TurnKey Linux Virtual Appliance Library

Setting up Users and Groups for vTiger CRM

When I tried to install a module on the vTiger appliance (a language pack), some errors were generated and the installation didn't work:

mporting ES Mexico [es_mx] ... STARTED
Copying file cron/language/phpmailer.lang-es.php ... SKIPPED
Warning: file_put_contents(include/install/language/es_mx.lang.php): failed to open stream: Permission denied in /var/www/vtigercrm/vtlib/thirdparty/dUnzip2.inc.php on line 297 Warning: chmod(): No such file or directory in /var/www/vtigercrm/vtlib/thirdparty/dUnzip2.inc.php on line 225 Copying file include/install/language/es_mx.lang.php ... FAILED
Warning: file_put_contents(include/js/es_mx.lang.js): failed to open stream: Permission denied in /var/www/vtigercrm/vtlib/thirdparty/dUnzip2.inc.php on line 297 Warning: chmod(): No such file or directory in /var/www/vtigercrm/vtlib/thirdparty/dUnzip2.inc.php on line 225 Copying file include/js/es_mx.lang.js ... FAILED
Warning: file_put_contents(include/language/es_mx.lang.php): failed to open stream: Permission denied in /var/www/vtigercrm/vtlib/thirdparty/dUnzip2.inc.php on line 297 Warning: chmod(): No such file or directory in /var/www/vtigercrm/vtlib/thirdparty/dUnzip2.inc.php on line 225 Copying file include/language/es_mx.lang.php ... FAILED
Warning: file_put_contents(include/Webservices/language/es_mx.lang.php): failed to open stream: Permission denied in /var/www/vtigercrm/vtlib/thirdparty/dUnzip2.inc.php on line 297 Warning: chmod(): No such file or directory in /var/www/vtigercrm/vtlib/thirdparty/dUnzip2.inc.php on line 225 Copying file include/Webservices/language/es_mx.lang.php ... FAILED
Copying file jscalendar/calendar-setup.js ... SKIPPED
Warning: file_put_contents(jscalendar/lang/calendar-es.js): failed to open stream: Permission denied in /var/www/vtigercrm/vtlib/thirdparty/dUnzip2.inc.php on line 297 Warning: chmod(): Operation not permitted in /var/www/vtigercrm/vtlib/thirdparty/dUnzip2.inc.php on line 225 Copying file jscalendar/lang/calendar-es.js ... FAILED
Copying file modules/Accounts/language/es_mx.lang.php ... DONE
Copying file modules/Administration/language/es_mx.lang.php ... DONE
Copying file modules/Assets/language/es_mx.lang.php ... DONE
Copying file modules/Calendar/language/es_mx.lang.php ... DONE
Copying file modules/Campaigns/language/es_mx.lang.php ... DONE
Copying file modules/Contacts/language/es_mx.lang.php ... DONE
Copying file modules/CustomerPortal/language/es_mx.lang.php ... DONE
Copying file modules/CustomView/language/es_mx.lang.php ... DONE
Copying file modules/Dashboard/language/es_mx.lang.php ... DONE
Copying file modules/Documents/language/es_mx.lang.php ... DONE

.......

When I look for information about this issue, find this:

All of the directories and files need to be owned by the webserver. Which would be www-data

As the root user:

Go to the directory where it is installed and:

chown -R www-data:www-data *

After doing this, I could install the language pack successfully. This could be useful for other vTiger CRM appliance users.

Thanks

root@vtiger ~# cd /var/www/vtigercrm
root@vtiger www/vtigercrm# chown -R www-data:www-data *
root@vtiger www/vtigercrm#

Y funcionó OK. ¡Gracias!


chown

Hi all, i appreciate all of you whenever i come in this forum.

I apologize, i'm not toot skilled, i have a question,

if the crm create some files they have root owner,

how i can i do if i want the crm create files as www-data owner?

to don't have to chown -R www-data:www-data * because are already made as is,

Thanks very much,

Jeremy's picture

Hi Alfredo

I think I understand what you are asking. Let me rephrase just to make sure:

You want the CRM (ie vTiger) to create files as the www-data user and not as the root user. Is that correct?

I am not familiar with vTiger although I'm fairly handy with Linux and know many of the generic aspects of TKL applainces fairly well. So assuming that I have the question correct (ie what I rephrased above):

vTiger should automatically be running under the webserver account (ie ww-data) and as such any files created by vTiger should be automatically be owned by www-data. AFAIK it would be impossible for vTiger to create files that are owned by root (but I have been wrong before! :) So if you run the above chown command this should set the ownership for all existing, and new vTiger files to www-data.

Ideally when a webapp (such as vTiger) is set up only the subdir that needs to be writable by www-data are set that way (eg cache, temp and logging directories) with all others owned by root. Whilst for security purposes this is ideal, in some scenarios (eg automated updates and installation of plugins/addons by the webapp itself) this practice can be prohibitive. (There is almost always a tension between security and usability - to increase one, you often have to make some concessions to the other).

Anyway, do you have some specific files which seem to change ownership? If you can give a little more detail about your specific issue or desire I may be able to help further, or at least guide you somewhere where you can get the answers you are after.

Jeremy's picture

Is this a bug or a security feature?

Whilst chowning the whole /var/www folder obviously works, do you think it would be better to just chown the specific folders required to allow installation of plugins/addons? My gut instinct is that it would be better (for security) and if we can figure out which one(s) it is, then we could file a bug report with a fix!

At a glance it looks like the dirs that it is complaing about are:
/var/www/vtigercrm/include/install/language (?)
/var/www/vtigercrm/vtlib/thirdparty
/var/www/vtigercrm/include/js (?)
/var/www/vtigercrm/include/language (?)
/var/www/vtigercrm/include/Webservices/language (?)

Obviously if this is a bug, then it isn't too serious (and doesn't affect usage until you try to install addons), but a bug is a bug. Do you think that in the TKL vTiger appliance that it should have the whole /var/www/vtigercrm dir owned by www-data OOTB?

re: Is this a bug or a security feature?

Jeremy, you did the point, you rephrase my question and understood my bad english well, so thank you very much, either for chown "/www" dir and for just chown "sub dirs"

there's no bug of tunrnkey, i'm coding a new module and i mess with something.. i will figure out,

so, thanks again for the splendid works and your kindness in particular ^^

Post new comment

The content of this field is kept private and will not be shown publicly. If you have a Gravatar account, used to display your avatar.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <p> <span> <div> <h1> <h2> <h3> <h4> <h5> <h6> <img> <map> <area> <hr> <br> <br /> <ul> <ol> <li> <dl> <dt> <dd> <table> <tr> <td> <em> <b> <u> <i> <strong> <font> <del> <ins> <sub> <sup> <quote> <blockquote> <pre> <address> <code> <cite> <strike> <caption>

More information about formatting options

Leave this field empty. It's part of a security mechanism.
(Dear spammers: moderators are notified of all new posts. Spam is deleted immediately)