Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Chown -R... saying it's changed, but isn't

Status
Not open for further replies.

PaulReed

Technical User
Jun 15, 2008
61
US
I have a software that is running on a Linux server and there was a glitch in the install script and I was told to change ownership on this subdirectory from root to "apache"... and for some reason it says it's changed on the subdirectory and everything below it, but as you can see below what I'm getting in an error log.

Thanks for taking a look at this.


drwxr-xr-x 3 root root 4096 Jul 16 23:34 ttc

# chown -R apache:apache ttc

drwxr-xr-x 3 apache apache 4096 Jul 16 23:34 ttc

chown: changing ownership of `/home/fum/ttc/home/fum/lib/templates/members/login.html.tt2c': Operation not permitted
chown: changing ownership of `/home/fum/ttc/home/fum/lib/templates/members/neworder-mail.tt2c': Operation not permitted
chown: changing ownership of `/home/fum/ttc/home/fum/lib/templates/members/newclient-mail.tt2c': Operation not permitted
chown: changing ownership of `/home/fum/ttc/home/fum/lib/templates/members/activation-mail.tt2c': Operation not permitted
chown: changing ownership of `/home/fum/ttc/home/fum/lib/templates/members/homeshell.html.tt2c': Operation not permitted
chown: changing ownership of
`/home/fum/ttc/home/fum/lib/templates/members/header.html.tt2c': Operation not permitted
 

Try the following

find /home/fum/ttc -type f -exec chgrp -h apache {} \;
find /home/fum/ttc -type d -exec chgrp -h apache {} \;
find /home/fum/ttc -type f -exec chown -h apache {} \;
find /home/fum/ttc -type d -exec chown -h apache {} \;
 
Thanks thalligan,

What exactly are those commands saying... and why do you think the "chown -R apache:apache ttc" isn't sticking?

I'm going to see if anything shows up in the Error Log.

 
It looks as if you don't have rights to those files. Have you tried your chown command as root?

OR

Maybe those files are in use/locked.
lsof |grep tt2.c

If that doesn't work, change to that directory and let us know what `ls -l` shows.

Mark
 
Oh, and correct me if I'm wrong, but the commands thalligan listed earlier...

1. searches through the directory /home/fum/ttc for type=f (files), and changes the group to apache

2. searches through the directory /home/fum/ttc for type=d (directory), and changes the group to apache

3. searches through the directory /home/fum/ttc for type=f (files), and changes the owner to apache

4. searches through the directory /home/fum/ttc for type=d (directory), and changes the owner to apache

Mark
 
Thanks Mark,

I'm new at this, and I wasn't sure what you meant about the grep command working... it just brought up the prompt again.

This is /home/fum# ls - l

drwxr-xr-x 2 fum fum 4096 Aug 7 05:10 backup
drwxr-xr-x 12 root root 4096 Jul 16 23:02 blackened
drwxr-xr-x 2 fum fum 4096 Jul 16 22:54 cgi-bin
drwxr-xr-x 3 fum fum 4096 Jul 16 23:04 conf
drwxr-xr-x 3 fum fum 4096 Aug 7 21:50 emse
drwxr-xr-x 5 fum fum 4096 Jul 16 23:04 lib
drwxr-xr-x 2 fum fum 4096 Aug 7 17:15 logs
drwxr-xr-x 2 fum fum 4096 Jul 16 22:54 lost
-rwsr-x--- 1 root fum 5675 Jul 16 22:54 restart_apaches
drwxrwxrwx 2 fum fum 4096 Jul 19 20:35 tmp
drwxr-xr-x 3 apache apache 4096 Jul 16 23:34 ttc
drwxr-xr-x 6 fum fum 4096 Jul 16 23:04 www
 
Sorry about the commands, I was just giving you another way to skin the cat.

Pehaps the immutable bit it set on these files. Try

lsattr /home/fum/ttc/home/fum/lib/templates/members/login.html.tt2c

If you see an i in the output like the following

----i--------

The immutable bit is set and you will need to remove it.

chattr -i "filename"


If that is not it please provide an ls -l of one of the files that will not update i.e.

ls -l /home/fum/ttc/home/fum/lib/templates/members/login.html.tt2c
 
Thalligan,

The problem has been that when I do Change ownership on Owner and Group it's like it take hold to the new owner for about 12 to 24 hours and then it losses it (and it says the apache still owns it but it acts as though it reverted to the old owner) and I get this error in my browser when accessing the server, but... this set of commands you gave me seems to be holding the ownership on the subdirectory as apache...

find /home/fum/ttc -type f -exec chgrp -h apache {} \;
find /home/fum/ttc -type d -exec chgrp -h apache {} \;
find /home/fum/ttc -type f -exec chown -h apache {} \;
find /home/fum/ttc -type d -exec chown -h apache {} \;

I'm really hoping it stays this way.

Thanks you,
PaulReed
 
Thalligan,

Right when I tell you it was holding ownership as apache, I just got that error in my browser when trying to access it.

When the owner is apache it brings up the interface perfect and when it reverts back to root as owner, the wrong owner I get this and this is what I'm getting.

------------------
Proxy Error
The proxy server received an invalid response from an upstream server.
The proxy server could not handle the request GET /members/login.pl.

Reason: Document contains no data
------------------

And yes I have root access when I change owner.

Thanks,
PaulReed


 
Is there some cron task which redeploys your web files overnight? Or something like that?

Steve

[small]"Every program can be reduced by one instruction, and every program has at least one bug. Therefore, any program can be reduced to one instruction which doesn't work." (Object::perlDesignPatterns)[/small]
 
Stevexff,
I have this running in my crowntab and I don't know what there purpose is... I know on the last one I get errors in my log saying it can't find it.

30 4 * * 0 /usr/sbin/logrotate -f /home/fum/logs/logrotate.conf
0 4 * * 0 /usr/sbin/ntpdate ntp1.sf-bay.org; hwclock --systohc
30 * * * * cd /home/fum/lib && ./gen_webstats.sh > /dev/null


THIS IS WHAT I'M GETTING IN MY LOG RIGHT NOW...

[error] panic: DBI active kids (5) > kids (2) at /us$
Use of uninitialized value in concatenation (.) or string at /home/fum/lib/i/er$
i::error::report('panic: DBI active kids (6) > kids (2) at /usr/lib/per$
i::error::die('panic: DBI active kids (6) > kids (2) at /usr/lib/perl5/$
DBD::mysql::dr::connect('DBI::dr=HASH(0x9c1c538)','mysql_read_default_f$
Apache::DBI::connect('undef','mysql_read_default_file=/home/fum/conf/my$
DBI::__ANON__('undef','undef') called at /usr/lib/perl5/site_perl/5.8.0$
DBI::connect('DBI','dbi:mysql:mysql_read_default_file=/home/fum/conf/my$
i::db::make_db_conn() called at /home/fum/lib/i/db.pm line 58
i::db::connect() called at /home/fum/lib/i/web.pm line 50
i::web::init() called at /home/fum/ line 4
Apache::ROOT::_35xx_2epl::handler('Apache=SCALAR(0x9c72ee8)') called at$
eval {...} called at /usr/lib/perl5/site_perl/5.8.0/i386-linux-thread-m$
Apache::Registry::handler('Apache=SCALAR(0x9c72ee8)') called at /dev/nu$
eval {...} called at /dev/null line 0
 
If the file was opened already, the lsof (list open files) will show it, the pipe (|) grep part basically says search for the following text in the output from the previous command (lsof in this case).

Hmmm...is apache running as root? Something running as root is changing those files. More likely deleting and recreating them.

Can you run `crontab -l` as root and post the output? That will show all of the scheduled jobs in the cron that root kicks off.

BTW...what are those files? Are they static? Run `stat filename` and see the last changed date/time. Does it coincide with the time of the errors? Is there something scheduled in the cron at that time?

A somewhat insecure fix, depending on what those files are used for, would be to `chmod 766 filename`. That will allow them to be read and written to by any user, not just root. Of course the directories below will need changed also (755 for them).

Maybe it will stick, maybe not, but you can try.

In case you don't know, the chmod command changes the access of the file or directory. Notice on the `ls -l` command...

drwxr-xr-x 2 fum fum 4096 Aug 7 05:10 backup

Bit one - d=directory, l=soft link, -=normal file

Next three - file owner has read (4), write (2), and execute (1). The numbers are the value adding up to 7 for the owner.

Next three - group access has read (4) and execute (1). Anyone in that group (owner is the first fum and group is the second fum) can read those files and execute them. Since this is a directory, `x` allows the group to traverse into that directory.

Next three - world access. Everyone outside of the owner and group can read (4) and execute (1). In this case it's the same as the group.

If you want to give read/write access to a file but not allow execution except by the owner, you'd use `chown 766 filename`. That will make the file look like so, `-rwxrw-rw-`. There are other ways to use the chmod command, this is just how I've done it forever.

Mark
 
Does this program exist "gen_webstats.sh"? If so, `more gen_webstats.sh` and post the script. I'd guess it's just for web statistics that runs at 12:30 am daily, but I'm not sure what those tt2c files are. It could be related.

You could change the `> /dev/null` to `> /some/filename` and allow the output from the command to be redirected to a file. But you said it can't find the .sh file.

The logrotate just closes the log files (probably /var/log/*), creates new ones, and deletes old ones. The ntpdate sets the clock on the server using the Network Time Protocol.

Mark
 
Sorry, I meant at 30 minutes past every hour. I thought the crontab said "30 0 * * *". I need a bigger monitor!
Mark
 
So ownership of the files/dirs can be changed in /home/fum/ttc/, but then ownership reverts back to root after a time. Sorry I guess I did not read the statement of your problem correctly at first.

I agree with Stevexff that a cron job is the likely culprit. The only job listed that looks if it might mess with the web content is

30 * * * * cd /home/fum/lib && ./gen_webstats.sh > /dev/null


This looks to be part of a Web log analyzer (I am guessing) and runs every 30 minutes. Not sure why this would effect perms on the files, but then I suppose that depends on the contents of gen_webstats.sh

The errors you are getting (Other that the Bad Gateway which is not helpful) tend to indicate issues with Perl components in the app making connections to a MYSQL database. All of this is pointing to an issue with how this application acts as a whole. Have you tried contacting the vendor or creator of this App?

At this point I do not know of what help I can be as I do not believe this in an OS issue. Sorry.
 
crontab -l
30 4 * * 0 /usr/sbin/logrotate -f /home/fum/logs/logrotate.conf
0 4 * * 0 /usr/sbin/ntpdate ntp1.sf-bay.org; hwclock --systohc
30 * * * * cd /home/fum/lib && ./gen_webstats.sh > /dev/null

/etc #
drwxr-xr-x 13 root root 4096 Jul 16 23:04 httpd

Before I do a change to the chmod to chown 766 filename, I wanted you to know something...

When I go to my interface via the browser it works fine one minute then I hit the refresh button in I.E. and I get this...

------------------
Proxy Error
The proxy server received an invalid response from an upstream server.
The proxy server could not handle the request GET /members/login.pl.

Reason: Document contains no data
------------------

Then if I hit it a couple more times the interface comes back just fine.
 
I can't contact the vendor they are no longer around.

This is a summary of everything I've done to date...

1) I had to upgrade perl from 5.8.0 to 5.8.8.

2) Then I had problems with some of the Perl Modules calling on a problem with mod_perl.

3) I did a DSO mod_perl install which was successful.

4) I was able to finish installing the Perl Modules.

5) I'm getting this error in my log files...
[error] panic: DBI active kids (5) > kids (2) at /us$
Use of uninitialized value in concatenation (.) or string at /home/fum/lib/i/er$
i::error::report('panic: DBI active kids (6) > kids (2) at /usr/lib/per$
i::error::die('panic: DBI active kids (6) > kids (2) at /usr/lib/perl5/$
DBD::mysql::dr::connect('DBI::dr=HASH(0x9c1c538)','mysql_read_default_f$
Apache::DBI::connect('undef','mysql_read_default_file=/home/fum/conf/my$
DBI::__ANON__('undef','undef') called at /usr/lib/perl5/site_perl/5.8.0$
DBI::connect('DBI','dbi:mysql:mysql_read_default_file=/home/fum/conf/my$
i::db::make_db_conn() called at /home/fum/lib/i/db.pm line 58
i::db::connect() called at /home/fum/lib/i/web.pm line 50
i::web::init() called at /home/fum/ line 4
Apache::ROOT::_35xx_2epl::handler('Apache=SCALAR(0x9c72ee8)') called at$
eval {...} called at /usr/lib/perl5/site_perl/5.8.0/i386-linux-thread-m$
Apache::Registry::handler('Apache=SCALAR(0x9c72ee8)') called at /dev/nu$
eval {...} called at /dev/null line 0

6) Along with the intermittent problem in my browser with with the interface coming up just fine then hitting my refresh button and getting this...

Proxy Error
The proxy server received an invalid response from an upstream server.
The proxy server could not handle the request GET /members/login.pl.

Reason: Document contains no data

7) This is the results of crontab -l

30 4 * * 0 /usr/sbin/logrotate -f /home/fum/logs/logrotate.conf
0 4 * * 0 /usr/sbin/ntpdate ntp1.sf-bay.org; hwclock --systohc
30 * * * * cd /home/fum/lib && ./gen_webstats.sh > /dev/null

In my log files...
-bash: line 1: cd: /home/fum/conf/webstats/: No such file or directory

**gen_webstats.sh**
#!/bin/bash

source ../conf/conf.sh

su - $FUM_USER -c "cd ~/conf/webstats/ && webalizer"

cd $FUM_HOME/awstats/ && \
../../tools/awstats_buildstaticpages.pl -config=fum -update -dir=$FUM_HOME/
Does anyone thing this gen_webstats.sh could cause this problem?

Thanks
 
su - $FUM_USER -c "cd ~/conf/webstats/ && webalizer
This line switches the user to $FUM_USER and runs webalizer in the $HOME/conf/webstats directory which doesn't appear to exist. Since this script runs as root and that command fails, it probably means that the rest of the script runs as root. Did someone uninstall awstats? (Web log analyzer)

You could always comment that line out of the crontab.
crontab -e

#30 * * * * cd /home/fum/lib && ./gen_webstats.sh > /dev/null


Mark
 
As far as the proxy error, if this app is on the same network as the client, change the client to bypass the proxy for that server.

Mark
 
One more thought. Was this app moved? Should it be at /home/fum/ttc rather than /home/fum/ttc/home/fum/ttc? We can't see the directory structure, so it's tough to tell where things should be, but that path in the first post always concerned me.

By the way, what is this app, and what does it do?

Mark
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top