[horde] Horde cannot read or write files unless allow by "other" permissions
Arjen de Korte
build+horde at de-korte.org
Thu May 21 16:32:18 UTC 2020
Citeren James Mohr <horde at jimmo.com>:
> Greetings!
>
> I'm running Horde Groupware 5.2.22 on Fedora 31. I moved the
> databases from another machine and loaded them. the calendar and
> they seem to be fine in that I can log into Horde and see my data.
> The problem is that I can only change the configuration if the
> respective conf.php and conf.bak.php allow writng by "other".
>
> - httpd is running as wwwru, The user wwwrun is also a member of the
> group wwwrun.
> - The owner and group of the respective conf.php and conf.bak.php
> files is wwwrun:wwwrun
> - selinux is disabled:
> [root at sonne config]# sestatus
> SELinux status: disabled
>
> With journalctl -xe I see entries like this:
>>
> May 21 16:40:34 sonne HORDE[2224]: [mnemo] PHP ERROR:
> include(/data/home/j-mohr/public_html/horde/mnemo/config/conf.php):
> failed to open stream: Pe>
> May 21 16:40:34 sonne HORDE[2224]: 1. Horde_PageOutput->header()
> /data/home/j-mohr/public_html/horde/admin/config/config.php:93
> May 21 16:40:34 sonne HORDE[2224]: 2. Horde_Injector->getInstance()
> /usr/share/pear/Horde/PageOutput.php:740
> May 21 16:40:34 sonne HORDE[2224]: 3.
> Horde_Injector->createInstance()
> /usr/share/pear/Horde/Injector.php:272
> May 21 16:40:34 sonne HORDE[2224]: 4.
> Horde_Injector_Binder_AnnotatedSetters->create()
> /usr/share/pear/Horde/Injector.php:238
> May 21 16:40:34 sonne HORDE[2224]: 5.
> Horde_Injector_Binder_Implementation->create()
> /usr/share/pear/Horde/Injector/Binder/AnnotatedSetters.php:78
> May 21 16:40:34 sonne HORDE[2224]: 6.
> Horde_Injector_Binder_Implementation->_getInstance()
> /usr/share/pear/Horde/Injector/Binder/Implementation.ph>
> May 21 16:40:34 sonne HORDE[2224]: 7.
> ReflectionClass->newInstanceArgs()
> /usr/share/pear/Horde/Injector/Binder/Implementation.php:88
> May 21 16:40:34 sonne HORDE[2224]: 8. Horde_View_Topbar->__construct()
> May 21 16:40:34 sonne HORDE[2224]: 9. Horde_Core_Topbar->getTree()
> /data/home/j-mohr/public_html/horde/lib/View/Topbar.php:54
> May 21 16:40:34 sonne HORDE[2224]: 10.
> Horde_Registry->getInitialPage()
> /usr/share/pear/Horde/Core/Topbar.php:249
> May 21 16:40:34 sonne HORDE[2224]: 11.
> Horde_Registry->callAppMethod()
> /usr/share/pear/Horde/Registry.php:2053
> May 21 16:40:34 sonne HORDE[2224]: 12. Horde_Registry->pushApp()
> /usr/share/pear/Horde/Registry.php:1193
> May 21 16:40:34 sonne HORDE[2224]: 13.
> Horde_Registry->importConfig() /usr/share/pear/Horde/Registry.php:1604
> May 21 16:40:34 sonne HORDE[2224]: 14.
> Horde_Registry_Hordeconfig_Merged->toArray()
> /usr/share/pear/Horde/Registry.php:1773
> May 21 16:40:34 sonne HORDE[2224]: 15.
> Horde_Registry_Hordeconfig->toArray()
> /usr/share/pear/Horde/Registry/Hordeconfig/Merged.php:72
> May 21 16:40:34 sonne HORDE[2224]: 16.
> Horde_Registry_Hordeconfig->_load()
> /usr/share/pear/Horde/Registry/Hordeconfig.php:65
> May 21 16:40:34 sonne HORDE[2224]: 17.
> Horde_Registry_Loadconfig->__construct()
> /usr/share/pear/Horde/Registry/Hordeconfig.php:78
> May 21 16:40:34 sonne HORDE[2224]: 18. include()
> /usr/share/pear/Horde/Registry/Loadconfig.php:79
> May 21 16:40:34 sonne HORDE[2224]: 19.
> Horde_ErrorHandler::errorHandler()
> /usr/share/pear/Horde/Registry/Loadconfig.php:79
>
> As far as I can tell, this is simply telling me the same thing I get
> from the WebGui.
>
> If I do an "su wwwrun", I can write to the files. This tells me that
> it not a file permissions issue, but rather httpd "thinks" it is a
> different user, which is not part of the wwwrun group. Whatever that
> "something" is that is telling httpd how to behave is beyond me at
> this point. I would be grateful for any tips.
>
>
> Regards,
> James Mohr
Two things to check:
- Do you run mod_php from Apache or do you use PHP as FPM or FastCGI?
In the latter cases, the process trying to access/write the
configuration may be running as a different user.
- If you're running PHP through systems, it may be configured with
restrictions to which directories/files it has access to, which might
be preventing it to access them
In any case, it helps if you mention the webserver and PHP versions you use.
More information about the horde
mailing list