Author Topic: Error Denied Php Switcher  (Read 1345 times)

0 Members and 1 Guest are viewing this topic.

Offline
*
Error Denied Php Switcher
« on: November 24, 2016, 11:48:29 PM »
hello admin Why I Want updates php time through php error switcher?

/usr/local/src/php-rebuild.sh: line 95: /scripts/add_alert: Permission denied


Offline
*
Re: Error Denied Php Switcher
« Reply #1 on: February 20, 2017, 09:48:34 AM »
I have exactly the same error. Any solution for this?
Hobby home server with CentOS 7 + CWP (NAT-ed Mod enabled).

Offline
**
Re: Error Denied Php Switcher
« Reply #2 on: February 22, 2017, 07:18:44 AM »
You have problem with Folder/files permission
Maybe try to
chmod  +x /usr/loca/src/php-rebuild.sh

Offline
*
Re: Error Denied Php Switcher
« Reply #3 on: February 22, 2017, 08:19:31 AM »
Strange, I wanted to check permissions on php-rebuild.sh as you suggested, but I can't find it at /usr/local/src.
Did a system wide search but php-rebuild.sh is nowhere to be found!

Perhaps php-rebuild.sh is generated on the fly by the cwp software and deleted afterwards.
Hobby home server with CentOS 7 + CWP (NAT-ed Mod enabled).

Offline
**
Re: Error Denied Php Switcher
« Reply #4 on: February 22, 2017, 11:00:39 AM »
@karel,

When you rebuild php it uses the /tmp folder to retrieve all files, perhaps you made to many restrictions on your /tmp folder?

Offline
*
Re: Error Denied Php Switcher
« Reply #5 on: February 22, 2017, 11:23:24 AM »
That could well be the case. The /tmp folder has these permissions 555. Only read and execute and owned by root, but no write permissions.

I used a CentOS 6.8 minimal install, updated it and installed CWP. The permissions were not altered by me. Shouldn't the CWP install script check this?
Hobby home server with CentOS 7 + CWP (NAT-ed Mod enabled).

Offline
**
Re: Error Denied Php Switcher
« Reply #6 on: February 22, 2017, 11:44:52 AM »
CWP has not that intelligence ;-) lol

when I did my first compile/rebuild I discovered in the log some missing programs, so I added the following,  yum install -y ed re2c   just make sure you check the log files for any missing ones.

I sugggest you secure /tmp in this way

nano /etc/fstab, as you can see I have added some setting when you compare mine with yours.
The noatime makes it even faster as it avoids writing access time, no need for temp files... just read up about that parameter ;-)

UUID=48e6de4c8ed0a /tmp                    ext4    defaults,noatime        1 2
UUID=231f1115b0c6c2 swap                    swap    defaults,noatime        0 0
tmpfs                   /dev/shm                tmpfs   defaults,noexec,nosuid,nodev,noatime        0 0

Even better would be to create a seperated partition  for /tmp so it is out of reach for your system, but still protect it as suggested, it  really depends how strict you want to be in security, but with suPHP and modsecurity you are a little bit better off.
Install all the rest like maldet, rkhunter, rootkit and so on...

Hope that helps you.
« Last Edit: February 22, 2017, 12:43:48 PM by TheRavenKing »

Offline
**
Re: Error Denied Php Switcher
« Reply #7 on: February 22, 2017, 01:13:31 PM »
### Also make sure you have the sticky bit set on /tmp in case you changed that folder to 555

chmod +t /tmp

I just noticed I pasted old document, please swap the settings as follow:

UUID=48e6de4c8ed0a /tmp                    ext4    defaults,noexec,nosuid,nodev,noatime        1 2
UUID=231f1115b0c6c2 swap                    swap    defaults,noatime        0 0
tmpfs                   /dev/shm                tmpfs   defaults,noexec,nosuid,nodev,noatime        0 0

You have to reboot after making these changes, ignore my UUIDs as that's the hard disk id....
« Last Edit: February 22, 2017, 01:52:10 PM by TheRavenKing »

Offline
*
Re: Error Denied Php Switcher
« Reply #8 on: February 22, 2017, 01:18:33 PM »
Quote
CWP has not that intelligence ;-) lol
I hoped the developers would be. :) But seriously, I'm impressed with CWP.

Will dig trough all the logfiles to see if I need to install some more with yum.  :'(

I have made some adjustments to fstab according to your suggestions and will consider the proposed security measures. I'm the only user and just use it to host a few simple domains and as an ftp backup server for 2 external servers. Only port 80 and 21 are exposed to the outside world.

Thanks for your help and suggestions!  :)

Hobby home server with CentOS 7 + CWP (NAT-ed Mod enabled).

Offline
**
Re: Error Denied Php Switcher
« Reply #9 on: February 22, 2017, 01:23:26 PM »
Quote
I'm the only user and just use it to host a few simple domains and as an ftp backup server for 2 external servers.

Even then you need full security, because your the only user at risk, please don't!!! secure it as if there are 50 users, also your backups need to be safe, no discussion about that ;-)
« Last Edit: February 22, 2017, 01:29:12 PM by TheRavenKing »