Results 1 to 10 of 10
  1. #1
    Join Date
    Jun 2001
    Posts
    369

    Bizarre Problem Crippling Superusers

    I've encountered a strange problem after installing mambo/joomla, etc. I've found that many of the directories created by it and also when using it simply to upload and unzip files created files and directories that could not be affected by account owners and superusers.

    Let's say you've got a domain myplace.com and you have a directory called mydir. In it you have two files, index.php and myfile.php. Even if permissions are set to 755, if you login through ftp with the owner/admin's account and try to delete, modify, move those files or directories, you are told that you don't have permission. Logging in via ssh yielded the same with stars next to the files and produced the same results even after switching to su and logging in as the su. I did add the accounts above to the wheel users group so this isn't a question of straight permissions.

    The only way I could delete/modify those invisibly protected directories was to rm -rf them and manually upload. The problem now is copying what I have on my test site to the real site and moving the folders out of the one that tar made for me. Using FTP I get a permissions error. I used cpanel's file manager to move some of them, but I have 5 directories left that cannot be moved because of:

    No such file or directory

    Which makes no sense. Even the file manager sees the file or directory. I'm guessing this is the same permissions issue. Now I am loathe to think that there is even one file hiding somewhere that is set as improperly causing the move not to work but I don't think this is the case. Regardless, I'm the bloody su so should I be able to move things as easily as I can chmod them?

    I hope some of you may have encountered this issue and beat it because it's killin' me. I also hope there is a way to set all files in a directory and their subdirectories to a certain permission level because of the toil of searching through numerous folders, files, etc....

    Many thanks to all of you.

  2. #2
    Join Date
    Jun 2001
    Posts
    369
    As editing messages is not allowed due to probably desire to horde the content, here's an update:

    I tried to change permissions using my FTP client of a file set to 644. I could do that anywhere. No can do now as I get an "operation not permitted" error in trying to do so. It seems like there is some setting not allowing me to make changes, even as the owner of the account.

  3. #3
    Join Date
    Jun 2001
    Posts
    369
    Here is one more. Tried to delete a folder set as 755. FTP Voyager tells me:

    FTP Voyager - Version 12.2.0.0

    ERROR:> Unable to delete "/home/mydomain/www/public_html/myfolder" (file or folder may not exist or server may not allow delete)

    I can't explain it. This is very strange. And my user is added to the wheel group. FTP access should allow me to delete the directory or at least change its permissions.

  4. #4
    Are you able to modify the filw permission as a normal user logging into the ftp?

  5. #5
    Join Date
    Jun 2001
    Posts
    369
    I was told that this was due to the code running as nobody in PHP causing permissions issues. It makes no sense to me. That still wouldn't explain why I could not modify any file permissions via ftp. The only way to do it is to ssh in and switch to superuser and then change every file permission individually. Manually uploading the files instead of untarring them with ssh on the server produces normal results. Thanks.

  6. #6
    Join Date
    Jun 2003
    Location
    Proud She-Geek
    Posts
    1,722
    When you SSH in and do a ls -al on this account, what does the user and group say? If it is set to root.root or something other than the account (say user.user), it could just be a chown issue. I often experience something like this if I untar/unzip an archive via SSH.

    In that case I believe you would run something along the lines of (in the folder of the user in question)

    chown -R user:user *

    (replacing user:user with the actual account username of course)

    Double-check that that is the proper format; it's been a while since I've had do that.
    <?php echo "Signature here"; ?>

  7. #7
    Join Date
    Jun 2001
    Posts
    369
    Many thanks --

    Sometimes I get the * but other times not. Here's a good example of not having the star and FTP refused to allow me to set permissions, modify or delete the file:

    drwxr-xr-x 4 nobody nobody 4096 Nov 6 20:46 ./
    drwxrwxrwx 31 amcamce amcamce 4096 Nov 11 04:03 ../
    drwxr-xr-x 2 nobody nobody 4096 Nov 6 20:46 css/
    drwxr-xr-x 2 nobody nobody 4096 Nov 6 20:46 images/
    -rw-r--r-- 1 nobody nobody 12063 Nov 6 20:46 index.php
    -rw-r--r-- 1 nobody nobody 2055 Nov 6 20:46 templateDetails.xml
    -rw-r--r-- 1 nobody nobody 12914 Nov 6 20:46 template_thumbnail.png
    [email protected][/home/tlcetlc/www/templates/solarflare_showcase]#


    I am supposed to be able to set these permissions even though they are at 644. I have always been able to do this. Here is an example with stars:


    drwxr-x--- 25 tlcetlc nobody 4096 Nov 11 03:02 ./
    drwx--x--x 22 tlcetlc tlcetlc 4096 Nov 11 14:56 ../
    drwxr-xr-x 9 tlcetlc tlcetlc 4096 Nov 10 16:03 administrator/
    drwxrwxrwx 2 amcamce amcamce 4096 Nov 11 00:10 cache/
    drwxr-xr-x 13 tlcetlc tlcetlc 4096 Sep 23 13:16 admindir/
    drwxr-xr-x 2 tlcetlc tlcetlc 4096 Sep 23 13:37 cgi-bin/
    -rwxrwxrwx 1 amcamce amcamce 22758 Nov 5 01:39 CHANGELOG.php*
    drwxrwxrwx 18 amcamce amcamce 4096 Nov 10 01:16 components/
    -rwxrwxrwx 1 armchair amcamce 3684 Nov 11 14:35 configuration.php*
    -rwxrwxrwx 1 armchair amcamce 4001 Nov 5 01:39 configuration.php-dist*
    -rwxrwxrwx 1 amcamce amcamce 3417 Nov 5 01:39 COPYRIGHT.php*
    drwxrwxrwx 2 amcamce amcamce 4096 Nov 5 01:45 editor/
    -rw-r--r-- 1 tlcetlc tlcetlc 58193920 Nov 10 11:37 joomla.tar
    drwxr-xr-x 11 tlcetlc tlcetlc Nov 10 16:18 reviews_/
    -rwxrwxrwx 1 amcamce amcamce 286 Nov 5 01:39 robots.txt*
    drwxrwxrwx 2 tlcetlc tlcetlc 4096 Sep 23 13:17 tmp/
    [email protected][/home/tlcetlc/www]#

  8. #8
    Join Date
    Jun 2004
    Location
    Los Angeles
    Posts
    87
    The problem here is that tar maintains permissions when you run it as root.

    Follow this:
    1. On your home unix computer, your are logged in as user 'bob', with a numeric userid of 1111.
    2. You tar up a whole lotta files into test.tgz
    3. You upload it to your actual server with your normal username 'tlcetlc'
    4. As ROOT, you untar it
    5. The resulting files are then owned by WHICHEVER USER has the numeric userid of '1111',(or the name bob) perhaps some user named 'mindy'.

    This is by design - only root has the ability to create files that are owned by another user.
    If you were to untar the file using an unprivileged user account, the untarred files would be owned by that unprivileged user, all the time.

    Couple of other things to check:
    1. If on linux, check to see whether the 'immutable' flag has been set on any of the files/folders by using the 'lsattr' command(that's a lowercase L there)
    - it would look like this :
    ---i---------- passwd <--- see that 'i' ?
    -------------- passwd-
    -------------- passwd.000
    -------------- passwd.OLD
    -------------- passwd.precpanel
    -------------- passwd.tmpeditlib
    -------------- passwd,v

    - to fix it, try chattr -i <filename>
    - there are other variants, such as the 'a' flag... try chattr -a <filename> in that case

    2. If on freebsd, try ls -lo to see if the immutable flag has been set
    - it looks like this
    serverx:/etc#ls -lo rc.conf*
    -rw-r----- 1 root wheel schg 1773 Mar 18 2005 rc.conf
    -rw-r--r-- 1 root wheel - 1753 Mar 18 2005 rc.conf.050318
    -rw-r--r-- 1 root wheel - 1724 Aug 22 2004 rc.conf.attip

    -fix it with 'chflags noschg <filename>'


    ok so that should address the 'operation not permitted' issue. The other one seems to be with 'File not found'.
    I've seen a lotta these, and they are frustrating. Often, people will accidentally start or end the filename with a SPACE, i.e. 'mypic.jpg ' <--space

    It leads to 'ls -l' output that is confusing, like this:
    serverx:/home/american/#ls -la
    total 18
    drwxr-xr-x 7 american american 512 Nov 11 19:47 .
    drwxr-xr-x 15 american american 1536 Sep 6 16:20 ..
    drwxr-xr-x 2 american american 512 Jul 19 2004 cgi-bin
    -rw-r--r-- 1 root american 0 Nov 11 19:47 file_with_space
    -rw-r--r-- 1 root american 0 Nov 11 19:47 file_with_space
    drwxr-xr-x 2 american american 512 Oct 26 15:30 recycle_bin
    WHA?!?!

    FTP software cant handle this at all, so it says no such file or folder. It's annoying.

    try this line of perl in the directory where the file/folder exists:
    perl -e'opendir DIR, "./"; my @files = readdir DIR; foreach my $file(@files) { print qq{###$file###\n}; }'

    The output looks like this:
    ###.###
    ###..###
    ###cgi-bin###
    ###recycle_bin###
    ###file_with_space ### <--- ah ha! that pesky space
    ###file_with_space###


    Good luck.

  9. #9
    Join Date
    Jun 2004
    Location
    Los Angeles
    Posts
    87
    Also, you should probably get your hands on one of those little 'php shell/filemanager' things (commonly used by crappy script kiddies and spammers). These things are written in php, so they run as the 'www' user. If you ever need to delete or chmod a www owned file, just fire it up real quick (keep it password protected or something tho...)

  10. #10
    ALways make sure the files are having the user permission and no spaces seperation

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •