|
reseller user |
I have filled that FTP server credentials into my reseller account backup wizard and it accepted the data without error.
But backups was not made and no error message arrived into DA account message system.
After spending substantial amount of time and bothewring my hosting provider, we found that particular directory "/home/user/" into which backups should have been placed had not enough rights as my FTP client said:
put: Access failed: 553 Could not create file.
"/home/user/tmp" had enough rights to create file. That directories properties:
File: ‘.’
Size: 4096 Blocks: 8 IO Block: 4096 directory
Device: 804h/2052d Inode: Links: 3
Access: (0700/drwx------) Uid: ( 1000/ user) Gid: ( 1000/ user)
Context: unconfined_u:object_r:user_home_dir_t:s0
File: ‘tmp’
Size: 48 Blocks: 0 IO Block: 4096 directory
Device: 804h/2052d Inode: Links: 2
Access: (0775/drwxrwxr-x) Uid: ( 1000/ user) Gid: ( 1000/ user)
Context: unconfined_u:object_r:user_tmp_t:s0
but even when i changed /home/user/ permissions to 775 it still complained same error. So i changed permissions back to 700 and i tried to list selinux values:
$ getsebool -a | grep ftp
ftpd_anon_write --> off
ftpd_connect_all_unreserved --> off
ftpd_connect_db --> off
ftpd_full_access --> off
ftpd_use_cifs --> off
ftpd_use_fusefs --> off
ftpd_use_nfs --> off
ftpd_use_passive_mode --> off
httpd_can_connect_ftp --> off
httpd_enable_ftp_server --> off
tftp_anon_write --> off
tftp_home_dir --> off
and run:
setsebool ftpd_full_access on
Then my FTP client started working to create file in "/home/user/"
Interesting is that other app was able to transfer files to this server "/home/user/" directory via FTP even that selinux parameter was off.
Moreover DA was continuing to complain "ftp_upload.php output: curl: (9) Server denied you to change to the given directory"
then i discovered that the DA backup wizard value "Remote Path" should not be empty (As default root FTP directory, not "/" as root FTP directory, but it should be absolute path (/home/ftpuserhere/dabackups) ...
I think DA should mention this in wizard to prevent confusion, please.
So backup now works!
SUMMARY:
- add more description to that Remote Path variable so people know they need to use full/absolute path.
- make sure DA backup systems sents message to DA user if backup fail due to unable to create file as described above
- also i was wondering why other content management system (not DA) was able to transfer file even with mentioned selinux boolean off, if that is something to fix also.
My provider is using up to date DA at a time of writing. I am not server admin, just a reseller user.