easyengine
easyengine copied to clipboard
EasyEngine
Unable to access app directory by non-root user
Non-root users are unable to access app/ directory in site due to ownership/permission issues. See -
https://community.easyengine.io/t/www-data-user-does-not-access-wp-app-folder/11578 https://community.easyengine.io/t/sftp-for-eev4-not-able-to-access-wordpress-installation-directory/11560
This needs to be fixed by setting correct file permissions.
Why was this put on the backlog? This seems to be affecting a lot of people, myself included. Can you explain the steps required to manually fix this until the bug is fixed?
Hello,
Here is another issue,
https://community.easyengine.io/t/how-to-enable-view-details-of-plugins-on-subsites-of-wordpress-multisites/12007
and I am not sure these two issue is related.
But if not, it would be highly appreciated if you could help.
Thanks
I also cannot access to edit wordpress file into it. But I have another solution:
First, I come directly sudo /opt/easyengine/sites/example.com
After that, sudo ee shell example.com
And now you can list all of Wordpress source file. Let's edit it, for example, vim wp-config.php. Edit and :x to edit.
That's all
@Divaksh you can use your root user with SFTP till this is resolved. I know it is a bad idea but it is the easiest option unless you are going to change the permissions for all the files and folders for the www-data users so it has the correct access and permissions.
Here are the steps to setup SFTP as a workaround for now.
- Generate encrypted password.
echo -n "your-password" | docker run -i --rm atmoz/makepasswd --crypt-md5 --clearfrom=- | sed 's/\$/$$/g'
- Create the SSH host key
ssh-keygen -t ed25519 -f ssh_host_ed25519_key < /dev/null
ssh-keygen -t rsa -b 4096 -f ssh_host_rsa_key < /dev/null
- Create the following
docker-compose.yml.
sftp:
image: atmoz/sftp
restart: on-failure
volumes:
- /path/to/target/directory/:/home/<user>/upload
- /path/to/sftp-keys/ssh_host_ed25519_key:/etc/ssh/ssh_host_ed25519_key
- /path/to/sftp-keys/ssh_host_rsa_key:/etc/ssh/ssh_host_rsa_key
ports:
- "2222:22"
command: '<user>:<encrypted_password_from_step_1>:e:<user_id_of_user_on_host>'
- Start the container.
docker-compose up -d
We'll be adding it to the EasyEngine blog soon.
Can someone clarify if this is the "blog" you were referring to? I've attempted this several times and it fails for me: https://easyengine.io/handbook/configure-sftp-on-ee4-server
Others are reporting the same in the forum
How is this issue still unresolved?! Does anyone have a fix for this? I see @mbtamuli comment about setting up a docker container but I am using a VPS on digital ocean and it comes pre-setup with an SSH and I am unable to get this option to work. I am not sure if it is because of the default setup of the VPS but I have tried following those steps serval times without success and when I set up my sftp access the normal way through the existing setup I am unable to access the app folder with my www-data user.
Hello,
If you are looking for another solution, the following one is one of them:
Use persistent mount binding.
# same as mount --bind fromdir todir
#
echo "/opt/easyengine/sites/domain-name/app/htdocs /path/to/ftpdir none bind" > /etc/fstab
mount -v /path/to/ftpdir
The next story is more about permissions setup.
The issue is related to the Docker folder itself.
The best way to do it is to add your user to www-data group, and change docker folder under /var/lib permission recursively to 775. Then change the permission on your data folder to force it to keep the group when new files are added by using find /opt/easyengine/sites/yoursite/app -type d | xargs chmod g+s.
And ensure that from the app folder permissions are set to www-data:www-data (or any group you use)
I really don't want to get into modifying the ee stack itself. We are currently living a root for our SFTP requirements specifically. Any idea, when this issue can be squashed?
Looks like this is still an issue, as i'm unable to access site folder via sftp. Even with root account
Tried setting up using the SFTP guide, but port 2222 isn't opening. Not sure if its host level issue, or the container itself
Here are the steps to setup SFTP as a workaround for now.
- Generate encrypted password.
echo -n "your-password" | docker run -i --rm atmoz/makepasswd --crypt-md5 --clearfrom=- | sed 's/\$/$$/g'
- Create the SSH host key
ssh-keygen -t ed25519 -f ssh_host_ed25519_key < /dev/null ssh-keygen -t rsa -b 4096 -f ssh_host_rsa_key < /dev/null
- Create the following
docker-compose.yml.sftp: image: atmoz/sftp restart: on-failure volumes: - /path/to/target/directory/:/home/<user>/upload - /path/to/sftp-keys/ssh_host_ed25519_key:/etc/ssh/ssh_host_ed25519_key - /path/to/sftp-keys/ssh_host_rsa_key:/etc/ssh/ssh_host_rsa_key ports: - "2222:22" command: '<user>:<encrypted_password_from_step_1>:e:<user_id_of_user_on_host>'
- Start the container.
docker-compose up -dWe'll be adding it to the EasyEngine blog soon.
This instruction is not clear. How would the user folder will map to the site folder /path/to/target/directory/:/home/
That's pretty much the guide I was following. although command wasn't concluded, but rather mounting volume for the userconfig.
However, while docker ps shows the port mapping, im not able to connected. Wondering now if that is a blanket block because of user info. Will try updating and using command instead of mounting volume.
Being trying everything and spending more time learning the nature of docker containers and port mapping.