All sites offline after running set_permissions.sh all :-(

flexjoly

flexjoly

Verified User
Joined
Nov 2, 2016
Messages
89
Location
Apeldoorn, Netherlands
Hi,

We would like to know what happened, so this won't happen again.
I did some maintenance on our VPS just to find out that all our sites did not work anymore.

I tried to fix the permissions, but it took to long (more then half an hour) and I did not have any clue,
so we decided to restore the 4-hour backup of the server :sick::eek: ??
For the first time in about 10 years or so.

I think it was due to
Code: 
cd /usr/local/directadmin/scripts
./set_permissions.sh all

as adviced in: https://forum.directadmin.com/threads/how-to-fix-permissions.28178/post-141708

I have used this script before, so I was not expecting any problems.


Why did we run set_permissions?
We have some leftovers on an old server. And those are installed on our current server by restoring the directadmin backup.

Most of our work goes via git and there I have some hooks/scripts which fixes the permissions. But this one had our dokuwiki without git and so the permissions did not get fixed.

The set_permissions-script did not solve the problem :-(
So I runned chown and chmod manually for the specific domain.


Our configuration
is a bit complex:
- Centos 7
- nginx
- Postgres 9.2 (far to old, but the default on centos)
- git etc.
- AND: our server-wide in-house php-framework

To get our framework working ánd accessible via file-manager etc. it is inside a 'normal' directadmin-user-account. And with the central 'access' group I managed to give the other users permission to use the framework. This has been working on our current server, and on our older servers for about 15 years or longer. So to us nothing new.
To get Git working AND accessible via the file-manager, we did something similar. Giving all users group-rights to the git user.


Other things I did just before this
Before fixing those permissions I was busy installing nodejs/npm and puppeteer.

Yum, custombuild2 and directadmin were all uptodate.

But I think that is not related to these problems.

The problem
The sites that depend on our framework (/home/rhcore/rhBasic005), could not access our framework anymore and gave the error 'include_once(): open_basedir restriction'
WhatsApp Image 2020-04-14 at 15.39.40 2.jpeg

Even stranger was, that we could not access the file-editor in Directadmin.

Aantekening 2020-04-14 154338.png


What can have happened? What do I need to do, so this cannot happen again??

Thanks in advance,

flexJoly



======================================================
Below: some config en logs
======================================================



Directadmin conf
Code: 
add_userdb_quota=1
addip=/usr/local/directadmin/scripts/addip
admin_helper=admin.site-helper.com
admindir=./data/admin
apache_public_html=0
apache_ver=2.0
apachecert=/etc/nginx/conf/ssl.crt/server.crt
apacheconf=/etc/httpd/conf/extra/directadmin-vhosts.conf
apacheips=/etc/httpd/conf/ips.conf
apachekey=/etc/nginx/conf/ssl.key/server.key
apachelogdir=/var/log/httpd/domains
apachemimetypes=/etc/mime.types
awstats=1
brute_dos_count=100
brute_force_log_scanner=1
brute_force_scan_apache_logs=0
brute_force_time_limit=12000
brutecount=10
bruteforce=0
cacert=/usr/local/directadmin/conf/cacert.pem
cakey=/usr/local/directadmin/conf/cakey.pem
carootcert=/usr/local/directadmin/conf/carootcert.pem
check_partitions=2
check_subdomain_owner=0
clear_blacklist_ip_time=0
clear_brute_log_entry_time=4
clear_brute_log_time=24
cloud_cache=0
default_private_html_link=1
demodocsroot=./data/skins/enhanced
dkim=1
dns_spf=1
dns_tlsa=1
docsroot=./data/skins/evolution
dovecot=1
emailspoolvirtual=/var/spool/virtual
emailvirtual=/etc/virtual
enforce_difficult_passwords=0
ethernet_dev=eth0
exempt_local_block=1
extra_spf_value= ip6:2a0*****4:11b::1
fm_dir_permissons=755
fm_file_permissions=644
force_hostname=vps1.rh*******7.nl
frontpage_on=0
ftpconfig=/etc/proftpd.conf
ftppasswd=/etc/proftpd.passwd
ftpvhosts=/etc/proftpd.vhosts.conf
global_httpd_tokens=/usr/local/directadmin/data/admin/global_httpd_tokens.conf
hide_brute_force_notifications=1
hsts=1536000
http2=1
ip_brutecount=100
ipv6=1
letsencrypt=1
letsencrypt_list=www:mail:ftp:pop:smtp
letsencrypt_list_selected=www:mail:ftp:pop:smtp:admin:my
license=/usr/local/directadmin/conf/license.key
litespeed=0
log_rotate_size=5
logdir=/var/log/directadmin
logger=/usr/local/directadmin/logger
loghostname=0
login_history=10
logs_to_keep=10
lost_password=0
max_per_email_send_limit=-1
max_username_length=10
maxfilesize=10485760
mysqlconf=/usr/local/directadmin/conf/mysql.conf
namedconfig=/etc/named.conf
nameddir=/var/named
nginx=1
nginx_proxy=0
ns1=ns0.transip.nl
ns2=ns1.transip.net
ns3=ns2.transip.eu
numservers=5
openlitespeed=0
owsadm=/usr/local/frontpage/version5.0/bin/owsadm.exe
partition_usage_threshold=95
pigz=2
port=2222
pureftp=1
purge_spam_days=0
quota_partition=/
removeip=/usr/local/directadmin/scripts/removeip
reseller_helper=reseller.site-helper.com
rotate_httpd_error_log_meg=1024
rotate_httpd_error_log_truncate=1
secure_access_group=access
servername=vps1.rh*******7.nl
serverpath=/usr/local/directadmin
session_minutes=60
skinsdir=./data/skins
sshdconfig=/etc/ssh/sshd_config
ssl=1
ssl_cipher=HIGH:!aNULL:!MD5
ssl_redirect_host=vps1.rh*******7.nl
taskqueue=/usr/local/directadmin/data/task.queue
templates=/usr/local/directadmin/data/templates
ticketsdir=/usr/local/directadmin/data/tickets
timeout=60
tmpdir=../../../home/tmp
tokenize_script_output=1
unblock_brute_ip_time=86400
unified_ftp_password_file=1
user_brutecount=100
user_can_select_skin=1
user_can_set_email_limit=1
user_helper=www.site-helper.com
userdata=./data/users
webalizer=1
mail_partition=/mnt/bigstorage/mail
ext_quota_partitions=/mnt/bigstorage

Some output from running the set_permissions script
First part:
Code: 
[root@vps1 public_html]# cd /usr/local/directadmin/scripts/
[root@vps1 scripts]# ./set_permissions.sh all
***********************************************
Tue Apr 14 15:08:27 CEST 2020 : ./set_permissions.sh all
set /home/tmp root:root 1777 flag
set /usr/local/directadmin diradmin:diradmin 755 flag
set /usr/local/directadmin/conf diradmin:diradmin 600 flag -R
set /usr/local/directadmin/conf diradmin:diradmin 700 flag
Permissions set
set_user_perm abc
set /usr/local/directadmin/data/users/abc diradmin:diradmin 711 flag
set /usr/local/directadmin/data/users/abc/bandwidth.tally root:root 600 flag
set /usr/local/directadmin/data/users/abc/ftp.passwd root:ftp 640 flag
set /usr/local/directadmin/data/users/abc/crontab.conf diradmin:diradmin 600 flag
set /usr/local/directadmin/data/users/abc/domains.list diradmin:diradmin 600 flag
set /usr/local/directadmin/data/users/abc/domains diradmin:diradmin 711 flag
set /usr/local/directadmin/data/users/abc/nginx.conf diradmin:abc 640 flag
set /usr/local/directadmin/data/users/abc/ticket.conf diradmin:diradmin 600 flag
set /usr/local/directadmin/data/users/abc/tickets.list diradmin:diradmin 600 flag
set /usr/local/directadmin/data/users/abc/user.conf diradmin:diradmin 600 flag
set /usr/local/directadmin/data/users/abc/user.usage diradmin:diradmin 600 flag
set /usr/local/directadmin/data/users/abc/user.history diradmin:diradmin 600 flag
set /usr/local/directadmin/data/users/abc/user_ip.list diradmin:diradmin 600 flag
set /usr/local/directadmin/data/users/abc/login.hist diradmin:diradmin 600 flag
set /usr/local/directadmin/data/users/abc/history diradmin:diradmin 700 flag
set /usr/local/directadmin/data/users/abc/history/* diradmin:diradmin 600 flag
set /usr/local/directadmin/data/users/abc/domains diradmin:diradmin 600 flag -R
set /usr/local/directadmin/data/users/abc/domains diradmin:diradmin 711 flag
set /usr/local/directadmin/data/users/abc/domains/*.cert diradmin:mail 640 flag
set /usr/local/directadmin/data/users/abc/domains/*.cacert diradmin:mail 640 flag
set /usr/local/directadmin/data/users/abc/domains/*.cert.combined diradmin:mail 640 flag
set /usr/local/directadmin/data/users/abc/domains/*.key diradmin:mail 640 flag
set_user_perm admin
set /usr/local/directadmin/data/users/admin diradmin:diradmin 711 flag
set /usr/local/directadmin/data/users/admin/bandwidth.tally root:root 600 flag
set /usr/local/directadmin/data/users/admin/ftp.passwd root:ftp 640 flag
set /usr/local/directadmin/data/users/admin/crontab.conf diradmin:diradmin 600 flag
set /usr/local/directadmin/data/users/admin/domains.list diradmin:diradmin 600 flag
set /usr/local/directadmin/data/users/admin/domains diradmin:diradmin 711 flag
set /usr/local/directadmin/data/users/admin/httpd.conf diradmin:admin 640 flag
set /usr/local/directadmin/data/users/admin/nginx.conf diradmin:admin 640 flag
set /usr/local/directadmin/data/users/admin/ticket.conf diradmin:diradmin 600 flag
set /usr/local/directadmin/data/users/admin/user.conf diradmin:diradmin 600 flag
set /usr/local/directadmin/data/users/admin/user.usage diradmin:diradmin 600 flag
set /usr/local/directadmin/data/users/admin/user.history diradmin:diradmin 600 flag
set /usr/local/directadmin/data/users/admin/user_ip.list diradmin:diradmin 600 flag
set /usr/local/directadmin/data/users/admin/login.hist diradmin:diradmin 600 flag
set /usr/local/directadmin/data/users/admin/skin_customizations diradmin:diradmin 711 flag
set /usr/local/directadmin/data/users/admin/history diradmin:diradmin 700 flag
set /usr/local/directadmin/data/users/admin/history/* diradmin:diradmin 600 flag
cat: /usr/local/directadmin/data/users/admin/domains/*.conf: No such file or directory
set /usr/local/directadmin/data/users/admin/domains diradmin:diradmin 600 flag -R
set /usr/local/directadmin/data/users/admin/domains diradmin:diradmin 711 flag
set /usr/local/directadmin/data/users/admin/domains/*.cert diradmin:mail 640 flag
chown: cannot access ‘/usr/local/directadmin/data/users/admin/domains/*.cert’: No such file or directory
chmod: cannot access ‘/usr/local/directadmin/data/users/admin/domains/*.cert’: No such file or directory
set /usr/local/directadmin/data/users/admin/domains/*.cacert diradmin:mail 640 flag
chown: cannot access ‘/usr/local/directadmin/data/users/admin/domains/*.cacert’: No such file or directory
chmod: cannot access ‘/usr/local/directadmin/data/users/admin/domains/*.cacert’: No such file or directory
set /usr/local/directadmin/data/users/admin/domains/*.cert.combined diradmin:mail 640 flag
chown: cannot access ‘/usr/local/directadmin/data/users/admin/domains/*.cert.combined’: No such file or directory
chmod: cannot access ‘/usr/local/directadmin/data/users/admin/domains/*.cert.combined’: No such file or directory
set /usr/local/directadmin/data/users/admin/domains/*.key diradmin:mail 640 flag
chown: cannot access ‘/usr/local/directadmin/data/users/admin/domains/*.key’: No such file or directory
chmod: cannot access ‘/usr/local/directadmin/data/users/admin/domains/*.key’: No such file or directory
set_reseller_perm admin
set /usr/local/directadmin/data/users/admin/ip.list diradmin:diradmin 600 flag
set /usr/local/directadmin/data/users/admin/packages diradmin:diradmin 600 flag -R
set /usr/local/directadmin/data/users/admin/packages diradmin:diradmin 700 flag
set /usr/local/directadmin/data/users/admin/packages.list diradmin:diradmin 600 flag
set /usr/local/directadmin/data/users/admin/reseller.allocation diradmin:diradmin 600 flag
set /usr/local/directadmin/data/users/admin/reseller.conf diradmin:diradmin 600 flag
set /usr/local/directadmin/data/users/admin/reseller.usage diradmin:diradmin 600 flag
set /usr/local/directadmin/data/users/admin/reseller.history diradmin:diradmin 600 flag
set /usr/local/directadmin/data/users/admin/u_welcome.txt diradmin:diradmin 600 flag
set /usr/local/directadmin/data/users/admin/bandwidth.tally.cache diradmin:diradmin 600 flag
set /usr/local/directadmin/data/users/admin/users.list diradmin:diradmin 600 flag
set /usr/local/directadmin/data/users/admin/reseller.history diradmin:diradmin 600 flag
set_user_perm bov
set /usr/local/directadmin/data/users/bov diradmin:diradmin 711 flag
set /usr/local/directadmin/data/users/bov/bandwidth.tally root:root 600 flag
set /usr/local/directadmin/data/users/bov/ftp.passwd root:ftp 640 flag
set /usr/local/directadmin/data/users/bov/crontab.conf diradmin:diradmin 600 flag

etc

Second part
Code: 
set /usr/local/directadmin/data/users/xrl/user_ip.list diradmin:diradmin 600 flag
set /usr/local/directadmin/data/users/xrl/history diradmin:diradmin 700 flag
set /usr/local/directadmin/data/users/xrl/history/* diradmin:diradmin 600 flag
set /usr/local/directadmin/data/users/xrl/domains diradmin:diradmin 600 flag -R
set /usr/local/directadmin/data/users/xrl/domains diradmin:diradmin 711 flag
set /usr/local/directadmin/data/users/xrl/domains/*.cert diradmin:mail 640 flag
chown: cannot access ‘/usr/local/directadmin/data/users/xrl/domains/*.cert’: No such file or directory
chmod: cannot access ‘/usr/local/directadmin/data/users/xrl/domains/*.cert’: No such file or directory
set /usr/local/directadmin/data/users/xrl/domains/*.cacert diradmin:mail 640 flag
chown: cannot access ‘/usr/local/directadmin/data/users/xrl/domains/*.cacert’: No such file or directory
chmod: cannot access ‘/usr/local/directadmin/data/users/xrl/domains/*.cacert’: No such file or directory
set /usr/local/directadmin/data/users/xrl/domains/*.cert.combined diradmin:mail 640 flag
chown: cannot access ‘/usr/local/directadmin/data/users/xrl/domains/*.cert.combined’: No such file or directory
chmod: cannot access ‘/usr/local/directadmin/data/users/xrl/domains/*.cert.combined’: No such file or directory
set /usr/local/directadmin/data/users/xrl/domains/*.key diradmin:mail 640 flag
chown: cannot access ‘/usr/local/directadmin/data/users/xrl/domains/*.key’: No such file or directory
chmod: cannot access ‘/usr/local/directadmin/data/users/xrl/domains/*.key’: No such file or directory
set /usr/local/directadmin/data/users diradmin:diradmin 711 flag
set_admin_perm
set /usr/local/directadmin/data/admin diradmin:diradmin 600 flag -R
set /usr/local/directadmin/data/admin diradmin:diradmin 700 flag
set /usr/local/directadmin/data/admin/ip_access diradmin:diradmin 700 flag
set /usr/local/directadmin/data/admin/ips diradmin:diradmin 700 flag
set /usr/local/directadmin/data/admin/packages diradmin:diradmin 700 flag
set /usr/local/directadmin/data/admin/task_queue_processes diradmin:diradmin 700 flag
set /usr/local/directadmin/data/sessions diradmin:diradmin 600 flag -R
set /usr/local/directadmin/data/sessions diradmin:diradmin 700 flag
set /usr/local/directadmin/data/tickets diradmin:diradmin 700 flag -R
set /usr/local/directadmin/data/tickets/*/*/* diradmin:diradmin 600 flag
user_homes
set /home root:root 711 flag
set_user_home abc
set /home/abc abc:abc 711 flag
set /home/abc/.shadow abc:mail 640 flag
set /home/abc/domains abc:abc 711 flag
set /home/abc/domains/* abc:abc 711 flag
set /home/abc/backups abc:abc 700 flag
set /home/abc/backups/* abc:abc 600 flag
chown: cannot access ‘/home/abc/backups/*’: No such file or directory
chmod: cannot access ‘/home/abc/backups/*’: No such file or directory
set /home/abc/user_backups/* abc:abc 755 flag
chown: cannot access ‘/home/abc/user_backups/*’: No such file or directory
chmod: cannot access ‘/home/abc/user_backups/*’: No such file or directory
set /home/abc/.spamassassin abc:mail 771 flag
set_user_home admin
set /home/admin admin:admin 711 flag
set /home/admin/.shadow admin:mail 640 flag
set /home/admin/domains admin:admin 711 flag
set /home/admin/domains/* admin:admin 711 flag
set /home/admin/domains/default admin:admin 755 flag
set /home/admin/domains/suspended admin:admin 755 flag
set /home/admin/backups/* admin:admin 600 flag
chown: cannot access ‘/home/admin/backups/*’: No such file or directory
chmod: cannot access ‘/home/admin/backups/*’: No such file or directory
set /home/admin/user_backups admin:admin 711 flag
set /home/admin/user_backups/* admin:admin 755 flag
chown: cannot access ‘/home/admin/user_backups/*’: No such file or directory
chmod: cannot access ‘/home/admin/user_backups/*’: No such file or directory
set_user_home bov
set /home/bov bov:bov 711 flag
set /home/bov/.shadow bov:mail 640 flag
set /home/bov/domains bov:bov 711 flag
set /home/bov/domains/* bov:bov 711 flag
set /home/bov/backups bov:bov 700 flag
set /home/bov/backups/* bov:bov 600 flag
chown: cannot access ‘/home/bov/backups/*’: No such file or directory

Third part

Code: 
set_user_home xrl
set /home/xrl xrl:xrl 711 flag
set /home/xrl/.shadow xrl:mail 640 flag
set /home/xrl/domains xrl:xrl 711 flag
set /home/xrl/domains/* xrl:xrl 711 flag
set /home/xrl/backups/* xrl:xrl 600 flag
chown: cannot access ‘/home/xrl/backups/*’: No such file or directory
chmod: cannot access ‘/home/xrl/backups/*’: No such file or directory
set /home/xrl/user_backups/* xrl:xrl 755 flag
chown: cannot access ‘/home/xrl/user_backups/*’: No such file or directory
chmod: cannot access ‘/home/xrl/user_backups/*’: No such file or directory
do_mysql
set /var/lib/mysql* mysql:mysql 711 flag
email
set /etc/virtual mail:mail 755 flag
set /etc/virtual/domainowners mail:mail 640 flag
set /etc/virtual/domains mail:mail 640 flag
set /etc/virtual/pophosts mail:mail 600 flag
set /etc/virtual/pophosts_user mail:mail 600 flag
set /etc/virtual/majordomo majordomo:daemon 750 flag
set /etc/virtual/bad_sender_hosts mail:mail 600 flag
set /etc/virtual/bad_sender_hosts_ip mail:mail 600 flag
set /etc/virtual/blacklist_domains mail:mail 600 flag
set /etc/virtual/blacklist_senders mail:mail 600 flag
set /etc/virtual/whitelist_domains mail:mail 600 flag
set /etc/virtual/whitelist_hosts mail:mail 600 flag
set /etc/virtual/whitelist_hosts_ip mail:mail 600 flag
set /etc/virtual/whitelist_senders mail:mail 600 flag
set /etc/virtual/use_rbl_domains mail:mail 600 flag
set /etc/virtual/skip_av_domains mail:mail 600 flag
set /etc/virtual/skip_rbl_domains mail:mail 600 flag
set /etc/virtual/wiki.vf****b.nl mail:mail 711 flag
set /etc/virtual/wiki.vf****b.nl/aliases mail:mail 600 flag
set /etc/virtual/wiki.vf****b.nl/filter mail:mail 640 flag
set /etc/virtual/wiki.vf****b.nl/filter.conf mail:mail 600 flag
set /etc/virtual/wiki.vf****b.nl/passwd mail:mail 600 flag
set /etc/virtual/wiki.vf****b.nl/dkim.private.key mail:mail 600 flag
set /etc/virtual/wiki.vf****b.nl/dkim.public.key mail:mail 600 flag
set /etc/virtual/wiki.vf****b.nl/vacation.conf mail:mail 600 flag
set /etc/virtual/wiki.vf****b.nl/autoresponder.conf mail:mail 600 flag
set /etc/virtual/wiki.vf****b.nl/reply mail:mail 700 flag
set /etc/virtual/wiki.vf****b.nl/reply/* mail:mail 600 flag
chown: cannot access ‘/etc/virtual/wiki.vf****b.nl/reply/*’: No such file or directory
chmod: cannot access ‘/etc/virtual/wiki.vf****b.nl/reply/*’: No such file or directory
chown: cannot access ‘/etc/virtual/wiki.vf****b.nl/majordomo/lists’: No such file or directory
set /etc/virtual/nas.vf****b.nl mail:mail 711 flag

fourth part
Code: 
set /etc/virtual/git.rh***7.nl/dkim.private.key mail:mail 600 flag
set /etc/virtual/git.rh***7.nl/dkim.public.key mail:mail 600 flag
set /etc/virtual/git.rh***7.nl/vacation.conf mail:mail 600 flag
set /etc/virtual/git.rh***7.nl/autoresponder.conf mail:mail 600 flag
set /etc/virtual/git.rh***7.nl/reply mail:mail 700 flag
set /etc/virtual/git.rh***7.nl/reply/* mail:mail 600 flag
chown: cannot access ‘/etc/virtual/git.rh***7.nl/reply/*’: No such file or directory
chmod: cannot access ‘/etc/virtual/git.rh***7.nl/reply/*’: No such file or directory
chown: cannot access ‘/etc/virtual/git.rh***7.nl/majordomo/lists’: No such file or directory
set /var/spool/exim mail:mail 750 flag
set /var/spool/exim/* mail:mail 750 flag
set /etc/exim.cert mail:mail 644 flag
set /etc/exim.key mail:mail 600 flag
dovecot
set /home/abc/Maildir abc:mail 770 flag
set /mnt/bigstorage/mail/abc/imap/a***e.nl/info/Maildir abc:mail 770 flag
set /home/admin/Maildir admin:mail 770 flag
set /home/bov/Maildir bov:mail 770 flag
set /mnt/bigstorage/mail/bov/imap/ar***v.nl/info/Maildir bov:mail 770 flag
cat: /etc/virtual/a****v.nl/passwd: No such file or directory
set /mnt/bigstorage/mail/bov/imap/b***d.nl/info/Maildir bov:mail 770 flag
set /home/b****6/Maildir b****6:mail 770 flag
set /mnt/bigstorage/mail/b****6/imap/b****6.com/e****/Maildir b****6:mail 770 flag
set /mnt/bigstorage/mail/b****6/imap/b****6.com/e****/Maildir b****6:mail 770 flag
set /mnt/bigstorage/mail/b****6/imap/b****6.com/j****/Maildir b****6:mail 770 flag
set /mnt/bigstorage/mail/b****6/imap/b****6.com/noreply/Maildir b****6:mail 770 flag
set /mnt/bigstorage/mail/b****6/imap/b****6.com/p****/Maildir b****6:mail 770 flag

last part
Code: 
set /home/vks/Maildir vks:mail 770 flag
set /home/wjd/Maildir wjd:mail 770 flag
set /mnt/bigstorage/mail/wjd/imap/de***g.nl/crediteuren/Maildir wjd:mail 770 flag
cannot find /mnt/bigstorage/mail/wjd/imap/de***g.nl/facturatie/Maildir : skipping
set /mnt/bigstorage/mail/wjd/imap/de***g.nl/info/Maildir wjd:mail 770 flag
cannot find /mnt/bigstorage/mail/wjd/imap/de***g.nl/****/Maildir : skipping
set /home/xrl/Maildir xrl:mail 770 flag
cat: /etc/virtual/admin.****.nl/passwd: No such file or directory
cat: /etc/virtual/****.nl/passwd: No such file or directory
set /var/log/exim mail:mail 640 flag -R
set /var/log/exim mail:mail 750 flag
set /usr/sbin/exim root:root 4755 flag
logs
set /var/log/directadmin diradmin:diradmin 700 flag
set /var/log/directadmin/* diradmin:diradmin 600 flag
set /var/log/exim mail:mail 755 flag
set /var/log/exim/* mail:mail 644 flag
set /var/log/proftpd root:root 755 flag
set /var/log/proftpd/* root:root 644 flag
chown: cannot access ‘/var/log/proftpd/*’: No such file or directory
chmod: cannot access ‘/var/log/proftpd/*’: No such file or directory
chown: cannot access ‘/var/log/httpd/domains’: No such file or directory
etc_configs
set /etc/exim.* root:root 755 flag
set /etc/system_filter.exim root:root 755 flag
set /etc/proftpd.passwd root:ftp 640 flag
 
templates/custom is a custom configuration folder (error in your modal window). I guess Nginx simply had no permissions to access the files. I'd suggest checking /var/log/nginx/domains/domain.com.error.log (of any non-working domain). Must be a permission error there.
 
Hi,
Thanks for your quick answers

smtalk said:
templates/custom is a custom configuration folder (error in your modal window). I guess Nginx simply had no permissions to access the files. I'd suggest checking /var/log/nginx/domains/domain.com.error.log (of any non-working domain). Must be a permission error there.
Click to expand...

It was definitely a permission problem. But it started only AFTER running the set_permissions.sh script....
That is so strange :( How can that be?!?!


Active8 said:
Try to disable open_basedir restriction in DA to test if this is the problem
Click to expand...
I tried that also, but it did not help at all.

The strange thing is that it does work with open_basedir enabled.... After restoring the backup, I looked at it again and open_basedir is enabled and anything is working nicely again..... ❓❓


It would have been easier if I could have left the server in error while discussing it here.... but out customers did not like that ?
 
I think your /home/username directories might have become 710 due to configuration of DA? It should have been 711.
 
I did all those things :-(
Even setting it to 755

Below some of the things I tried.


Code: 
[root@vps1 conf]# cd /home
[root@vps1 home]# ls -al
total 56
drwx--x--x. 50 root       root    4096 Apr  4 17:08 .
dr-xr-xr-x. 17 root       root     244 Jun  2  2018 ..
drwx--x---   9 abc        access  4096 Apr 14 00:01 abc
drwx--x--x. 16 admin      admin   4096 Nov 19 12:24 admin
drw-r-----   3 root       root      22 Jul 16  2018 backup
drwx--x---   8 bov        access   176 Feb 19 12:25 bov

<....>

drwx--x---   9 rh         access   197 Nov 16 15:59 rh
drwx--x---   7 rh6        access   161 Nov 16 16:07 rh6
drwx--x---  12 rhcore     access 24576 Feb 15 18:06 rhcore
drwx--x---   9 rhi        access  4096 Apr 14 00:01 rhi
drwx--x---   8 rks        access   176 Mar 13 15:24 rks
drwx--x---   8 shp        access   176 Nov 16 16:07 shp

Code: 
[root@vps1 home]# chmod 711 rhcore/
[root@vps1 home]# chmod 711 *
[root@vps1 home]# ls -al
total 56
drwx--x--x. 50 root       root    4096 Apr  4 17:08 .
dr-xr-xr-x. 17 root       root     244 Jun  2  2018 ..
drwx--x--x   9 abc        access  4096 Apr 14 00:01 abc
drwx--x--x. 16 admin      admin   4096 Nov 19 12:24 admin
drwx--x--x   3 root       root      22 Jul 16  2018 backup
drwx--x--x   8 bov        access   176 Feb 19 12:25 bov

<.....>

drwx--x--x   9 rh         access   197 Nov 16 15:59 rh
drwx--x--x   7 rh6        access   161 Nov 16 16:07 rh6
drwx--x--x  12 rhcore     access 24576 Feb 15 18:06 rhcore
drwx--x--x   9 rhi        access  4096 Apr 14 00:01 rhi
<.....>

Code: 
[root@vps1 home]# chmod 755 rhcore
[root@vps1 home]# cd ..
[root@vps1 /]# chmod 711 home
[root@vps1 /]# chmod 755 home

[root@vps1 admin]# cd /home/
[root@vps1 home]# ls -al
total 56
drwxr-xr-x. 50 root       root    4096 Apr  4 17:08 .
dr-xr-xr-x. 17 root       root     244 Jun  2  2018 ..
drwx--x--x   9 abc        access  4096 Apr 14 00:01 abc
drwx--x--x. 16 admin      admin   4096 Nov 19 12:24 admin
drwx--x--x   3 root       root      22 Jul 16  2018 backup
drwx--x--x   8 bov        access   176 Feb 19 12:25 bov

<.....>

drwx--x--x   9 rh         access   197 Nov 16 15:59 rh
drwx--x--x   7 rh6        access   161 Nov 16 16:07 rh6
drwxr-xr-x  12 rhcore     access 24576 Feb 15 18:06 rhcore
drwxr-xr-x   9 rhi        access  4096 Apr 14 00:01 rhi
<....>
[root@vps1 home]# chmod 755 rhi -R
[root@vps1 home]# chmod 755 rhcore -R
[root@vps1 home]# ls -al


[root@vps1 /]# chmod 755 home
[root@vps1 /]# echo "action=rewrite&value=secure_access_group" >> /usr/local/directadmin/data/task.queue
 
goodmorning
@smtalk, thank you so very much for helping out yesterday!! ?? and solving the mysteries.

Conclusion is that I did too much hacking ;-)
- symlinking custom-dirs/files inside directadmin/data
- overusing the 'access' group to get server-wide access to our framework
Is that about it?

I know that a server-wide framework should be in shared-folders. We could do that, but my biggest problem with this is that I cannot look into these folders with DA, but need to login with ssh - root to have a look at the folders/files of the framework.
I have added a feature request for this (nice roadmap!!) ánd voted for the git-request
 
flexjoly said:
goodmorning
@smtalk, thank you so very much for helping out yesterday!! ?? and solving the mysteries.

Conclusion is that I did too much hacking ;-)
- symlinking custom-dirs/files inside directadmin/data
- overusing the 'access' group to get server-wide access to our framework
Is that about it?

I know that a server-wide framework should be in shared-folders. We could do that, but my biggest problem with this is that I cannot look into these folders with DA, but need to login with ssh - root to have a look at the folders/files of the framework.
I have added a feature request for this (nice roadmap!!) ánd voted for the git-request
Click to expand...


I face the same problem after running set_permissions.sh all and all websites are offline, would you please help to solve this issue?
 
smtalk said:
You may send me access if you'd like me to check it (free of charge).
Click to expand...

I face the same problem after running set_permissions.sh all and all websites are offline, would you please help to solve this issue?
 
This is so weird, I have no problems and may even put set_permissions on a crontab. It has saved me so many times.

The symlink thing, I have public_html on symlink sometimes, no problems.
 
youds said:
This is so weird, I have no problems and may even put set_permissions on a crontab. It has saved me so many times.

The symlink thing, I have public_html on symlink sometimes, no problems.
Click to expand...


I can't start my web services after running set_permissions.sh all:

[root@33936 ~]# service httpd start
Starting httpd: Warning: DocumentRoot [/domains/m.shagerdi.me/public_html] does not exist
Warning: DocumentRoot [/domains/m.shagerdi.me/private_html] does not exist
Warning: DocumentRoot [/root/domains/armita.co/public_html] does not exist
Warning: DocumentRoot [/root/domains/armita.co/private_html] does not

[root@33936 scripts]# apachectl restart
Warning: DocumentRoot [/domains/m.shagerdi.me/public_html] does not exist
Warning: DocumentRoot [/domains/m.shagerdi.me/private_html] does not exist
Warning: DocumentRoot [/root/domains/armita.co/public_html] does not exist
Warning: DocumentRoot [/root/domains/armita.co/private_html] does not exist
httpd not running, trying to start
 
I'd suggest checking /var/log/httpd/error_log. But it looks more like a misconfiguration in directadmin.conf or user.conf files, because it's missing user homes in the warnings shown.
 
You must log in or register to reply here.
Back
Top