I moved a virtual server to a new owner, and the old owner (with uid 500) was deleted. However, the files in the virtual server didn’t get updated to the new owner, causing the php scripts to crash, naturally.
I tried to chown them manually, but the php.fcgi script won’t play.
Check out this madness as root:
[code:1]
[root@server fcgi-bin]# ls -la
total 12
drwxr-xr-x 2 kato kato 4096 Jul 29 19:38 .
drwxr-x— 10 kato kato 4096 Jul 29 19:41 …
-rwxr-xr-x 1 500 kato 162 Jul 29 14:35 php5.fcgi
[root@server fcgi-bin]# whoami
root
[root@server fcgi-bin]# chown kato php5.fcgi
chown: changing ownership of php5.fcgi': Operation not permitted [root@server fcgi-bin]# rm -f php5.fcgi rm: cannot remove php5.fcgi’: Operation not permitted
[root@server fcgi-bin]# cd …
[root@server zentrack.net]# rm -rf fcgi-bin/
rm: cannot remove fcgi-bin//php5.fcgi': Operation not permitted [root@server zentrack.net]# lsof ./fcgi-bin/php5.fcgi [root@server zentrack.net]# lsof ./fcgi-bin [root@server zentrack.net]# cd fcgi-bin/ [root@server fcgi-bin]# man umask [root@server fcgi-bin]# umask php5.fcgi -bash: umask: p’: invalid symbolic mode operator
[root@server fcgi-bin]# man umask
[root@server fcgi-bin]# umask -S
u=rwx,g=rx,o=rx
[root@server fcgi-bin]# umask 0755 php5.fcgi
[root@server fcgi-bin]# ls -l
total 4
-rwxr-xr-x 1 500 kato 162 Jul 29 14:35 php5.fcgi
[root@server fcgi-bin]# chown kato php5.fcgi
chown: changing ownership of php5.fcgi': Operation not permitted [root@server fcgi-bin]# umask 1444 php5.fcgi -bash: umask: 1444: octal number out of range [root@server fcgi-bin]# umask 0444 php5.fcgi [root@server fcgi-bin]# ls -la total 12 drwxr-xr-x 2 kato kato 4096 Jul 29 19:38 . drwxr-x--- 10 kato kato 4096 Jul 29 19:41 .. -rwxr-xr-x 1 500 kato 162 Jul 29 14:35 php5.fcgi [root@server fcgi-bin]# chown kato php5.fcgi chown: changing ownership of php5.fcgi’: Operation not permitted
[root@server fcgi-bin]#
[/code:1]
Anyone have a clue how I can get this file owned by the right uid (kato)?
Yeah, files which have the “immutable” attribute set won’t allow even root to change the permissions. The following command would show the ‘i’ bit set:
lsattr php5.fcgi
To get around that, first remove the immutable bit with "chattr -i php5.fcgi", change the perms as desired, then re-add it with "chattr +i php5.fcgi".
Of course, Virtualmin should properly update permissions when the owner of a Virtual Server is changed, so I’d recommend filing a bug and keeping track of which files weren’t properly updated, if it wasn’t all of them
-Eric
[code:1]
[2008-07-29 21:26:23]: invalid target user id: (500)
[/code:1]
Once for every php page request. It seems like every virtual website associated with this user, including the parent site, has the same problem. All the php.fcgi files are owned by 500, which doesn’t exist.
It appears that every domain it creates for this user, it always sets the owner of that file to 500 (an invalid user)… I have no idea why it’s doing that.
if I recall the fcgi-php folder is immutable by default now since 3.59 for security.
as for the user 500, i don’t know, perhaps check your users and groups and webmin users.
It appears that every domain it creates for this user, it always sets the owner of that file to 500 (an invalid user)... I have no idea why it's doing that.
Virtualmin things that user is uid 500. Obviously, that’s wrong.
If you haven’t filed a bug, now would be the time.
Is there a script that resets the php5.fcgi +i for all my users/domains?
Today I nedded to restore a backup that I did with “tar -cvzpf” and restored with “tar -xvzpf --numeric-owner” and I have noticed that php5.fcgi lost the immutable attribute.
EDIT
Im not very good with scripting, but i think this will do: find /home -name “php5.fcgi” -exec lsattr {} ;
finds and displays all php5.fcgi
