[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Freebsd 11 Ledgersmb 1.5.6



Hi Geordie,


Ok, a couple of things stand out here.

On 18/04/17 02:41, Geordie wrote:
Hi 
I have encountered some errors while starting LedgerSMB. There is a good
possibility I have messed things up. As a side note I have played with
permission on the the folder /usr/local/www/ledgersmb 
Tried    root:wheel
	 www:www
	 ledgersmb:ledgersmb
and basically get the same results
results below with www:www
In actual fact, it shouldn't matter at all what the permissions on the directory (and contained files) are, as long as the user that *RUNS* LedgerSMB has permission to READ all of the LedgerSMB files and execute any that have their execute bit set out of the box.

Generally we recommend creating a special system user (ledgersmb or similar) that is used to RUN LedgerSMB

NOTE: As with any web app, the RUNNING user should NEVER have WRITE permissions to ANYTHING except the tempdir and backupdir


I am sure this matters ledgersmb is in a jail

uname -a
FreeBSD jledgersmb15 11.0-STABLE FreeBSD 11.0-STABLE #0 r314815: Tue
Mar  7 09:28:20 EST 2017  

Ledgersmb 1.5.6 from git
Looks like the cause of most of your errors is probably here,
# starman -l :8080 -www ledgersmb -group
For the 1.5 series you need a slightly different starman commandline.

If you have a look at README.md and conf/systemd/ledgersmb_starman.service you will notice that the "standard" command to start LedgerSMB is....
starman --listen localhost:5762 -I lib tools/starman.psgi
Before running that, you should already be in the correct directory, and it should be run as the correct user
The following bash script should be adequate if sudo is available on the system.
If sudo isn't installed you would need to either install it, modify the script to use su, or modify the script to be run as the correct user by some other mechanism.

#!/bin/bash

clear;

####
# setup the user and group to run LedgerSMB as
###
LSMB_User='ledgersmb'
LSMB_Group='ledgersmb'
LSMB_installdir='/usr/local/www/ledgersmb'

####
# You may need to set the following variables if you are using local::lib and NOT running this script as the installing user
####
#    export PERL5LIB='/home/ledgersmb/perl5/lib/perl5'
#    export PERL_LOCAL_LIB_ROOT='/home/ledgersmb/perl5/lib/perl5'
#    export PERL_MB_OPT=--install_base "/home/ledgersmb/perl5"
#    export PERL_MM_OPT=INSTALL_BASE=/home/ledgersmb/perl5

####
# Run starman and LedgerSMB with as the user $LSMB_User
# Also ensure any local::lib environment variables are correctly set.
#   They are taken from values set above, or if not set from the invoking users environment
#   The PERL_MB_OPT and PERL_MM_OPT variables normally wouldn't be needed to run LedgerSMB,
#   but are needed in the environment used to update any cpan perl modules
####

sudo -u $LSMB_User bash <<EOScript
    [[ -n "${PERL5LIB}" ]] && {
        export PERL5LIB='${PERL5LIB}';
        [[ -n "${PERL_LOCAL_LIB_ROOT}" ]] && export PERL_LOCAL_LIB_ROOT='$PERL_LOCAL_LIB_ROOT'; # use single quotes to ensure the var retains it's integrity
        [[ -n "${PERL_MB_OPT}" ]] && export PERL_MB_OPT='$PERL_MB_OPT'; # use single quotes to ensure the var retains it's integrity
        [[ -n "${PERL_MM_OPT}" ]] && export PERL_MM_OPT='$PERL_MM_OPT'; # use single quotes to ensure the var retains it's integrity
        PATH="${PERL5LIB:+${PERL5LIB}:}\${PATH}";
    }
    cd ~/src/1-LedgerSMB/master &&
    starman -l *:5762 -I lib tools/starman.psgi
EOScript

I'll talk to the other devs and see if we can add that script (or similar) to the repository


www /usr/local/www/ledgersmb/tools/starman.psgi 2017/04/17-14:23:53
Starman::Server (type Net::Server::PreFork) starting! pid(51196)
Resolved [*]:8080 to [::]:8080, IPv6 Resolved [*]:8080 to
[0.0.0.0]:8080, IPv4 Binding to TCP port 8080 on host :: with IPv6
Binding to TCP port 8080 on host 0.0.0.0 with IPv4
Setting gid to "80 80"
Passed serialize value of none is incompatible with multiple ports -
using default serialize No configuration file; running with default
settings No configuration file; running with default settings
No configuration file; running with default settings
No configuration file; running with default settings
No configuration file; running with default settings
This should be fairly self explanatory, You need to run starman as a NON root user.
If you follow the info I posted above this error will go away
Error while loading /usr/local/www/ledgersmb/tools/starman.psgi:
==============================================================================
== Running a Web Service as root is a security problem == If you are
starting LedgerSMB as a system service == please make sure that you
drop privlidges as per README.md == and the example files in conf/
== This makes it difficult to run on a privlidged port (<1024)
== In theory you can pass the --user argument to starman,
== However starman drops privlidges too late, starting us as root.
==============================================================================
The rest of the errors are related to the 2 main issues the script above addresses.
1) you need to be running from the correct directory
2) you need local::lib environment variables correctly configured (if you are using it)
  at /usr/local/www/ledgersmb/tools/../lib/LedgerSMB/Sysconfig.pm line
469. Compilation failed in require
at /usr/local/www/ledgersmb/tools/../lib/LedgerSMB/App_State.pm line 9.
BEGIN failed--compilation aborted
at /usr/local/www/ledgersmb/tools/../lib/LedgerSMB/App_State.pm line 9.
Compilation failed in require
at /usr/local/www/ledgersmb/tools/../lib/LedgerSMB/Setting.pm line 58.
BEGIN failed--compilation aborted
at /usr/local/www/ledgersmb/tools/../lib/LedgerSMB/Setting.pm line 58.
Compilation failed in require
at /usr/local/www/ledgersmb/tools/../lib/LedgerSMB/PGNumber.pm line 15.
BEGIN failed--compilation aborted
at /usr/local/www/ledgersmb/tools/../lib/LedgerSMB/PGNumber.pm line 15.
Compilation failed in require
at /usr/local/www/ledgersmb/tools/../lib/LedgerSMB.pm line 149. BEGIN
failed--compilation aborted
at /usr/local/www/ledgersmb/tools/../lib/LedgerSMB.pm line 149.
Compilation failed in require
at /usr/local/www/ledgersmb/tools/../lib/LedgerSMB/PSGI.pm line 19.
BEGIN failed--compilation aborted
at /usr/local/www/ledgersmb/tools/../lib/LedgerSMB/PSGI.pm line 19.
Compilation failed in require
at /usr/local/www/ledgersmb/tools/starman.psgi line 13. BEGIN
failed--compilation aborted
at /usr/local/www/ledgersmb/tools/starman.psgi line 13. same results
with # starman -I lib --listen
localhost:5762 /usr/local/www/ledgersmb/tools/starman.psgi 

Thanks
Geordie

------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Ledger-smb-users mailing list
..hidden..
https://lists.sourceforge.net/lists/listinfo/ledger-smb-users

Regards
David G
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Ledger-smb-users mailing list
..hidden..
https://lists.sourceforge.net/lists/listinfo/ledger-smb-users