: Znuny and Znuny LTS
- Real Name: Roy Kaldung
- Company: Znuny
- Contact:
Re: ACL deployment error message
Hi,
Is this any kind of Enterprise Linux? What does the command "sestatus" return?
- Roy
Is this any kind of Enterprise Linux? What does the command "sestatus" return?
- Roy
Znuny and Znuny LTS running on CentOS / RHEL / Debian / SLES / MySQL / PostgreSQL / Oracle / OpenLDAP / Active Directory / SSO
Use a test system - always.
Do you need professional services? Check out https://www.znuny.com/
Do you want to contribute or want to know where it goes ?
Use a test system - always.
Do you need professional services? Check out https://www.znuny.com/
Do you want to contribute or want to know where it goes ?
-
mehdiabd
- Znuny newbie
- Posts: 24
- Joined: 12 Jun 2020, 15:49
- Znuny Version: 5.0.37
- Real Name: Mehdi ABDENNADHER
Re: ACL deployment error message
Hello Roy,
sestatus return:
SELinux status: enabled
SELinuxfs mount: /sys/fs/selinux
SELinux root directory: /etc/selinux
Loaded policy name: targeted
Current mode: enforcing
Mode from config file: enforcing
Policy MLS status: enabled
Policy deny_unknown status: allowed
Memory protection checking: actual (secure)
Max kernel policy version: 33
Thank you in advance for your return,
Mehdi
sestatus return:
SELinux status: enabled
SELinuxfs mount: /sys/fs/selinux
SELinux root directory: /etc/selinux
Loaded policy name: targeted
Current mode: enforcing
Mode from config file: enforcing
Policy MLS status: enabled
Policy deny_unknown status: allowed
Memory protection checking: actual (secure)
Max kernel policy version: 33
Thank you in advance for your return,
Mehdi
-
root
- Administrator
- Posts: 4281
- Joined: 18 Dec 2007, 12:23
- Znuny Version: Znuny and Znuny LTS
- Real Name: Roy Kaldung
- Company: Znuny
- Contact:
Re: ACL deployment error message
Hi,
Please check/read the manual, SELinux must be disabled or at least set to permissive. This requirement has been there for years.
- Roy
Please check/read the manual, SELinux must be disabled or at least set to permissive. This requirement has been there for years.
- Roy
Znuny and Znuny LTS running on CentOS / RHEL / Debian / SLES / MySQL / PostgreSQL / Oracle / OpenLDAP / Active Directory / SSO
Use a test system - always.
Do you need professional services? Check out https://www.znuny.com/
Do you want to contribute or want to know where it goes ?
Use a test system - always.
Do you need professional services? Check out https://www.znuny.com/
Do you want to contribute or want to know where it goes ?