Domhnall Currie's picture

Trying to run Composer to update Drupal9.  It says do not run as root/super user.  If I try to run it as a normal user it says

[ErrorException]
file_put_contents(./composer.lock): failed to open stream: Permission denied
 
Do you have to just go to every file/directory and give the normal user access there?  Same problem with running Bundle under Redmine and that's how I solved that one and that was a pain in the rear.  Is there a safe/generic compromise to run updates or whatever where you can be a normal user, but have access to what you need? 
 
 
 
 
Forum: 
Jeremy Davis's picture

So you probably want to run the commands as the webserver user. That requires that the whole webroot is owned by the webserver user. The way to do that directly would be to ensure the files are all owned by the webserver, then leverage 'su' to run as 'www-data'. You could do that like this:

chown -R www-data:www-data /var/www/drupal9
su - www-data -s /bin/bash -c "cd /var/www/drupal9 && composer <command> <etc>"

But that's not very handy. So in v16.1 we introduced some (fairly basic) helper/wrapper scripts to easily allow you to run composer (and drush and drupal console) as the webserver user ('www-data'). As above, they rely on the whole webroot being owned by www-data.

Assuming that you don't have v16.1, you can still use the helper scripts, but you'll need to set the permissions for the webroot, then download the scripts and make them executable. You can do that like this:

chown -R www-data:www-data /var/www/drupal9
GH=https://raw.githubusercontent.com
BIN=usr/local/bin
cd /$DIR
wget $GH/turnkeylinux/common/master/overlays/composer/$BIN/turnkey-composer
wget $GH/turnkeylinux-apps/drupal9/blob/master/overlay/$BIN/turnkey-drupal
wget $GH/turnkeylinux-apps/drupal9/blob/master/overlay/$BIN/turnkey-drush
wget $GH/turnkeylinux-apps/drupal9/master/overlay/$BIN/turnkey-drupal
wget $GH/turnkeylinux-apps/drupal9/master/overlay/$BIN/turnkey-drush
chmod +x /$BIN/turnkey-*
cd -

Now you should be able to run 'turnkey-composer' (instead of 'composer') to update your Drupal install. Note that you can run it anywhere and it will use the default webroot (/var/www/drupal9).

Please let me know how you go, especially if you hit any issues. These scripts are new, we actually used them to install Drupal in the v16.1 appliances, so they work at least in a basic way, but more real-world usage may reveal some shortcomings that we have overlooked. So please share how you go.

Domhnall Currie's picture

I just came across some of this knowledge.  :)  I'm looking at installing FarmOS on Drupal and in the FarmOS installation instructions, he gives a pretty detailed description of how the container is accessed by the www-data user and group.  https://farmos.org/development/docker/ With Turnkey's thorough turnkey solutions, I should have known you guys would have had a script or something to make this all easier.  :)  When I get my final install of Redmine back on my internal server, I'll set it back up like this to keep everything uniform. 

Yes, I'm running v16.1 because I just downloaded Drupal a few days ago.  I'll give this a shot and report back.

Domhnall Currie's picture

Everything worked ok up to these:

wget $GH/turnkeylinux-apps/drupal9/blob/master/overlay/$BIN/turnkey-drupal
wget $GH/turnkeylinux-apps/drupal9/blob/master/overlay/$BIN/turnkey-drush

These both get 404 errors:

I copy and pasted to not induce typos... are those directories correct? 

Jeremy Davis's picture

I'm not sure how I did it, but it looks like I muffed the URLs... Try these instead:

wget $GH/turnkeylinux-apps/drupal9/master/overlay/$BIN/turnkey-drupal
wget $GH/turnkeylinux-apps/drupal9/master/overlay/$BIN/turnkey-drush

I tested them before posting this update, so they are definitely working for me now...

PS I'll update my previous post too.

PPS it looks like I must have just manually/mentally created those (wrong) URLs from the GitHub code page for them?! I.e. the 'turnkey-drush' file on GitHub is https://github.com/turnkeylinux-apps/drupal9/blob/master/overlay/usr/local/bin/turnkey-drush but the "raw" download URL doesn't include the '/blob/' in the path...

Anyway, apologies again. Thanks for reporting so I could fix it! :)

Domhnall Currie's picture

No problem. :) Am I still supposed to run these as the www-data user or as root?  The www-data user is set to not allow it to log in, so I'd have to change that and give it a password. 

Jeremy Davis's picture

The scripts will all default to using the 'www-data' account. But they are fairly flexible and configurable if/when you hit issues.

I'm not sure how familiar with bash you are, but they're very simple wrappers that just run the command as 'www-data' (or whatever user account you configure via the DRUPAL_USER env var). If you want more verbose output (if it doesn't work as expected) please rerun any command with a DEBUG=y prefix. E.g.:

DEBUG=y turnkey-drush <COMMAND>

As I think I mentioned, I have tested them a bit and we use them ourselves while building appliances. However, I anticipate that with more complex usage scenario, there may be edge case bugs where something doesn't quite work as you expect. Please do not hesitate to report any/all issues you hit.

Also, essentially what the script does is prefix the desired command with the 'runuser' command. I.e.:

composer <COMMAND>

Is run like this:

runuser www-data -s /bin/bash -c "composer <COMMAND>"

So if a command doesn't work, please try using runuser directly and report back. That way I can work around any specific issues that occur.

Domhnall Currie's picture

Awesome, will do!  Thanks for your help Jeremy!

Domhnall Currie's picture

Worked like a charm Boss!  Everything is right in my Drupal world.  :)

 

Jeremy Davis's picture

Awesome! :)

Add new comment