dmarc-srg

dmarc-srg copied to clipboard

PHP Fatal error:  Uncaught ErrorException: require(/usr/local/share/dmarc-srg/config/conf.php): Failed to open stream: Permission denied in /usr/local/share/dmarc-srg/classes/Config.php:50
Stack trace:
#0 /usr/local/share/dmarc-srg/classes/Config.php(50): {closure}()
#1 /usr/local/share/dmarc-srg/classes/Config.php(50): require()
#2 /usr/local/share/dmarc-srg/classes/Core.php(417): Liuch\DmarcSrg\Config->__construct()
#3 /usr/local/share/dmarc-srg/classes/Core.php(358): Liuch\DmarcSrg\Core->getModule()
#4 /usr/local/share/dmarc-srg/classes/ErrorHandler.php(68): Liuch\DmarcSrg\Core->config()
#5 /usr/local/share/dmarc-srg/init.php(56): Liuch\DmarcSrg\ErrorHandler->handleException()
#6 [internal function]: {closure}()
#7 {main}
  thrown in /usr/local/share/dmarc-srg/classes/Config.php on line 50

From config file:
$directories = [
    // Just for displaying in web-admin. Not necessary.
    'name'     => 'Rua-Dir',
    // The directory location
    'location' => '/var/spool/dmarc-srg/rua'
];

/usr/local/share/dmarc-srg# ls -slah /var/spool/dmarc-srg/
total 12K
4.0K drwxr-xr-x 3 www-data root 4.0K Jan 11  2023 .
4.0K drwxr-xr-x 9 root     root 4.0K Jan 11  2023 ..
4.0K drwxr-xr-x 2 www-data root 4.0K Jan 11  2023 rua

This error occurs regardless if owner is root or www-data. Running Debian stable. PHP version: 8.2.7

The script says that there is no access to the configuration file. Please show or check the permissions to /usr/local/share/dmarc-srg/config/conf.php

See also my other issue:

ls -slah config/ total 28K 4.0K drwxr-xr-x 2 root root 4.0K Apr 4 21:00 . 4.0K drwxr-xr-x 9 root root 4.0K Apr 4 20:59 .. 8.0K -r--r----- 1 www-data root 5.2K Jan 12 2023 conf.php 12K -r--r----- 1 root root 12K Apr 4 20:59 conf.sample.php

So regardless if I am root or www-data I can access conf.php (not writable by anyone) and /var/spool/dmarc-srg/ The spool directory is writable by both. (Checked using touch)

I just removed read permissions from my config file and got the exact same error. My environment:

• OS information: Linux 6.6.15-amd64 #_1 SMP PREEMPT_DYNAMIC Debian 6.6.15-2 (2024-02-04) x86_64
• PHP version: 8.2.12

I think you run the script under another user that does not have enough privileges. Did you run the script in the console or is this error from the web interface?

Try systemctl restart php8.2-fpm.service if it was web interface.

Nope. It is a cronjob, but ... I just noticed I ran it as user 'dmarcparser' which obviously has no access. Safer but more complex this way. Can you please put in the documentation some further hints regarding of needed or suggested rights(setup)?

I think it is ok now. With 0440 and group dmarcparser. Is owner www-data required?

I run all my scripts from the utils directory via cron under the www-data user with no extra users/groups and no extra permissions. But this approach will not work for those who do not use the web interface.

think it is ok now. With 0440 and group dmarcparser. Is owner www-data required?

No, that's not required. It is enough for it to have read access to conf.php

Can you please put in the documentation some further hints regarding of needed or suggested rights(setup)?

I'll add this later or accept a PR from you if you'd like to offer edits.