As usual I am out of my depth and seek some guidance please.
Running openSUSE 13.1 64 bit with KDE desktop I am trying to install OrangeHRM an HR management package which runs on LAMP stack.
For the LAMP stack the recommended package is XAMPP which I have been able to install without difficulty and get servers running.
The OrangeHRM installation instructions then suggest I use their web based installer but I fall at second fence with a permissions issue.
Before I go into details there is one instruction right at the start which I do not understand. (Cut and paste from the instructions is not working so I cannot copy.) The instruction states that at the start I must change the ownership of the OrangeHRM files to “nobody.nobody” I have done this (chown -R nobody:nobody) and checked this has indeed changed ownership, but how is this then used? Does “nobody” have a special significance. Should I have nobody as a user? All beyond me at present. Can somebody please advise.
Budgie2
Hi Miuku,
Many thanks for the warning. I would be much happier with repo version. I hadn’t thought to look because the OrangeHRM instructions were clear and I didn’t trust myself to put together all the components.
Will start over.
Thanks again,
Budgie2
On 2014-09-17 00:36, Budgie2 wrote:
> must change the ownership of the OrangeHRM files to “nobody.nobody” I
> have done this (chown -R nobody:nobody) and checked this has indeed
> changed ownership, but how is this then used? Does “nobody” have a
> special significance. Should I have nobody as a user?
[QUOTE=robin_listas;2664889]On 2014-09-17 00:36, Budgie2 wrote:
> must change the ownership of the OrangeHRM files to “nobody.nobody” I
> have done this (chown -R nobody:nobody) and checked this has indeed
> changed ownership, but how is this then used? Does “nobody” have a
> special significance. Should I have nobody as a user?
Hi Miuku,
OK I have un-installed XAMPP and then installed LAMP pattern using YAST. My trouble now is that the installation instructions for OrangeHRM refer to a directory (/opt/xampp/htdocs) which does not exist so I guess their installer may not work. Meanwhile where should I put the OrangeHRM download file before I unzip it? Do you have time to help further?
Regards,
Budgie2
On 2014-09-17 01:16, Budgie2 wrote:
>
> robin_listas;2664889 Wrote:
> Hi Carlos and thanks. OK so there is a user “nobody.” Still not sure
> how it is used. Will get back to it as I am still sorting out LAMP
> stack.
Regarding LAMP, I don’t know. That “nobody” user is a convention. A
process running as that user, for example, can only access directories
and files that are accessibly by “others”.
Linux permissions are defined for the owner, the group, and “others”. If
you are neither the owner, or belong to that group, then only the
“other” set of permissions apply to you.
Well, the “nobody” user belongs to no group, and no user belongs to the
“nobody” group. So a process running as that user can not access
anything, unless that thing is set as accessible to everybody…
For instance, the process that updates the “locate” database, runs at
that user. It searches the entire filesystem for filenames and stores
them - but if you have a file or directory as “-rw-r-----”, it can not
see it.
Hope that explains the purpose of “nobody”
–
Cheers / Saludos,
Carlos E. R.
(from 13.1 x86_64 “Bottle” at Telcontar)
You don’t actually even have to change the installer path - you just need to change your Apache documentroot to point to that location (or create a virtual host .conf file to do so - which is a better idea)
Or alternatively create a symlink /opt/xampp/htdocs which points to /srv/www/htdocs
First, to provide accurate advice, it’s critical that you provide links to the documentation you’re following and post errors verbatim. If you don’t know how to copy from somewhere, describe that scenario and you can get help on that. Oftentimes, displayed errors are simply re-directed copies of what exists in your logs, so if you know where your logs are you may be able to post your information from there.
For starters, your description seems to build your solution out of order. It may work, but you can as easily run into problems at any time. In order, you should
Install the LAMP pattern
Install the YAST web server applet, and configure your website(s).
Install XAMPP
Install your app modules (OrangeHRM)
Since you don’t describe the file permissions modification in context, I can only speculate based on similar websites that are deployed in web frameworks (like XAMPP, but many other frameworks have similarities). Sometimes modified permissions improve security, but more often they are set to provide access where ordinarily blocked. Typically, you don’t set a permission on an entire website, you are asked to set it on specific directories, typically those that hold data.
Hi Carlos, many thanks for explaining the significance of “nobody.” I shall try and fathom its particular relevance as I dig deeper into the OrangeHRM application.
Regards.
Budgie2
A few good rules of thumb that I use whenever I deploy applications to servers that face the Net in any form;
All files are owned by root:root and are chmod’ed 664 (user:rw,group:rw,all:r)
All directories are owned by root:root and are chmod’ed 775 (user:rwx,group:rwx,all:rx)
Unless that file or directory needs to be written by the web application (for example for use as a cache directory) in which case the directory / file permissions should be adjusted to be owned by the group www.
Apache runs as user wwwrun with group www. The reason XAMPP documentation refers to nobody is because it’s used by the Apache that they ship with - XAMPP should never be used on a Linux installation in any production system for several security related reasons, not to mention issues that may arise from libraries and dependencies. Even the developers of that particular package say it should only be used as a development platform.
Hi Tsu,
Many thanks for the advice and yes I understand need for proper posting and will try and do so as I progress. Meanwhile your advice has raised more questions.
You will see from earlier post here that I was persuaded by Miuku to avoid XAMPP which I believed to be another LAMP stack and have removed it and installed the pattern using YAST. I had assumed I do not need both.
Although the application OrangeHRM uses web framework I intend to run only on localhost.
What is meant by YAST web server applet here?
Budgie2
Hi Miuku,
Thanks and I am very happy to accept your advice on this but I am right at beginning of learning curve. I assume OrangeHRM expect all component files it uses to be in /opt/xampp/htdocs. Like the symlink suggestion so will experiment a bit and report back.
Budgie2
After reviewing XAMPP, I also don’t believe it provides any benefit over the standard LAMP pattern in openSUSE. Somewhere I thought it was a web app framework, but it’s not… It seems to be simply a way to install a standard LAMP configuration.
To easily setup and manage the Apache webserver, install the YAST http applet and look for it in YAST
Hi Tsu,
Many thanks. I am getting there and careful reading of the OrangeHRM installation instructions confirm it should be fine on any lamp stack. No time to work on this for a day or so but will return next week. Thanks again,
Budgie2
