Help with permissions on new Centos instance

dreamcompute

#1

Hello, I am pretty new to all this … having difficulty reaching my instance via browser, and also don’t have permission to make changes via WinSCP … so I think I have some user permissions not set, or set incorrectly …

Is there a walk through checklist I could do for my ‘dhc-user’ and also the user I created, in this case it is ‘vgmag’, to make sure my instance has proper permissions?

I am loosely following this tutorial, on installing WordPress, to Ubuntu instance … but I am using Centos … so, maybe have missed a step with the users creation/group settings? https://help.dreamhost.com/hc/en-us/articles/220973627-Step-by-step-guide-to-deploy-WordPress-on-DreamCompute

To reach via browser, I have used my hosts file …
64.111.99.68 vgstore.vintageguitar.com
64.111.99.68 www.vgstore.vintageguitar.com

Which seems to work… but, when trying to access the magento install wizard at vgstore.vintageguitar.com/store/setup … I get a message in browser, “Not Found The requested URL /store/setup was not found on this server.”

When I try to make changes to files via WinSCP, I get Error code 3 permission denied … that is with either ‘dhc-user’ and also the ‘vgmag’ user I created.

So something in the Apache or CentOS files, is not allowing my users the correct access I need, I think. Any ideas, anyone?

Thanks!
Joe

(p.s. I have managed to get further than this, on an Ubuntu instance … so there’s that … but yeah I wanted to go with CentOS, because I’ve heard it works well as a website server running magento. thanks)
[hr]
I should mention, that when I visit vgstore.vintageguitar.com in web browser, after having set my hosts file, I do get the Apache welcome page:

Testing 123…
This page is used to test the proper operation of the Apache HTTP server after it has been installed. If you can read this page it means that this site is working properly. This server is powered by CentOS.

But the problem occurs when I try to go to that address, with /store , or /store/setup … that is when I get the message in browser, "Not Found

The requested URL /store/ was not found on this server."

when in fact, those directories and files ARE there (which I can see via SSH and also via WinSCP … but cannot move or edit, because I get ‘permission denied’) …

so maybe there is just something wrong with the file permissions of those sudirectories? I tried changing those, but still hadn’t any luck.

i am pretty lost here. maybe it is something to do with mod_rewrite (which I believe I enabled) and/or htaccess (couldn’t adjust conf files because user permission denied).

lost, please help, thanks!
[hr]
I think my problem maybe has to do with my VirtualHosts file, conf file … which I’m unable to edit, I get permission denied. The instructions for CentOS must be a little different than the instructions provided in the wordpress install article:

Add Your Domain

There are a few steps to set up your domain. First you’ll need to Setup DNS for DreamCompute for all your domains.

Next you’ll want to configure VirtualHosts so your server knows how to handle the domain.

To do this, you need to make a .conf file:

sudo touch /etc/apache2/sites-available/example.com.conf

It’s recommended you name the file after your domain, so you can always know what file is for what domain.

Edit that file and put this in:

<VirtualHost *:80>
ServerName example.com
ServerAdmin admin@example.com
DocumentRoot /var/www/example.com
<Directory /var/www/example.com>
AllowOverride all

ErrorLog ${APACHE_LOG_DIR}/example.com-error.log
CustomLog ${APACHE_LOG_DIR}/example.com-access.log combined

Once the site is added, we’ll need to enable it via a command called a2ensite (if you want to disable, it’s a2dissite):

sudo a2ensite

This will prompt you to pick what site you want to enable. Type it in, hit enter, and you’ll be told what’s next.

Your choices are: 000-default default-ssl example.com
Which site(s) do you want to enable (wildcards ok)?
example.com
Enabling site example.com.
To activate the new configuration, you need to run:
service apache2 reload

Remember this command. It’s a fast way to enable sites without having to rename or mess with files. Finally bounce your apache service so it reads the changes:

sudo service apache2 reload
[hr]
I went back to these instructions https://help.dreamhost.com/hc/en-us/articles/217880028-How-to-Configure-Apache-on-DreamCompute-Running-Fedora-or-CentOS

And tried to create

/etc/httpd/conf.d/YOURSITEHERE.conf

For each site you wish to configure, we recommended you name a file similar to your site name in the /etc/httpd/conf.d/ directory.
There are several example virtual hosts available on the Apache Wiki Example Vhosts page but you can view a basic one listening on port 80 (http) with custom logging here:

<VirtualHost *:80>
ServerName example.com
ServerAlias www.example.com
DocumentRoot /var/www/www.example.com

CustomLog /var/log/httpd/www.example.com-access.log combined
ErrorLog /var/log/httpd/www.example.com-error.log

But when trying to create and save the file in WinSCP, I get ‘Permission denied’ error. dhc-user or my vgmag user don’t have permission … thanks.


#2

files in /etc like /etc/httpd/conf.d/YOURSITEHERE.conf are owned by the root user so you need to prepend all command by sudo. I’m not sure what WinSCP allows, I’ve never used it. I ssh into the server and use vi or nano to edit files.

This should unblock you to move forward. Let us know how things progress.


#3

smaffulli, thanks. I was forgetting to use ‘sudo’ before my ‘vi’ command.

so the ‘permission’ issue is resolved, thanks!

but, I am still having trouble viewing subdirectories in a web browser.

specifically, i am trying to run the magento install wizard, which should begin when I visit http://vgstore.vintageguitar.com/store/setup … but the browser only displays, “Not Found - The requested URL /store/setup was not found on this server.” When, in fact, the directory /store/setup is there, with all the magento files.

so my question now is, what could i possibly be missing, i believe in terms of permissions, to allow all public including my web browser, to access the files in these directories.

I have set up a conf file at /etc/httpd/conf.d
And I have tried these commands inside the site’s directory:
sudo chown -R apache .
sudo find . -type d -exec chmod 700 {} ;
sudo find . -type f -exec chmod 600 {} ;

Somehow web browser is not allowed to see anything past the root domain.

Thanks for help –
Joe
[hr]
Oh boy now I really hosed something, where ‘dhc-user’ cannot access via ssh … and when i sign in with the ‘vgmag’ user i created, i get a different prompt:

-bash-4.2$

Ah, the perils of knowing just enough to be dangerous.
I think i have to trash this one and start over :frowning:

thanks for help


#4

Glad to hear that your permissions issue is good now.

is there any output in the apache logs when you try to view the path that isn’t working? Generally there is an overall error log in /var/log/apache/error.log but you could have defined one in your httpd.conf as well. The files being owned by apache is fine, and while those directory permissions are pretty restrictive they should be OK.

As for the URL, perhaps for the ease of debugging is there a way to add an extra ServerAlias param to have it viewable on another subdomain with working DNS? It can make it easier to check things out sometimes and make sure we both are looking at the same issue.