After getting a Aegir2 up and running on Debian 7.5 (x64) I noticed some issues whenever creating a new instance of Drupal or with hostmaster itself. My problems are:

I can't change the logo or other file-based aspects of hostmaster
I can't complete the installation of Drupal site without errors because I don't have file level permission to the files directory or settings.php
If I manually fix the file permission issues then I still have issues with cache directories not being created and broken images.

So did a bit of research and I believe I found this issue with _provision_default_web_group() found in provision.drush.inc. It prioritizes the httpd user group over the www-data group.

function _provision_default_web_group() {
  $info = posix_getgrgid(posix_getgid());
  $common_groups = array(
    'www',
    'www-data',
    'httpd',
    'apache',
    'webservd',
    'nogroup',
    'nobody',
    $info['name']);

  foreach ($common_groups as $group) {
    if (provision_posix_groupname($group)) {
      return $group;
      break;
    }
  }
  return NULL;
}

It also appears that apache runs under the www-data user group and that by changing the ownership of these key directories to the www-data my issue goes away. This begs 2 questions:

1. Should we change the order of $common_groups to prioritize www-data over httpd
2. Do we have automated tests that test the installation process of aegir 2 on the debian platform?

Steps to reproduce:
1. download the config.yaml.txt and change the file extension to .yaml so it reads config.yaml
2. drop the file into https://puphpet.com/ to set the config for a vagrantfile
3. create a vagrantfile with that config
4. use the resultant vagrant file to create a bare bones vm with wheezy
5. ssh into vagrant file and run installation steps found on http://www.aegirproject.org/
6. log into your aegir instance and try to do basic things with it like using a make file to create new drupal instances.

You'll run into trouble with every action.

CommentFileSizeAuthor
#2 provision-default_web_group_search_order-2296089-2.patch488 bytesergonlogic
config.yaml_.txt4.76 KBcosmicdreams
Support from Acquia helps fund testing for Drupal Acquia logo

Comments

cosmicdreams’s picture

cosmicdreams CreditAttribution: cosmicdreams commented
Title: sudo apt-get install aegir doesn't completely install Aegir2 for Debian 7 (wheezy) » sudo apt-get install aegir2 doesn't completely install Aegir2 for Debian 7 (wheezy)
ergonlogic’s picture

ergonlogic
he/him
Primary language English
Location Montréal, Québec 🇨🇦
CreditAttribution: ergonlogic commented
Title: sudo apt-get install aegir2 doesn't completely install Aegir2 for Debian 7 (wheezy) » Installer can detect incorrect default web group
Component: Debian package » Install process
Status: Active » Needs review
FileSize
provision-default_web_group_search_order-2296089-2.patch488 bytes

Normally, Debian will not have an 'httpd' group, and thus 'www-data' will be used. Something in your configuration (possibly even the basebox) is adding an 'httpd' group.

Actually, the current order is:

$common_groups = array(
    'www',
    'httpd',
    'www-data',
    'apache',
    'webservd',
    'nogroup',
    'nobody',
    $info['name'],
  );

From a bit of googling, these appear to be the default groups used by various OSes:

Distro Apache Nginx
Debian/Ubuntu www-data www-data
RHEL/CentOS/Fedora apache nginx
SUSE www (user: wwwrun) nginx
OSX _www ?
FreeBSD www www

Since 'www-data' is the default user on Debian for both apache2 and nginx, I'd suggest moving that to the top of the list. 'apache' and 'nginx' are the defaults on RedHat-based distros, and so, should probably come next. 'httpd' appears to be used by a number of other applications that ship with their own web server, and so should perhaps be moved towards the bottom of the list, as this would account for the class of bug described here.

I suggest the following order, and have attached a patch to that effect:

  $common_groups = array(
    'www-data',
    'apache',
    'nginx',
    'www',
    '_www',
    'webservd',
    'httpd',
    'nogroup',
    'nobody',
    $info['name']);
cosmicdreams’s picture

cosmicdreams CreditAttribution: cosmicdreams commented

In manually modifying the code specified above, I was able to resolve the issues that prevented an install task from finishing green. But that indicator seems to be a false positive.

(it appears that false positive is because I manually added my aegir account to the httpd group)

I'm still am not able to complete an installation process without file permission issues. The process is still trying to assign the httpd group to the files directory and the settings.php.

Is the value of this setting stored somewhere that i have to modify?

cosmicdreams’s picture

cosmicdreams CreditAttribution: cosmicdreams commented

Well I was looking through the puppet manifest for my vagrantfile tonight and I discovered the root of what MY problem was. Line 28 of my manifest.pp provided the instruction to create a httpd user (which I assume also made the OS create a httpd group for that user). Therefore It was properly finding that I had a httpd group created and not using the www-data group.

Removing the command that created the httpd group in the manifest.pp allowed me to spin up a new virtual machine that was able to properly install aegir and not have the file permission issues that was so prevalent in my first efforts.

That said ergonlogic's plan described above sounds good.

  • helmo committed 5af0b9b on 6.x-2.x-backports authored by ergonlogic 
    Issue #2296089 by ergonlogic, cosmicdreams: Fixed Installer can detect...
  • helmo committed b7171bf on 7.x-3.x authored by ergonlogic
    Issue #2296089 by ergonlogic, cosmicdreams: Fixed Installer can detect...
helmo’s picture

helmo CreditAttribution: helmo commented
Status: Needs review » Fixed

Status: Fixed » Closed (fixed)

Automatically closed - issue fixed for 2 weeks with no activity.