mnt Posted June 30, 2015 Posted June 30, 2015 Hello, i have nginx error: 2015/06/28 14:02:28 [crit] 81969#0: *8 stat() "/usr/home/customers/webs/test/aaa.bbb.lt/" failed (13: Permission denied), client: 188.69.22.22, server: aaa.bbb.lt, request: "GET / HTTP/1.1", host: "aaa.bbb.lt" This error exists because /usr/home/customers/webs/test permissions is 0750. I figure that this error occurs because my froxlor ftp users not in www group: #groups www www froxlorlocal libnss-mysql i think work good: # getent group ....... froxlorlocal:*:1003:wwwvmail:*:2000test::10000:test,www,froxlorlocaltnetbalt::10001:tnetbalt,www,froxlorlocal why froxlor users (test and tnetbalt) not exists in www group? freebsd 10.1 froxlor 0.9.33.1
mnt Posted July 7, 2015 Author Posted July 7, 2015 change in libnss-mysql.cnf from memsbygid SELECT members FROM ftp_groups WHERE gid='%1$u' to memsbygid SELECT username FROM ftp_users WHERE gid='%1$u' UNION SELECT 'www'
d00p Posted July 1, 2015 Posted July 1, 2015 Do your froxlor-settings say that the webserver-user's name is "www"? The default would be "www-data"....check ftp_groups to see whether "www(-data)" is in the members-field of the customers.
mnt Posted July 1, 2015 Author Posted July 1, 2015 In settings: Webserver user-name : www Webserver group-name : www in table ftp-groups: test 10000 test,www,froxlorlocal 1 tnetbaltic 10001 tnetbaltic,www,froxlorlocal,tnetbalticftp1 2
d00p Posted July 1, 2015 Posted July 1, 2015 So, www is in the users groups. All good. Double check libnss config and restart nscd, Webserver and fpm
mnt Posted July 1, 2015 Author Posted July 1, 2015 I use libnss-mysql settings from froxlor configuration. Today i startup one more freebsd 10.1 server with froxlor and i have the same problem..... my /usr/local/etc/libnss-mysql.cfg : getpwnam SELECT username, 'x', uid, gid, '0', '', 'MySQL User', homedir, shell, '0' FROM ftp_users WHERE username='%1$s' AND login_enabled = 'Y' LIMIT 1getpwuid SELECT username, 'x', uid, gid, '0', '', 'MySQL User', homedir, shell, '0' FROM ftp_users WHERE uid='%1$u' AND login_enabled = 'Y' LIMIT 1getpwent SELECT username, 'x', uid, gid, '0', '', 'MySQL User', homedir, shell, '0' FROM ftp_usersgetspnam SELECT username, password, '12345', '0', '99999', '7', '', '', '' FROM ftp_users WHERE username='%1$s' LIMIT 1getspent SELECT username, password, '12345', '0', '99999', '7', '', '', '' FROM ftp_usersgetgrnam SELECT groupname, '', gid FROM ftp_groups WHERE groupname='%1$s' LIMIT 1getgrgid SELECT groupname, '', gid FROM ftp_groups WHERE gid='%1$u' LIMIT 1getgrent SELECT groupname, '', gid FROM ftp_groupsmemsbygid SELECT members FROM ftp_groups WHERE gid='%1$u'gidsbymem SELECT CONCAT_WS(',', gid) as gid FROM ftp_groups WHERE FIND_IN_SET('%1$s', members)host 127.0.0.1database froxlorusername froxlorpassword .......port 3306timeout 10compress 0 my /usr/local/etc/libnss-mysql-root.cfg : username froxlorpassword ..........
mnt Posted July 2, 2015 Author Posted July 2, 2015 From froxlor libnss-mysql configuration Please execute the followings commands in shell: #sh /etc/rc.d/nscd restart#nscd --invalidate=group in freebsd nscd don't have --invalidate maybe here problem? #man nscd The nscd utility recognizes the following runtime options: -n Do not daemonize; nscd will not fork or disconnect itself from the terminal. -s Single-threaded mode. Forces using only one thread for all pro- cessing purposes (it overrides the threads parameter in the nscd.conf(5) file). -t Trace mode. All trace messages will be written to stdout. This mode is usually used with -n and -s flags are used for debugging purposes. -i cachename Invalidates personal cache. When specified, nscd acts as the administration tool. It asks the already running nscd to invali- date the specified part of the cache of the calling user. For example, sometimes you may want to invalidate your ``hosts'' cache. You can specify ``all'' as the cachename to invalidate your personal cache as a whole. You cannot use this option for the cachename for which the perform-actual-lookups option is enabled. -I cachename Invalidates the cache for every user. When specified, nscd acts as the administration tool. It asks the already running nscd to invalidate the specified part of the cache for every user. You can specify ``all'' as the cachename to invalidate the whole cache. Only the root can use this option.
d00p Posted July 2, 2015 Posted July 2, 2015 You can try running "nscd --invalidate=group" - it just clears the cache. It's worth a try
mnt Posted July 2, 2015 Author Posted July 2, 2015 # nscd --invalidate=groupnscd: illegal option -- -usage: nscd [-dnst] [-i cachename] [-I cachename]
d00p Posted July 3, 2015 Posted July 3, 2015 read your help screen: -i cachenameInvalidates personal cache.[...] Edit: or better even: nscd -I all
mnt Posted July 3, 2015 Author Posted July 3, 2015 i try this. # nscd -I allM1 from main: daemon PID is 64540M1 from main: global cache transformation succeeded # groups wwwwww froxlorlocal
Question
mnt
Hello,
i have nginx error:
2015/06/28 14:02:28 [crit] 81969#0: *8 stat() "/usr/home/customers/webs/test/aaa.bbb.lt/" failed (13: Permission denied), client: 188.69.22.22, server: aaa.bbb.lt, request: "GET / HTTP/1.1", host:
"aaa.bbb.lt"
This error exists because /usr/home/customers/webs/test permissions is 0750.
vmail:*:2000
test::10000:test,www,froxlorlocal
tnetbalt::10001:tnetbalt,www,froxlorlocal
10 answers to this question
Recommended Posts
Archived
This topic is now archived and is closed to further replies.