stockton
Posts: 136
Joined: Mon Aug 24, 2015 6:06 am
Location: South Africa
Contact: Website

Explain this command

Wed Aug 22, 2018 8:54 am

It has been suggested that I can change permissions on a USB attached HDD file with the following command
sudo su www-data -s /bin/sh -c "ls -la /media/pi"
but firstly the command fails with
ls: cannot open directory '/media/pi': Permission denied
and I do not understand the command enough to be able to repair it, if that is necessary.
The reason for the alteration is that I need to access it via a CGI script.
The file I need to read exists at /media/pi/MyPassport/Axpert/solar.log. As I said on a USB attached HDD.

User avatar
RaTTuS
Posts: 10559
Joined: Tue Nov 29, 2011 11:12 am
Location: North West UK
Contact: Twitter YouTube

Re: Explain this command

Wed Aug 22, 2018 9:04 am

no that will not change permissions
sudo su www-data -s
run as user www-data
and do the command
ls -la /media/pi

which is to show you what is what with that directory

via the shell sh
Last edited by RaTTuS on Wed Aug 22, 2018 10:18 am, edited 3 times in total.
How To ask Questions :- http://www.catb.org/esr/faqs/smart-questions.html
WARNING - some parts of this post may be erroneous YMMV

1QC43qbL5FySu2Pi51vGqKqxy3UiJgukSX
Covfefe

stockton
Posts: 136
Joined: Mon Aug 24, 2015 6:06 am
Location: South Africa
Contact: Website

Re: Explain this command

Wed Aug 22, 2018 9:27 am

I suspect you mean "run as www-data" rather than "run as www.data"
However
su www.data
No passwd entry for user 'www.data'
pi@RPiDev:/var/www/html/lcars $ su www-data
Password:
su: Authentication failure
pi@RPiDev:/var/www/html/lcars $ su www-data
Password:
su: Authentication failure
The 1st time with a blank password & the 2nd time with my password.

DirkS
Posts: 10363
Joined: Tue Jun 19, 2012 9:46 pm
Location: Essex, UK

Re: Explain this command

Wed Aug 22, 2018 9:35 am

Use 'sudo su' like in your original command

tpyo kingg
Posts: 809
Joined: Mon Apr 09, 2018 5:26 pm
Location: N. Finland

Re: Explain this command

Wed Aug 22, 2018 9:46 am

DirkS wrote:
Wed Aug 22, 2018 9:35 am
Use 'sudo su' like in your original command
Only one or the other is needed. The sudo program can accept the -u option to set a different user other than the default of root.

Code: Select all

sudo -u www-data ls -la /media/pi/
What that will do, and what it looks like the original question does, is to verify whether or not the web server can read files in the directory /media/pi/ So it might be appropriate to ask what the real goal is.

stockton
Posts: 136
Joined: Mon Aug 24, 2015 6:06 am
Location: South Africa
Contact: Website

Re: Explain this command

Wed Aug 22, 2018 9:58 am

tpyo kingg to answer your question.
I have a system monotoring my solar system and it is working fine writing data to the aforementioned USB connected HDD.
I now wish to display that data from a "real time" web page using HTML/javascript/CGI but cannot access that file unless I run the CGI from the command line. Running programs under Apache has issues with connecting to anything out of /var/www/html. if, of course I copy the file to /var/www/html/lcars, where my app exists, all works fine but this defeats the object of not writing to the SD card with this data intensive system.

stockton
Posts: 136
Joined: Mon Aug 24, 2015 6:06 am
Location: South Africa
Contact: Website

Re: Explain this command

Wed Aug 22, 2018 10:06 am

sudo -u www-data ls -la /media/pi/
ls: cannot open directory '/media/pi/': Permission denied

LTolledo
Posts: 3438
Joined: Sat Mar 17, 2018 7:29 am
Location: Anime Heartland

Re: Explain this command

Wed Aug 22, 2018 10:07 am

since the user (assume pi ) have no set permission on /media/pi how about setting and owning it permanently...

1. sudo -i (you will be asked for a password for user)
2. chown -R user:group /media/pi/

then set file permissions
3. chmod -R 0775 /media/pi/

then
4. exit (back to the user prompt)
"Don't come to me with 'issues' for I don't know how to deal with those
Come to me with 'problems' and I'll help you find solutions"

Some people be like:
"Help me! Am drowning! But dont you dare touch me nor come near me!"

DirkS
Posts: 10363
Joined: Tue Jun 19, 2012 9:46 pm
Location: Essex, UK

Re: Explain this command

Wed Aug 22, 2018 10:15 am

stockton wrote:
Wed Aug 22, 2018 10:06 am
sudo -u www-data ls -la /media/pi/
ls: cannot open directory '/media/pi/': Permission denied
Clearly www-data has no rights to that directory...

stockton
Posts: 136
Joined: Mon Aug 24, 2015 6:06 am
Location: South Africa
Contact: Website

Re: Explain this command

Wed Aug 22, 2018 11:02 am

pi@RPiDev:/var/www/html/lcars $ sudo -i
root@RPiDev:~# sudo chown -R pi:www-data /media/pi/
chown: changing ownership of '/media/pi/My Passport/Lenovo-20180406/android/node_modules/cordova/node_modules/elementtree/tests/test-simple.js': Operation not permitted
and carries on throught the whole HDD with Operation not permitted.
root@RPiDev:~# ls -al /media/pi/
total 264
drwxr-xr--+ 4 root root 4096 Aug 18 05:46 .
drwxr-xr-x 3 root root 4096 Mar 8 14:26 ..
drwxrwxrwx 1 pi pi 131072 Jan 1 1970 MyPassport
drwxrwxrwx 1 pi pi 131072 Jan 1 1970 My Passport
Nothing changed.

User avatar
RaTTuS
Posts: 10559
Joined: Tue Nov 29, 2011 11:12 am
Location: North West UK
Contact: Twitter YouTube

Re: Explain this command

Wed Aug 22, 2018 11:13 am

pi pi
it's owned by use pi and group pi
it was probably mounted as pi via pluging it in
you don't really be wanting to do this
if it is permanently plugged in then mount it via fstab
also format it as ext-3 [or 4]
www-data I assume it is for web site stuff
why does it need to be on a removable drive?

or change the use that mounts it to be www-data

more explanation is really needed for what you want to do and why , and why you think this is the way to go , what are you really after
How To ask Questions :- http://www.catb.org/esr/faqs/smart-questions.html
WARNING - some parts of this post may be erroneous YMMV

1QC43qbL5FySu2Pi51vGqKqxy3UiJgukSX
Covfefe

tpyo kingg
Posts: 809
Joined: Mon Apr 09, 2018 5:26 pm
Location: N. Finland

Re: Explain this command

Wed Aug 22, 2018 11:32 am

stockton wrote:
Wed Aug 22, 2018 11:02 am
root@RPiDev:~# sudo chown -R pi:www-data /media/pi/
Please don't use chown for that. More information is needed about what you are trying to do, but changing ownership is all but guaranteed to be the wrong approach. The user and group www-data exists to be an unprivileged user for the web servers. Specifically that means not being able to write anything.

If you are trying to make the directories readable by the web server you need the permissions 775 as mentioned above, but for the regular group only NOT www-data.

However, that is not enough if you wish to publish web pages from the external drives. In Apache2, you'll need to set the Directory run time configuration directive to explicitly allow reading outside of the Document Root. An Alias will also be needed.

stockton
Posts: 136
Joined: Mon Aug 24, 2015 6:06 am
Location: South Africa
Contact: Website

Re: Explain this command

Wed Aug 22, 2018 12:35 pm

Initially I was not thinking of making a web page to monitor my solar system but I have now changed my mind and would like a "real time" web page doing just that.
The file that I want to get to is on an external drive as it is very data intensive, a write every 2 or 3 seconds, and I did not for that reason want it on an SD card.
It is only the file at /media/pi/MyPassport/Axpert/solar.log that is required to be readable for the web site, not the whole disk.
ls -al /media/pi/MyPassport/Axpert/solar.log
-rwxrwxrwx 1 pi pi 131 Aug 22 14:26 /media/pi/MyPassport/Axpert/solar.log

tpyo kingg
Posts: 809
Joined: Mon Apr 09, 2018 5:26 pm
Location: N. Finland

Re: Explain this command

Wed Aug 22, 2018 3:28 pm

Ok. Thanks. For that you'll need to set the Apache configuration to allow the external drive's directory to be read. See the Directory and Alias run-time directives linked above.

However, if you are serving just the one log file from that directory then you might consider making a very tiny RAM disk. It would of course go away at each reboot, but it would not produce any wear and tear on either an SD card or spinning rust. But that would also need a Directory and Alias entry in the configuration file.

fbe
Posts: 642
Joined: Thu Aug 17, 2017 9:08 pm

Re: Explain this command

Wed Aug 22, 2018 6:14 pm

The trouble begins here https://www.raspberrypi.org/forums/view ... 6&t=220741
The /media/pi/MyPassport/Axpert/solar.log file is supposed to be accessed by a CGI programm. No apache Directory configuration for /media/pi/MyPassport/Axpert is required for that.

Thanks to typo kingg, who perfectly understood my intention, and apoligies, that I didn't try it without the "su" overhead.

stockton, you should really consider thagrol's advice in the linked thread, to google for "linux file permissions" before you continue to execute other people's commands (including mine). We all do our best but we can fail and it's your RPi.

Code: Select all

sudo chmod 755 /media/pi
(not 775) would be sufficient to permit read and search for anyone. The default permissions ensure that noone except for pi (and root) can access the automounted drive, so pi should always be able to eject the removable drive. If you change the permissions, you will break this rule.

Finally it's not clear whose permissions apply to the process, that is supposed to write the data to /media/pi/MyPassport/Axpert/solar.log. But as I understand it, the data are already written and now only need to be accessed by the CGI programm.

stockton
Posts: 136
Joined: Mon Aug 24, 2015 6:06 am
Location: South Africa
Contact: Website

Re: Explain this command

Thu Aug 23, 2018 7:16 am

fbe You are quite correct in saying that that file only needs to be read.
Now I was about to do the Apache Directory setup but it would appear that you are saying that is not necessary and, if I understand correctly, all I need do is alter the permissions on the file to 755.

tpyo kingg
Posts: 809
Joined: Mon Apr 09, 2018 5:26 pm
Location: N. Finland

Re: Explain this command

Thu Aug 23, 2018 10:33 am

stockton wrote:
Thu Aug 23, 2018 7:16 am
fbe You are quite correct in saying that that file only needs to be read.
Now I was about to do the Apache Directory setup but it would appear that you are saying that is not necessary and, if I understand correctly, all I need do is alter the permissions on the file to 755.
There are two parts here, the web server daemon and the file system. Setting the directory permissions to 755, 701, or something similar would be a prerequisite. The web server daemon's user needs to be able to read the files served, so the files themselves must also be readable 664, 644, 444, etc. That allows Apache2's daemon to be able to read the file. That is one of the ways to take care of the file system settings. However the web server daemon still will not serve the file when requested unless you have configured it to allow use of those particular directories. So after setting the directory and file permissions, you'll need to configure the web server daemon too.

fbe
Posts: 642
Joined: Thu Aug 17, 2017 9:08 pm

Re: Explain this command

Thu Aug 23, 2018 4:57 pm

You need to configure an Apache directory, if Apache should provide http access to the directory content. E.g. if you want, that /usr/lib/cgi-bin/LastLine is called by the Apache server, when you enter http://localhost/cgi-bin/LastLine in your browser, you need a directory configuration, that makes /usr/lib/cgi-bin/ available for http access, configures an alias name /cgi-bin for this path and enables the execution of CGI programs in this directory. This is done in /etc/apache2/conf-enabled/serve-cgi-bin.conf if the cgi or cgid module is enabled.

The /usr/lib/cgi-bin/LastLine programm doesn't know about apache directories.

You need to configure apache if you want that browsers can download files from /media/pi/MyPassport/Axpert.

Return to “Raspberry Pi OS”