Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

whoami fails on some hosters #2850

Closed
UlrichThomasGabor opened this issue Dec 18, 2021 · 0 comments · Fixed by #2852
Closed

whoami fails on some hosters #2850

UlrichThomasGabor opened this issue Dec 18, 2021 · 0 comments · Fixed by #2852
Labels
minor bug

Comments

@UlrichThomasGabor
Copy link
Contributor

  • Deployer version: 7.0.0-rc3
  • Deployment OS: I don't know...

I have a hoster where whoami fails, but it is required here:

deployer/recipe/deploy/writable.php

Line 68 in cfcb963

$remoteUser = run('whoami');

When I set remote_user it is used for the ssh connection as well, but the ssh username is a different name than the one owning the files...

Actually, I have set writable_mode to chmod because I expected some kind of problem and the chmod part of this task does not even use $remoteUser.

I propose setting $remoteUser in the acl-block:

deployer/recipe/deploy/writable.php

Lines 101 to 132 in cfcb963

} elseif ($mode === 'acl') {
$httpUser = get('http_user');
if (strpos(run("chmod 2>&1; true"), '+a') !== false) {
// Try OS-X specific setting of access-rights
run("$sudo chmod +a \"$httpUser allow delete,write,append,file_inherit,directory_inherit\" $dirs");
run("$sudo chmod +a \"$remoteUser allow delete,write,append,file_inherit,directory_inherit\" $dirs");
} elseif (commandExist('setfacl')) {
if (empty($sudo)) {
// When running without sudo, exception may be thrown
// if executing setfacl on files created by http user (in directory that has been setfacl before).
// These directories/files should be skipped.
// Now, we will check each directory for ACL and only setfacl for which has not been set before.
$writeableDirs = get('writable_dirs');
foreach ($writeableDirs as $dir) {
// Check if ACL has been set or not
$hasfacl = run("getfacl -p $dir | grep \"^user:$httpUser:.*w\" | wc -l");
// Set ACL for directory if it has not been set before
if (!$hasfacl) {
run("setfacl -L $recursive -m u:\"$httpUser\":rwX -m u:$remoteUser:rwX $dir");
run("setfacl -dL $recursive -m u:\"$httpUser\":rwX -m u:$remoteUser:rwX $dir");
}
}
} else {
run("$sudo setfacl -L $recursive -m u:\"$httpUser\":rwX -m u:$remoteUser:rwX $dirs");
run("$sudo setfacl -dL $recursive -m u:\"$httpUser\":rwX -m u:$remoteUser:rwX $dirs");
}
} else {
$alias = currentHost()->getAlias();
throw new \RuntimeException("Can't set writable dirs with ACL.\nInstall ACL with next command:\ndep run 'sudo apt-get install acl' -- $alias");
}
} else {

And change the message here to some generic text:

deployer/recipe/deploy/writable.php

Line 96 in cfcb963

warning("Make sure `$remoteUser` is in `{{http_group}}` group: `usermod -a -G {{http_group}} $remoteUser`");

UlrichThomasGabor added a commit to UlrichThomasGabor/deployer that referenced this issue Dec 20, 2021
@UlrichThomasGabor
Fix for deployphp#2850
99e647d
@UlrichThomasGabor UlrichThomasGabor mentioned this issue Dec 20, 2021
Merged
antonmedv pushed a commit that referenced this issue Jan 10, 2022
@UlrichThomasGabor
Fix for #2850 (#2852): whoami fails on some hosters
4395362
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
minor bug
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Fix for #2850 UlrichThomasGabor/deployer
2 participants
@antonmedv @UlrichThomasGabor