Item8856: Access denied to LdapContrib cache.db

pencil
Priority: Normal
Current State: No Action Required
Released In: n/a
Target Release: n/a
Applies To: Extension
Component: LdapContrib
Branches:
Reported By: Foswiki:Main.DanielKownacki JayenAshar
Waiting For:
Last Change By: JayenAshar
Recently, frequently a following error is received when trying to open my Foswiki:

Cannot open file /var/www/foswiki.local/working/work_areas/LdapContrib/cache.db: Permission denied at /var/www/foswiki.local/lib/Foswiki/Contrib/LdapContrib.pm line 631.

Indeed this file is being recreated as root:root, so Foswiki cannot access it.

The error happens every day, because cache refresh time is 1 day default. I have to manually chown the file to resume system work.

I temporarily disabled the cache refresh, but this is not a solution.

I think it happened after last LdapContrib update, but I'm not 100% sure.

-- DanielKownacki - 07 Apr 2010

I have the same problem. I put a cron job to do the chown and there it goes..

-- LarsEik - 07 Apr 2010

Daniel, please don't update the cache using root's crontab. Move it over to the user's crontab that also runs foswiki, e.g. www-data or apache.

-- MichaelDaum - 07 Apr 2010

I think the problem is that none of us update the cache, it updates automatically when expired. And then there is the error. We use cron to (chown) correct the permissions on the cache.db. So there must be a bug somewhere. Perhaps doing a cron job with the web server user will work but then it is just avoiding the error before it can happen.

-- LarsEik - 07 Apr 2010

I had the same problem, I think it was mailnotify, started from the root crontab. I changed it to be run as wwwrun (crontab -u wwwrun -e), next weekend we will see if that helps (cache expires over the weekend, and mailnotify creates a new one)

-- WernerFuerst - 29 Nov 2010

This is nailing us as well. I've added a cron job to reset permissions on the cache file very frequently, because it seems to break sometimes even if mailnotify isn't running. I think it breaks whenever the cache goes stale.

Would love a fix, every other single-sign-on solution I've tried has some major flaw; LdapContrib is working awesome for us -- except for this bug. Happy to test out potential fixes, as well.

-- BillyCharlton - 12 Dec 2011

Why is this marked "No Action Required"? This takes down our entire wiki several times per week.

-- BillyCharlton - 12 Dec 2011

If you have any cron jobs as root using Foswiki, they may occur at a time when LdapContrib's cache has expired, and they may cause the cache to be cleared and recreated as the root user. You may also have other files that end up being owned by root. I would suggest you ensure that only one user (usually the web user) is executing any part of Foswiki.

-- JayenAshar - 11 Mar 2012
 

ItemTemplate edit

Summary Access denied to LdapContrib cache.db
ReportedBy Foswiki:Main.DanielKownacki JayenAshar
Codebase 1.0.9
SVN Range
AppliesTo Extension
Component LdapContrib
Priority Normal
CurrentState No Action Required
WaitingFor
Checkins
TargetRelease n/a
ReleasedIn n/a
CheckinsOnBranches
trunkCheckins
Release01x01Checkins
Topic revision: r8 - 12 Mar 2012, JayenAshar
The copyright of the content on this website is held by the contributing authors, except where stated elsewhere. See Copyright Statement. Creative Commons License    Legal Imprint    Privacy Policy