[OP Solved] Permission issues

tarnalcock · Post by **tarnalcock** » 05 Dec 2013, 16:00

If I am logged in as myself I get:

tarn@otrsserver:/opt$ cd otrs
-bash: cd: otrs: Permission denied

If I try run the set permissions script as root:

tarn@otrsserver:/opt$ sudo su
root@otrsserver:/opt# cd otrs
root@otrsserver:/opt/otrs# ./bin/otrs.SetPermissions.pl --otrs-user=otrs --web-user=www-data --otrs-group=nogroup --web-group=www-data /opt/otrs
bash: ./bin/otrs.SetPermissions.pl: Permission denied

This all came about because the scheduler task is not starting automatically due to permissions issues.

Can anyone please assist?

Is there any way I can get a recursive listing of the required permissions and update them manually also how can it be that root user cannot run the script.

I am running Ubuntu 12.04.3 LTS (precise).

jojo · Post by **jojo** » 05 Dec 2013, 16:01

is the script executable?

tarnalcock · Post by **tarnalcock** » 05 Dec 2013, 16:22

Yes. I used it when installing. But somehow my permissions have all become messed up.

tarnalcock · Post by **tarnalcock** » 05 Dec 2013, 16:24

As a desperate attempt to get this working I did chmod -R 775 /opt/otrs and tried running the permissions script again. This time it runs but I get

$ ./otrs.SetPermissions.pl --otrs-user=otrs --web-user=www-data --otrs-group=nogroup --web-group=www-data /opt/otrs
bin/otrs.SetPermissions.pl - set OTRS file permissions
Copyright (C) 2001-2013 xxx, http://otrs.com/
Setting permissions on /opt/otrs
Error in chown 999 33 /opt/otrs/var/tmp/CacheFileStorable/GenericAgent/8/6/860c89dd3ea873874cb968dcb81a94bd: Operation not permitted

tarnalcock · Post by **tarnalcock** » 05 Dec 2013, 16:26

basically what I think is require is to redefine all the permissions manually from scratch. Is this possible?

jojo · Post by **jojo** » 05 Dec 2013, 16:27

only via script (if root is not able to change permission you might have a more severe issue)

tarnalcock · Post by **tarnalcock** » 05 Dec 2013, 16:39

So would it be best to back up all configs and db and reinstall?

Post by **crythias** » 05 Dec 2013, 17:09

tarnalock, you should attempt to run setpermissions as root.

tarnalcock · Post by **tarnalcock** » 06 Dec 2013, 11:45

crythias wrote:tarnalock, you should attempt to run setpermissions as root.

Crythias: I did try that. As above:

root@otrsserver:/opt/otrs# ./bin/otrs.SetPermissions.pl --otrs-user=otrs --web-user=www-data --otrs-group=nogroup --web-group=www-data /opt/otrs
bash: ./bin/otrs.SetPermissions.pl: Permission denied

I have since reinstalled otrs and restored my configuration and database backup. However I am still having issues with mail.

Firstly when logging in I get the "Scheduler process is registered but might not be running." error. If I force start it goes away temporarily but reappears randomly or after rebooting.

Mail is not coming in to the system unless I manually click fetch mail in the admin dashboard.

If I run otrs.PostMasterMailbox.pl as root, I get

POP3: Connection to mail.mymailserver.co.za closed.

where mymailserver = my domain.
If I do the same as www-data (the web user) it works.
BUT if I do this as otrs which is the otrs user I get:

$ $ ./otrs.PostMasterMailbox.pl
ERROR: Permission denied: /opt/otrs/Kernel/Config/Files/ZZZAAuto.pm
ERROR: Permission denied: /opt/otrs/Kernel/Config/Files/ZZZAuto.pm
POP3: Connection to mail.mymailserver.co.za closed.

I have run otrs.SetPermissions.pl as root and it ran fine. Although one thing I did notice:
root@otrsserver:/opt/otrs/bin# ./otrs.SetPermissions.pl /opt/otrs --otrs-user=otrs --web-user=www-data --otrs-group=nogroup --web-group=www-data
bin/otrs.SetPermissions.pl - set OTRS file permissions
Copyright (C) 2001-2013 xxx, http://otrs.com/
Setting permissions on /opt/otrs
Setting permissions on /opt/otrs/var
Setting permissions on /opt/otrs/bin/*
Setting permissions on /opt/otrs/scripts/
Setting permissions on /opt/otrs/Kernel/Config.pm
In another post I have seen the expected output to be this:
bin/otrs.SetPermissions.pl <1.4.4.1> – set OTRS file permissions
Copyright (C) 2001-2012 xxx, http://otrs.org/
Setting permissions on /opt/otrs
Setting permissions on /opt/otrs/var
Setting permissions on /opt/otrs/bin/*
Setting permissions on /opt/otrs/scripts/*.pl
Setting permissions on /opt/otrs/scripts/tools/*.pl
Setting permissions on Kernel/Config.pm
Setting owner rw and group ro permissions on /opt/otrs/

Could it be that the missing line for setting the owner is the issue?

tarnalcock · Post by **tarnalcock** » 06 Dec 2013, 13:48

Another permissions related issue I am facing is this, in my error log:

Fri Dec 6 13:20:03 2013 error OTRS-otrs.GenericAgent.pl-73 mkdir /opt/otrs/var/tmp/CacheFileStorable/CacheInternalUser/5: Permission denied at /opt/otrs/Kernel/System/Cache/FileStorable.pm line 79

SO I think it is fair to say that there is something to do with permissions between OTRS 3.3.2 and Ubuntu server.

I have reinstalled numerous times, run all the scripts exactly as directed by the OTRS manual as well as other people's posts. Nothing helps.

I am not overly concerned about security. Would it not be possible to just grant all local users full permissions to all files in /opt/otrs? -Althoug getting to the root

of the problem would be great too!

This is what I tried yesterday but I messed it up hence the reinstall.

Is there no kind of script for checking required permissions in OTRS and reporting those that need correcting. Somewhat akin to CheckModules.pl?

Post by **crythias** » 06 Dec 2013, 14:59

bin/otrs.SetPermissions.pl --otrs-user=otrs --web-user=www-data --otrs-group=www-data --web-group=www-data /opt/otrs
bin/otrs.SetPermissions.pl - set OTRS file permissions
Copyright (C) 2001-2013 xxx, http://otrs.com/
Setting permissions on /opt/otrs
Error in chown 1001 33 /opt/otrs: Operation not permitted

sudo bin/otrs.SetPermissions.pl --otrs-user=otrs --web-user=www-data --otrs-group=www-data --web-group=www-data /opt/otrs
bin/otrs.SetPermissions.pl - set OTRS file permissions
Copyright (C) 2001-2013 xxx, http://otrs.com/
Setting permissions on /opt/otrs
Setting permissions on /opt/otrs/var
Setting permissions on /opt/otrs/bin/*
Setting permissions on /opt/otrs/scripts/
Setting permissions on /opt/otrs/Kernel/Config.pm

-rw-rw-r-- 1 otrs www-data 287188 Dec 2 17:01 ZZZAAuto.pm
-rw-rw-r-- 1 otrs www-data 8690 Dec 2 17:01 ZZZAuto.pm

tarnalcock · Post by **tarnalcock** » 06 Dec 2013, 22:57

crythias wrote:bin/otrs.SetPermissions.pl --otrs-user=otrs --web-user=www-data --otrs-group=www-data --web-group=www-data /opt/otrs
bin/otrs.SetPermissions.pl - set OTRS file permissions
Copyright (C) 2001-2013 xxx, http://otrs.com/
Setting permissions on /opt/otrs
Error in chown 1001 33 /opt/otrs: Operation not permitted

sudo bin/otrs.SetPermissions.pl --otrs-user=otrs --web-user=www-data --otrs-group=www-data --web-group=www-data /opt/otrs
bin/otrs.SetPermissions.pl - set OTRS file permissions
Copyright (C) 2001-2013 xxx, http://otrs.com/
Setting permissions on /opt/otrs
Setting permissions on /opt/otrs/var
Setting permissions on /opt/otrs/bin/*
Setting permissions on /opt/otrs/scripts/
Setting permissions on /opt/otrs/Kernel/Config.pm

-rw-rw-r-- 1 otrs www-data 287188 Dec 2 17:01 ZZZAAuto.pm
-rw-rw-r-- 1 otrs www-data 8690 Dec 2 17:01 ZZZAuto.pm

Crythias, I presume that you are showing me how running this as root helps? I have been doing so. Either while logged in as root (sudo su) as well as using sudo from my own login. It has not helped.

tarnalcock · Post by **tarnalcock** » 06 Dec 2013, 23:04

I have even tried the exact thing you posted there. Does not work. I still get permissions errors peppering my logs! Thank you for trying.

reneeb · Post by **reneeb** » 06 Dec 2013, 23:15

The cronjobs should be run as the web-user...

Post by **crythias** » 06 Dec 2013, 23:17

You're still getting *all* of your errors you've previously posted? Including the issue with
Error in chown 999 33 /opt/otrs/var/tmp/CacheFileStorable/GenericAgent/8/6/860c89dd3ea873874cb968dcb81a94bd: Operation not permitted

and

bash: ./bin/otrs.SetPermissions.pl: Permission denied

and

ERROR: Permission denied: /opt/otrs/Kernel/Config/Files/ZZZAAuto.pm
ERROR: Permission denied: /opt/otrs/Kernel/Config/Files/ZZZAuto.pm

?

tarnalcock · Post by **tarnalcock** » 09 Dec 2013, 04:24

Crythias, I cannot confirm whether *all* ot the errors still existed as various ones either appeared or disappeared as I tried various solutions to solve the problem.

I was finally able to fix it by changing the apache default user and group and then re-running the permissions script.

Thank you for all the input.

tarnalcock · Post by **tarnalcock** » 09 Dec 2013, 09:28

So. Just in case anyone else gets permissions errors with Ubuntu Server and OTRS, the trick is to

1. edit /etc/apache2/envvars and set
- Code: Select all
```
    export APACHE_RUN_USER=(yourotrsusersname) (e.g otrs)
    export APACHE_RUN_GROUP=(yourotrsusersgroup) (e.g otrs)
```
2. Re-run the otrs.SetPermissions.pl script as root setting all usernames and groups for the ones set above.
- i.e.
  Code: Select all
```
bin/otrs.SetPermissions.pl --otrs-user=otrs --otrs-group=otrs --web-user=otrs --web-group=otrs /opt/otrs
```
3. Restart apache.

4. Smile because your two weeks of hell are finally over.

Znuny Open Source Ticketsystem

[OP Solved] Permission issues

[OP Solved] Permission issues

Re: Permission issues

Re: Permission issues

Re: Permission issues

Re: Permission issues

Re: Permission issues

Re: Permission issues

Re: Permission issues

Re: Permission issues

Re: Permission issues

Re: Permission issues

Re: Permission issues

Re: Permission issues

Re: Permission issues

Re: Permission issues

Re: Permission issues

Re: [OP Solved] Permission issues