XF 1.4 failed to open stream: Permission denied - library/XenForo/Deferred/Sitemap.php:210

sbj

Well-known member
Don't know what the problem is to be honest. Got this error today morning.

Code:
Server Error Log
Error Info
ErrorException: fopen(/home/nginx/domains/xxxxx.com/public/internal_data/sitemaps/sitemap-1430458741-1.xml): failed to open stream: Permission denied - library/XenForo/Deferred/Sitemap.php:210
Generated By: Unknown Account, Today at 07:39
Stack Trace

#0 [internal function]: XenForo_Application::handlePhpError(2, 'fopen(/home/ngi...', '/home/nginx/dom...', 210, Array)
#1 /home/nginx/domains/xxxxx.com/public/library/XenForo/Deferred/Sitemap.php(210): fopen('/home/nginx/dom...', 'a')
#2 /home/nginx/domains/xxxxx.com/public/library/XenForo/Deferred/Sitemap.php(230): XenForo_Deferred_Sitemap->_openFile()
#3 /home/nginx/domains/xxxxx.com/public/library/XenForo/Deferred/Sitemap.php(202): XenForo_Deferred_Sitemap->_writeSitemapString('\t<url><loc>http...')
#4 /home/nginx/domains/xxxxx.com/public/library/XenForo/Deferred/Sitemap.php(165): XenForo_Deferred_Sitemap->_writeResult(Array)
#5 /home/nginx/domains/xxxxx.com/public/library/XenForo/Deferred/Sitemap.php(90): XenForo_Deferred_Sitemap->_buildSitemap(Object(XenForo_SitemapHandler_Node), 0, 7.9999990463257)
#6 /home/nginx/domains/xxxxx.com/public/library/XenForo/Model/Deferred.php(294): XenForo_Deferred_Sitemap->execute(Array, Array, 7.9999990463257, '')
#7 /home/nginx/domains/xxxxx.com/public/library/XenForo/Model/Deferred.php(428): XenForo_Model_Deferred->runDeferred(Array, 7.9999990463257, '', false)
#8 /home/nginx/domains/xxxxx.com/public/library/XenForo/Model/Deferred.php(373): XenForo_Model_Deferred->_runInternal(Array, NULL, '', false)
#9 /home/nginx/domains/xxxxx.com/public/deferred.php(23): XenForo_Model_Deferred->run(false)
#10 {main}

Request State

array(3) {
  ["url"] => string(34) "http://xxxxx.com/deferred.php"
  ["_GET"] => array(0) {
  }
  ["_POST"] => array(3) {
    ["_xfRequestUri"] => string(18) "/members/userxxx.18/"
    ["_xfNoRedirect"] => string(1) "1"
    ["_xfResponseType"] => string(4) "json"
  }
}
 
That's what the -r is for, it's to recursively change the permissions.
I keep getting the same error.
All permissions are 0777 for internal_data and also sub-directories.

But it seems that Xenforo is creating every x day a new sitemap.xml and the newly created one always gets 0644 as permissions.

How can I change this behaviour?
 
You can force the chmodWritableValue to 0777 in config.php (https://xenforo.com/help/config-php-options/). However, this shouldn't be necessary. Further, files created by PHP should always be writable by PHP, even if they're 0644. This is doubly true as the file in question would have just been created.

The only thing I could think of relates to using an add-on to trigger deferred.php in a different way (or PHP running as different *nix users, inconsistently).
 
  • Like
Reactions: sbj
Thank you.

The only thing I could think of relates to using an add-on to trigger deferred.php in a different way (or PHP running as different *nix users, inconsistently).
Once I installed such an add-on but I am not using it, and I checked now and I forgot to delete the files from my server. Your guess could be correct.

Now I only use in my server cron task:

Code:
* * * * * /usr/local/bin/php /home/nginx/domains/xxx.com/public/deferred.php > /dev/null 2>&1

I will wait and see if the deleting the files solved the problem.

Thank you so far.
 
If you're calling via cron, you're still doing something unexpected. If you insist, you must ensure that PHP is executed using the same user it runs as when executed through the web.
 
  • Like
Reactions: sbj
that PHP is executed using the same user it runs as when executed through the web.
What does this mean?

The user who executes php is the root user of the server. And through the web?

Btw. this is the only way of ensuring that xenforo crons run at that times they are scheduled. Sadly there is no built-in method.
 
You need to ensure that when you trigger PHP via cron, you're running as the same user that runs it when a web request comes in. As such, you probably want to put the action into that user's crontab.

Otherwise, you're creating exactly the problem here: your sitemap was created by root and then the web request user tried to work with the file and couldn't write to it.
 
  • Like
Reactions: sbj
You need to ensure that when you trigger PHP via cron, you're running as the same user that runs it when a web request comes in. As such, you probably want to put the action into that user's crontab.

Otherwise, you're creating exactly the problem here: your sitemap was created by root and then the web request user tried to work with the file and couldn't write to it.

But how do I define the web request user and the user who creates the sitemap?

Just for your information, there is only 1 user who has access and permissions to the server and it is the root user. So this problem shouldn't occur because the root user is the only user with all kind of permissions. Unless the 1 add-on I talked about is the problem here, I shouldn't have 2 different users. I will wait and report.
 
What I'm referring to here is really just how Linux is setup. Different things run as different users and thus have different permissions (or create files with different permissions). This is totally independent of XenForo.

You'll need to change whose crontab you're attaching the job to such that it matches the Linux user that PHP is executing as (presumably via Nginx/PHP-FPM, based on your path). If you're not clear how to do this, you may need to get a server admin to help. (Or dropping back to just using the XF built-in system to trigger tasks; the tasks are not generally time specific.)
 
  • Like
Reactions: sbj
Top Bottom