Registrations to Open-AudIT forums are now closed. To ask any new questions please visit Opmantek Community Questions.

Open-AudIT

What's on your network?
It is currently Fri Mar 29, 2024 3:18 am

All times are UTC + 10 hours




Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 6 posts ] 
Author Message
 Post subject: New Install Error 1.5.2
PostPosted: Thu Dec 04, 2014 6:52 am 
Offline
Newbie

Joined: Sat Nov 22, 2014 7:25 am
Posts: 18
I have a fresh install on Centos 6.6 using the latest 1.5.2 install file. The site works fine, but is throwing a PHP error at times. It appears it has a problem writing to the log file. I have checked permissions and they are 660, and have changed them to 770 to no avail. Any assistance would be welcome. Here is a screenshot.

[attachment=0] open-audit-error.jpg
open-audit-error.jpg [ 75.85 KiB | Viewed 7940 times ]


Top
 Profile  
Reply with quote  
PostPosted: Thu Dec 04, 2014 9:31 am 
Offline
Site Admin
User avatar

Joined: Mon Jun 07, 2004 11:48 am
Posts: 1964
Location: Brisbane, Australia
I would try 666 for file permission.
The file is likely owned by root but needs to be read and written to by other users (actually the apache user).
I'll check the installer, but I was pretty sure it set this for us...

EDIT - The installer was setting the permission to 0644. This was incorrect. I have now changed it to 0666. Apologies for the inconvenience. This will be included in the next release.

_________________
Support and Development hours available from [url=https://opmantek.com]Opmantek[/url].
Please consider a purchase to help make Open-AudIT better for everyone.


Top
 Profile  
Reply with quote  
PostPosted: Thu Dec 04, 2014 12:07 pm 
Offline
Newbie

Joined: Sat Nov 22, 2014 7:25 am
Posts: 18
Thanks Mark. I did change permissions to 666 to no avail.

Here is the screen grab of the file now. Any other thoughts?

[attachment=0] Screen Shot 2014-12-03 at 8.05.16 PM.png
Screen Shot 2014-12-03 at 8.05.16 PM.png [ 13.01 KiB | Viewed 7931 times ]


Top
 Profile  
Reply with quote  
PostPosted: Fri Dec 05, 2014 7:27 am 
Offline
Site Admin
User avatar

Joined: Mon Jun 07, 2004 11:48 am
Posts: 1964
Location: Brisbane, Australia
If you're on CentOS then the user running Apache should be the "apache" user.
That user (from your screenshot) is the Group owner of the file.
The file has RW on it for everyone.

I'm at a loss why that user cannot write to that file.

_________________
Support and Development hours available from [url=https://opmantek.com]Opmantek[/url].
Please consider a purchase to help make Open-AudIT better for everyone.


Top
 Profile  
Reply with quote  
PostPosted: Fri Dec 05, 2014 9:55 am 
Offline
Site Admin
User avatar

Joined: Mon Jun 07, 2004 11:48 am
Posts: 1964
Location: Brisbane, Australia
UPDATE - SELinux!

Taken from "info ls".

[quote] Following the file mode bits is a single character that specifies
whether an alternate access method such as an access control list
applies to the file. When the character following the file mode
bits is a space, there is no alternate access method. When it is
a printing character, then there is such a method.

GNU `ls' uses a `.' character to indicate a file with an SELinux
security context, but no other alternate access method.

A file with any other combination of alternate access methods is
marked with a `+' character.


So you can either disable SELinux or you may be able to set the correct flag via "chcon".

We do recommend disabling SELinux (because of issues like this), but that option is entirely up to you and your security team.

The installer script could detect if SELinux is enabled and advise the user. I'll get a ticket logged for this.
FYI - we can't have the installer run a "chcon" because of SELinux - chicken, meet egg.

_________________
Support and Development hours available from [url=https://opmantek.com]Opmantek[/url].
Please consider a purchase to help make Open-AudIT better for everyone.


Top
 Profile  
Reply with quote  
PostPosted: Sat Dec 06, 2014 8:32 am 
Offline
Newbie

Joined: Sat Nov 22, 2014 7:25 am
Posts: 18
SELinux disabled and all is working well. Thank you for the help Mark.


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 6 posts ] 

All times are UTC + 10 hours


Who is online

Users browsing this forum: No registered users and 2 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group