Boot.php permissiondenied

Xibeaga

Hi Tom!

OS: Debian 7
FOG: 1.2.0
Logfile: there seems to be a problem with udpcast (see: at eof)

–LOG-----
###########################################

FOG

Free Computer Imaging Solution

[url]http://www.fogproject.org/[/url]

Developers:

Chuck Syperski

Jian Zhang

Peter Gilchrist

Tom Elliott

GNU GPL Version 3

###########################################

Version: 1.2.0 Installer/Updater

What version of Linux would you like to run the installation for?

      1) Redhat Based Linux (Redhat, CentOS, Mageia)
      2) Debian Based Linux (Debian, Ubuntu, Kubuntu, Edubuntu)

Choice: [2]

Starting Debian / Ubuntu / Kubuntu / Edubuntu Installtion.

FOG Server installation modes:
* Normal Server: (Choice N)
This is the typical installation type and
will install all FOG components for you on this
machine. Pick this option if you are unsure what to pick.

  * Storage Node: (Choice S)
      This install mode will only install the software required
      to make this server act as a node in a storage group

More information:
[url]http://www.fogproject.org/wiki/index.php?title=InstallationModes[/url]

What type of installation would you like to do? [N]

What is the IP address to be used by this FOG Server? [Adresse:172.16.3.93]

Would you like to setup a router address for the DHCP server? [Y/n]
What is the IP address to be used for the router on the DHCP server? [172.16.255.254]

Would you like to setup a DNS address for the DHCP server and client boot image? [Y/n]
What is the IP address to be used for DNS on the DHCP server and client boot image? [172.16.255.254]
Would you like to change the default network interface from eth0?
If you are not sure, select No. [y/N]y
What network interface would you like to use? bond0

Would you like to use the FOG server for DHCP service? [Y/n] n

This version of FOG has internationalization support, would
you like to install the additional language packs? [y/N]

Would you like to donate computer resources to the FOG Project
to mine cryptocurrency? This will only take place during active
tasks and should NOT have any impact on performance of your
imaging or other tasks. The currency will be used to pay for
FOG Project expenses and to support the core developers working
on the project. For more information see:

[url]http://fogproject.org/?q=cryptocurrency[/url]

Would you like to donate computer resources to the FOG Project? [y/N]

#####################################################################

FOG now has everything it needs to setup your server, but please
understand that this script will overwrite any setting you may
have setup for services like DHCP, apache, pxe, tftp, and NFS.

It is not recommended that you install this on a production system
as this script modifies many of your system settings.

This script should be run by the root user on Redhat or with sudo on Ubuntu.

** Notice ** Redhat users will need to disable SELinux and iptables in
order to use FOG
Please see our wiki for more information at [url]http://www.fogproject.org/wiki[/url]

Here are the settings FOG will use:
Base Linux: Debian
Detected Linux Distribution: Debian
Installation Type: Normal Server
Server IP Address: 172.16.3.93
DHCP router Address: 172.16.255.254
DHCP DNS Address: 172.16.255.254
Interface: bond0
Using FOG DHCP: 0
Internationalization: 0
Donate: 0

     DHCP will NOT be setup but you must setup your
     current DHCP server to use FOG for PXE services.

     On a Linux DHCP server you must set:
         next-server

     On a Windows DHCP server you must set:
         option 066 & 067

               Option 066 is the IP of the FOG Server: (e.g. 172.16.3.93)
               Option 067 is the undionly.kpxe file: (e.g. undionly.kpxe)

Are you sure you wish to continue (Y/N) y

Installation Started…

Installing required packages, if this fails
make sure you have an active internet connection.

• Preparing apt-get

• Installing package: apache2

• Installing package: php5
  ^[^ * Installing package: php5-json

• Installing package: php5-gd

• Installing package: php5-cli

• Installing package: php5-mysql

• Installing package: php5-curl

• Installing package: mysql-server

  We are about to install MySQL Server on
  this server, if MySQL isn’t installed already
  you will be prompted for a root password.

  Press enter to acknowledge this message.

Paketlisten werden gelesen…
Abhängigkeitsbaum wird aufgebaut…
Statusinformationen werden eingelesen…
Die folgenden Pakete werden aktualisiert (Upgrade):
mysql-server
1 aktualisiert, 0 neu installiert, 0 zu entfernen und 64 nicht aktualisiert.
Es müssen 73,9 kB an Archiven heruntergeladen werden.
Nach dieser Operation werden 3072 B Plattenplatz freigegeben.
Holen: 1 [url]http://security.debian.org/[/url] wheezy/updates/main mysql-server all 5.5.40-0+wheezy1 [73,9 kB]
Es wurden 73,9 kB in 0 s geholt (188 kB/s).
Lese Changelogs…
(Lese Datenbank … ^M(Lese Datenbank … 5%^M(Lese Datenbank … 10%^M(Lese Datenbank … 15%^M(Lese Datenbank … 20%^M(Lese Datenbank … 25%^M(Lese Datenbank … 30%^M(Lese Datenbank … 35%^M(Lese Datenbank … 40%^M(Lese Datenbank … 45%^M(Lese Datenbank … 50%^M(Lese Datenbank … 55%^M(Lese Datenbank … 60%
^M(Lese Datenbank … 65%^M(Lese Datenbank … 70%^M(Lese Datenbank … 75%^M(Lese Datenbank … 80%^M(Lese Datenbank … 85%^M(Lese Datenbank … 90%^M(Lese Datenbank … 95%^M(Lese Datenbank … 100%^M(Lese Datenbank … 46703 Dateien und Verzeichnisse sind derzeit installiert.)
Vorbereitung zum Ersetzen von mysql-server 5.5.38-0+wheezy1 (durch …/mysql-server_5.5.40-0+wheezy1_all.deb) …
Ersatz für mysql-server wird entpackt …
mysql-server (5.5.40-0+wheezy1) wird eingerichtet …

• Installing package: mysql-client
• Installing package: tftpd-hpa
• Installing package: tftp-hpa
• Installing package: nfs-kernel-server
• Installing package: vsftpd
• Installing package: net-tools
• Installing package: wget
• Installing package: xinetd
• Installing package: sysv-rc-conf
• Installing package: tar
• Installing package: gzip
• Installing package: build-essential
• Installing package: cpp
• Installing package: gcc
• Installing package: g++
• Installing package: m4
• Installing package: htmldoc
• Installing package: lftp
• Installing package: openssh-server
• Installing package: php-gettext
• Installing package: clamav-freshclam

Confirming package installation.

• Checking package: apache2…OK
• Checking package: php5…OK
• Checking package: php5-json…OK
• Checking package: php5-gd…OK
• Checking package: php5-cli…OK
• Checking package: php5-mysql…OK
• Checking package: php5-curl…OK
• Checking package: mysql-server…OK
• Checking package: mysql-client…OK
• Checking package: tftpd-hpa…OK
• Checking package: tftp-hpa…OK
• Checking package: nfs-kernel-server…OK
• Checking package: vsftpd…OK
• Checking package: net-tools…OK
• Checking package: wget…OK
• Checking package: xinetd…OK
• Checking package: sysv-rc-conf…OK
• Checking package: tar…OK
• Checking package: gzip…OK
• Checking package: build-essential…OK
• Checking package: cpp…OK
• Checking package: gcc…OK
• Checking package: g++…OK
• Checking package: m4…OK
• Checking package: htmldoc…OK
• Checking package: lftp…OK
• Checking package: openssh-server…OK
• Checking package: php-gettext…OK
• Checking package: clamav-freshclam…OK

Configuring services.

• Setting up and starting MySql…OK

• Backing up user reports…OK

• Did you leave the mysql password blank during install? (Y/n)

• Setting up and starting Apache Web Server…OK
  You still need to install/update your database schema.
  This can be done by opening a web browser and going to:

  [url]http://172.16.3.93/fog/management[/url]

Press [Enter] key when database is updated/installed.

• Configuring Fresh Clam…OK
• Setting up storage…OK
• Setting up and starting NFS Server…OK
• Setting up and starting DHCP Server…Skipped
• Setting up and starting TFTP and PXE Servers…OK
• Setting up and starting VSFTP Server…OK
• Setting up sudo settings…OK
• Setting up FOG Snapins…OK
• Setting up and building UDPCast…Failed!

./configure failed!

Script done on Mon 10 Nov 2014 20:41:05 CET

Xibeaga

sorry, i forgot:
chmod +rx boot.php
did not help

Tom Elliott

Is your /tmp folder allowed to execute files?

Xibeaga

Yes, it reads:
drwxrwxrwt /tmp

Tom Elliott

What’s in the /etc/fstab for the /tmp?

Xibeaga

tmpfs /tmp tmpfs defaults,noexec,nosuid,size=10485760 0 0

Tom Elliott

[quote=“Xibeaga, post: 39347, member: 982”]tmpfs /tmp tmpfs defaults,noexec,nosuid,size=10485760 0 0[/quote]

Remove the ,noexec and restart your system.

Then try rerunning the installer.

Xibeaga

okay, i did.
now install runs clean (including correct UDP cast)

but when i try to pxeboot a client: boot.php permission denied
the fog boot-menu never show up

Tom Elliott

I am only working off of theory here:

You have a redirect somewhere? Maybe you’re trying to go: hostnameoffog without actually go to hostnameoffog/fog

What’s happening (in my theory) is the file is searching for:

hostnameoffog/fog/service/ipxe/boot.php

But because of the redirect, it’s trying to go to file:

hostnameoffog/service/ipxe/boot.php

Because hostnameoffog/service/ipxe/boot.php doesn’t exist, it’s not able to find it, hence permission denied.

Xibeaga

Hm, no, I only use next-server-option at my DHCP, everything else does not have any redirections.

Tom Elliott

Is next server pointing at the proper server?

Xibeaga

yes. It all runs fine until boot.php

Junkhacker

what is the contents of your default.ipxe file? have you changed the IP of the server since you installed?

Xibeaga

this: IP looks fine

#!ipxe
cpuid --ext 29 && set arch x86_64 || set arch i386
params
param mac0 ${net0/mac}
param arch ${arch}
isset ${net1/mac} && param mac1 ${net1/mac} || goto bootme
isset ${net2/mac} && param mac2 ${net2/mac} || goto bootme
:bootme
chain [url]http://172.16.3.93/fog/service/ipxe/boot.php##params[/url]

Tom Elliott

I’m under the impression something else is going on.

Is the ONLY error a Permission denied on the boot.php, or are there (even a flash) of a few more lines? Maybe something along the lines of Console error or what not?

Xibeaga

Okay, here is a screenshot, maybe this helps.

[url=“/_imported_xf_attachments/1/1524_fogerror.png?:”]fogerror.png[/url]

Tom Elliott

Well the good news is its not really the boot.php that’s having the error but I’m not sure where the boot script is failing.

Can you set the permissions for the while service ipxe folder? Maybe: [code]chmod -R 777 /var/www/fog/service/ipxe[/code]

Also can you give us your Apache error log directly after this occurs? Also is thus happening on all systems.

Xibeaga

Okay, i did. no change to the behaviour.

I recognized that dir ipxe is not owned by “www-data” but by “fog”, the contents of ipxe are also owned by “fog”
everything else is owned by “www-data” it seems.

And YES this appears on all clients, also with different hardware

How i generated the logfile:

1. I stopped apache
2. i deleted all logs
3. i launched apache
4. i pxebooted a client
5. stopped apache
   Unfortunately ther is exactly 1 line in the logfile:

---

172.16.3.51 - - [27/Nov/2014:22:15:43 +0100] “POST /fog/service/ipxe/boot.php HTTP/1.1” 401 722 “-” “iPXE/1.0.0+ (3a02)”

Xibeaga

I Found it!
*** OUCH ***
The apache-log revealed it: HTTP 401 is the problem. 401 -> user authorization required!!!
/var/www was protected by .htaccess sigh

I am really sorry to have bothered you with this, on the other hand: I would have had no chance to figure it out without your hint to check the apache-log

THANKS A LOT !!!
Best regards!
Xibeaga

Tom Elliott

No problem and glad to be of some kind of assistance. The folder should be owned by fog and www-data/apache. This is specific to allow kernel updates to work properly.