docker
docker copied to clipboard
Published
20 hours ago •
matomo-org
matomo-org
console diagnostics:run causes wrong permissions and access failures
Hey.
see https://github.com/matomo-org/matomo/issues/15244
My docker versions:
$ docker --version
Docker version 19.03.5, build 633a0ea838
$ docker-compose --version
docker-compose version 1.24.1, build 4667896b
using this docker-compose.yml file
version: '3.7'
services:
matomo:
image: matomo:latest
container_name: "matomo"
restart: always
networks:
- default
depends_on:
- matomo-mysql
ports:
- 9004:80
environment:
- "MATOMO_DATABASE_ADAPTER=MYSQLI"
- "MATOMO_DATABASE_TABLES_PREFIX=matomo_"
- "MATOMO_DATABASE_HOST=matomo"
- "MATOMO_DATABASE_USERNAME=matomo"
- "MATOMO_DATABASE_PASSWORD=matomo"
- "MATOMO_DATABASE_DBNAME=matomo"
matomo-mysql:
image: mariadb:latest
container_name: "matomo-mysql"
restart: always
networks:
- default
environment:
- "MYSQL_ROOT_PASSWORD=matomo"
- "MYSQL_USER=matomo"
- "MYSQL_PASSWORD=matomo"
- "MYSQL_DATABASE=matomo"
ports:
- 9003:3306
networks:
default:
and this script:
docker-compose down -v
docker-compose up -d
echo "-----------------------------------------"
echo ">>> changing permissions using 'console diagnostics:run'"
docker exec matomo sh -c "/var/www/html/console diagnostics:run"
echo ">>> sleeping to let console diagnostics:run do its work"
sleep 5
echo "-----------------------------------------"
echo ">>> this directory has correct permissions"
docker exec matomo sh -c "ls -la /var/www/html"
echo "-----------------------------------------"
echo ">>> but not this directory:"
docker exec matomo sh -c "ls -la /var/www/html/tmp "
echo "-----------------------------------------"
echo ">>> access failure"
curl localhost:9004 | grep -o "Matomo couldn't write to some directories"
causes the following failure:
$ ./reproduce_bug.sh
Stopping matomo ... done
Stopping matomo-mysql ... done
Removing matomo ... done
Removing matomo-mysql ... done
Removing network tmp_default
Creating network "tmp_default" with the default driver
Creating matomo-mysql ... done
Creating matomo ... done
-----------------------------------------
>>> changing permissions using 'console diagnostics:run'
The configuration file {/var/www/html/config/config.ini.php} has not been found or could not be read.
» Please check that /var/www/html/config/config.ini.php is readable by the user 'root'.
INFO [2019-12-06 12:50:00] 24 Unable to test if mod_pagespeed is enabled: the request to http://unknown/var/www/html/console?module=Installation&action=getEmptyPageForSystemCheck failed
Forced SSL Connection: WARNING We recommend using Matomo over secure SSL connections only. Please click here continue the installation process over SSL.
1 warnings detected
>>> sleeping to let console diagnostics:run do its work
-----------------------------------------
>>> this directory has correct permissions
total 348
drwxr-xr-x 12 www-data 1000 4096 Nov 27 05:29 .
drwxr-xr-x 1 root root 4096 Nov 22 15:47 ..
-rw-r--r-- 1 www-data 1000 74086 Nov 27 04:54 CHANGELOG.md
-rw-r--r-- 1 www-data 1000 929 Oct 29 04:16 CONTRIBUTING.md
-rw-r--r-- 1 www-data 1000 8399 Oct 29 04:16 LEGALNOTICE
-rw-r--r-- 1 www-data 1000 35146 May 13 2019 LICENSE
-rw-r--r-- 1 www-data 1000 4616 May 13 2019 PRIVACY.md
-rw-r--r-- 1 www-data 1000 5685 Nov 27 04:54 README.md
-rw-r--r-- 1 www-data 1000 1174 Oct 29 04:16 SECURITY.md
drwxr-xr-x 3 www-data 1000 4096 Nov 27 05:29 config
-rwxr-xr-x 1 www-data 1000 689 Nov 27 04:54 console
drwxr-xr-x 51 www-data 1000 4096 Nov 27 04:54 core
-rw-r--r-- 1 www-data 1000 732 Nov 27 04:54 index.php
drwxr-xr-x 2 www-data 1000 4096 Nov 27 04:54 js
drwxr-xr-x 2 www-data 1000 4096 Nov 27 04:54 lang
drwxr-xr-x 11 www-data 1000 4096 Oct 29 04:16 libs
-rw-r--r-- 1 www-data 1000 67898 Nov 27 04:54 matomo.js
-rw-r--r-- 1 www-data 1000 349 May 13 2019 matomo.php
drwxr-xr-x 8 www-data 1000 4096 Dec 6 02:59 misc
-rw-r--r-- 1 www-data 1000 67898 Nov 27 04:54 piwik.js
-rw-r--r-- 1 www-data 1000 2762 Nov 27 04:54 piwik.php
drwxr-xr-x 67 www-data 1000 4096 Nov 27 05:29 plugins
drwxr-xr-x 2 www-data 1000 4096 Nov 27 05:29 tests
drwxr-xr-x 10 www-data 1000 4096 Dec 6 12:50 tmp
drwxr-xr-x 22 www-data 1000 4096 Nov 27 05:29 vendor
-----------------------------------------
>>> but not this directory:
total 48
drwxr-xr-x 10 www-data 1000 4096 Dec 6 12:50 .
drwxr-xr-x 12 www-data 1000 4096 Nov 27 05:29 ..
drwxr-x--- 2 root root 4096 Dec 6 12:50 assets
drwxr-x--- 2 root root 4096 Dec 6 12:50 cache
drwxr-x--- 2 root root 4096 Dec 6 12:50 climulti
-rw-r--r-- 1 root root 20 Dec 6 12:50 index.htm
-rw-r--r-- 1 root root 20 Dec 6 12:50 index.php
drwxr-x--- 2 root root 4096 Dec 6 12:50 latest
drwxr-x--- 2 root root 4096 Dec 6 12:50 logs
drwxr-x--- 2 root root 4096 Dec 6 12:50 sessions
drwxr-x--- 2 root root 4096 Dec 6 12:50 tcpdf
drwxr-x--- 2 root root 4096 Dec 6 12:50 templates_c
-----------------------------------------
>>> access failure
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 3148 100 3148 0 0 43123 0 --:--:-- --:--:-- --:--:-- 43123
Matomo couldn't write to some directories
Use --user or -u to specify a user: https://docs.docker.com/engine/reference/commandline/exec/
