Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

console diagnostics:run causes wrong permissions and access failures #15244

Closed
tangele opened this issue Dec 6, 2019 · 3 comments
Closed

console diagnostics:run causes wrong permissions and access failures #15244

tangele opened this issue Dec 6, 2019 · 3 comments
Labels
answered For when a question was asked and we referred to forum or answered it.

Comments

@tangele
Copy link

tangele commented Dec 6, 2019

Hey.

using this docker-compose.yml file

version: '3.7'
services:
  matomo:
    image: matomo:latest
    container_name: "matomo"
    restart: always
    networks: 
      - default
    depends_on:
      - matomo-mysql
    ports:
      - 9004:80
    environment:
      - "MATOMO_DATABASE_ADAPTER=MYSQLI"
      - "MATOMO_DATABASE_TABLES_PREFIX=matomo_"
      - "MATOMO_DATABASE_HOST=matomo"
      - "MATOMO_DATABASE_USERNAME=matomo"
      - "MATOMO_DATABASE_PASSWORD=matomo"
      - "MATOMO_DATABASE_DBNAME=matomo"
  matomo-mysql:
    image: mariadb:latest
    container_name: "matomo-mysql"
    restart: always
    networks:
      - default
    environment:
      - "MYSQL_ROOT_PASSWORD=matomo"
      - "MYSQL_USER=matomo"
      - "MYSQL_PASSWORD=matomo"
      - "MYSQL_DATABASE=matomo"
    ports:
      - 9003:3306
networks:
  default:

and this script:

docker-compose down -v
docker-compose up -d
echo "-----------------------------------------"
echo ">>> changing permissions using 'console diagnostics:run'"
docker exec matomo sh -c "/var/www/html/console diagnostics:run"
echo ">>> sleeping to let console diagnostics:run do its work"
sleep 5
echo "-----------------------------------------"
echo ">>> this directory has correct permissions" 
docker exec matomo sh  -c "ls -la /var/www/html"
echo "-----------------------------------------"
echo ">>> but not this directory:"
docker exec matomo sh  -c "ls -la /var/www/html/tmp "
echo "-----------------------------------------"
echo ">>> access failure"
curl localhost:9004 | grep -o "Matomo couldn't write to some directories"

causes the following failure:

$ ./reproduce_bug.sh
Stopping matomo       ... done
Stopping matomo-mysql ... done
Removing matomo       ... done
Removing matomo-mysql ... done
Removing network tmp_default
Creating network "tmp_default" with the default driver
Creating matomo-mysql ... done
Creating matomo       ... done
-----------------------------------------
>>> changing permissions using 'console diagnostics:run'

The configuration file {/var/www/html/config/config.ini.php} has not been found or could not be read.
 » Please check that /var/www/html/config/config.ini.php is readable by the user 'root'. 


INFO [2019-12-06 12:50:00] 24  Unable to test if mod_pagespeed is enabled: the request to http://unknown/var/www/html/console?module=Installation&action=getEmptyPageForSystemCheck failed
Forced SSL Connection: WARNING We recommend using Matomo over secure SSL connections only. Please click here continue the installation process over SSL.
1 warnings detected
>>> sleeping to let console diagnostics:run do its work
-----------------------------------------
>>> this directory has correct permissions
total 348
drwxr-xr-x 12 www-data 1000  4096 Nov 27 05:29 .
drwxr-xr-x  1 root     root  4096 Nov 22 15:47 ..
-rw-r--r--  1 www-data 1000 74086 Nov 27 04:54 CHANGELOG.md
-rw-r--r--  1 www-data 1000   929 Oct 29 04:16 CONTRIBUTING.md
-rw-r--r--  1 www-data 1000  8399 Oct 29 04:16 LEGALNOTICE
-rw-r--r--  1 www-data 1000 35146 May 13  2019 LICENSE
-rw-r--r--  1 www-data 1000  4616 May 13  2019 PRIVACY.md
-rw-r--r--  1 www-data 1000  5685 Nov 27 04:54 README.md
-rw-r--r--  1 www-data 1000  1174 Oct 29 04:16 SECURITY.md
drwxr-xr-x  3 www-data 1000  4096 Nov 27 05:29 config
-rwxr-xr-x  1 www-data 1000   689 Nov 27 04:54 console
drwxr-xr-x 51 www-data 1000  4096 Nov 27 04:54 core
-rw-r--r--  1 www-data 1000   732 Nov 27 04:54 index.php
drwxr-xr-x  2 www-data 1000  4096 Nov 27 04:54 js
drwxr-xr-x  2 www-data 1000  4096 Nov 27 04:54 lang
drwxr-xr-x 11 www-data 1000  4096 Oct 29 04:16 libs
-rw-r--r--  1 www-data 1000 67898 Nov 27 04:54 matomo.js
-rw-r--r--  1 www-data 1000   349 May 13  2019 matomo.php
drwxr-xr-x  8 www-data 1000  4096 Dec  6 02:59 misc
-rw-r--r--  1 www-data 1000 67898 Nov 27 04:54 piwik.js
-rw-r--r--  1 www-data 1000  2762 Nov 27 04:54 piwik.php
drwxr-xr-x 67 www-data 1000  4096 Nov 27 05:29 plugins
drwxr-xr-x  2 www-data 1000  4096 Nov 27 05:29 tests
drwxr-xr-x 10 www-data 1000  4096 Dec  6 12:50 tmp
drwxr-xr-x 22 www-data 1000  4096 Nov 27 05:29 vendor
-----------------------------------------
>>> but not this directory:
total 48
drwxr-xr-x 10 www-data 1000 4096 Dec  6 12:50 .
drwxr-xr-x 12 www-data 1000 4096 Nov 27 05:29 ..
drwxr-x---  2 root     root 4096 Dec  6 12:50 assets
drwxr-x---  2 root     root 4096 Dec  6 12:50 cache
drwxr-x---  2 root     root 4096 Dec  6 12:50 climulti
-rw-r--r--  1 root     root   20 Dec  6 12:50 index.htm
-rw-r--r--  1 root     root   20 Dec  6 12:50 index.php
drwxr-x---  2 root     root 4096 Dec  6 12:50 latest
drwxr-x---  2 root     root 4096 Dec  6 12:50 logs
drwxr-x---  2 root     root 4096 Dec  6 12:50 sessions
drwxr-x---  2 root     root 4096 Dec  6 12:50 tcpdf
drwxr-x---  2 root     root 4096 Dec  6 12:50 templates_c
-----------------------------------------
>>> access failure
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100  3148  100  3148    0     0  43123      0 --:--:-- --:--:-- --:--:-- 43123
Matomo couldn't write to some directories
@tsteur
Copy link
Member

tsteur commented Dec 6, 2019

@tangele could you create this issue in the matomo docker repository (not sure which docker you are using)? Cheers

@tsteur tsteur closed this as completed Dec 6, 2019
@tsteur tsteur added the answered For when a question was asked and we referred to forum or answered it. label Dec 6, 2019
@tangele tangele mentioned this issue Dec 12, 2019
Open
@tangele
Copy link
Author

tangele commented Dec 12, 2019

@tsteur I still think this has nothing to do with docker. I think the reason is the console script, but sure i haven't replicated that.

@tsteur
Copy link
Member

tsteur commented Dec 12, 2019

@tangele you need to execute the script with the right user like sudo -u www-data php console...

It's not an issue of the script itself

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
answered For when a question was asked and we referred to forum or answered it.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@tsteur @tangele