Syspass: Can't install SysPass 3.0 Beta CentOS (Minimal)

Created on 8 May 2018  路  6Comments  路  Source: nuxsmin/sysPass

Firstly, here are the steps I follow for installing the SysPass 3.0 Beta (they are mainly the same as nuxsmin's documentation, however, with corrections and changes): https://pastebin.com/4qv9Wr3W

After all that, when I go to http://IP_ADDRESS_HERE/sysPass/index.php , it fails. It appears that sysPass is not running.

Now, after I type "composer install" while inside of the sysPass directory (/var/www/html/sysPass), I get some signs of life from sysPass, however, the error is "No es posible escribir en el directorio "config" " (which translates roughly to "It is not possible to write to the "config" directory"). Once I do chmod 750 config/ and chown apache config/ , it still fails.

I'm really not sure why it is not working. Any help would be appreciated!

Thanks :) We really appreciate the work you've put into sysPass.

Side question, do you have any plans of offering paid support (such as direct email contact)? My company would love to help support you, at the same time being able to get your help with this amazing software.

aredoc kinquestion v3

All 6 comments

Hello @Felipe-Tendril

I'm glad to know that you're testing sysPass V3.

About the issue, it seems that either selinux could be blocking to write in that directory or you are setting the wrong directory, since in v3 it's located in .../app/config

Regarding the support, I'm currently quite busy on some projects, but in near future I'll open a patron-like account to achieve this kind of support.

Thanks for the feedback and testing!

Kind regards

Please, take into account that the .../app/cache directory also needs write permission.

Hey @nuxsmin , you were definitely right that it had to do with SELinux! I forgot to type these commands:

chcon -R -t httpd_sys_rw_content_t /var/www/html/sysPass/app/config/
chcon -R -t httpd_sys_rw_content_t /var/www/html/sysPass/app/backup/
chcon -R -t httpd_sys_rw_content_t /var/www/html/sysPass/app/temp/

For people who were also stuck, I also had to type these commands to finally get it to work:

chown -R apache /var/www/html/sysPass

and lastly:

chmod 750 /var/www/html/sysPass/app/config/

If I added too many permissions to folders/files, let me know @nuxsmin ! :)

Thanks for all the help @nuxsmin ! Can't wait to start testing the 3.0 beta! :D

After fresh installing CentOS 7 Minimal, I am stuck again. Here are all the steps I did: https://pastebin.com/wn1nvDLB

This is now the error: "
Warning: file_put_contents(/var/www/html/sysPass/app/cache/icons.cache): failed to open stream: Permission denied in /var/www/html/sysPass/lib/SP/Storage/FileCache.php on line 71

Warning: file_put_contents(/var/www/html/sysPass/app/cache/actions.cache): failed to open stream: Permission denied in /var/www/html/sysPass/lib/SP/Storage/FileCache.php on line 71
"
The error goes away by typing this command:
chmod 777 /var/www/html/sysPass/app/cache/

However, I don't actually know whether that is safe or not to do.

Edit: With the command "chmod 750 /var/www/html/sysPass/app/cache/" , the sysPass page partially loads, but not completely, and gives the 2 errors stated above. With the command "chmod 777 /var/www/html/sysPass/app/cache/" , the page completely loads, and doesn't appear to display any errors, however, when I try to "install" sysPass (via the webgui), it provides this error:

"
Unable to connect to the DB
Please, check the connection parameters
Error 1045: SQLSTATE[HY000] [1045] Access denied for user 'root'@'localhost' (using password: YES)
"

Edit2: Forgot to type in the command "chcon -R -t httpd_sys_rw_content_t /var/www/html/sysPass/app/cache/". After that, the two errors go away again, and the database error also appears to go away. I think we're good!!! :D

Alright, here is my final pastebin which seems to work fine across fresh installs: https://pastebin.com/wrzyqyY0

(RE)questions for the dev; Are there any commands that aren't needed, or any lesser permissions that I can give to the program, to make it more secure?

Thank you, and sorry for all the messages :)

That is a nice recipe!

Permissions are ok, and there shouldn't be any concerns about cache directory as it only stores nonsense data like icons , actions or ACLs.

You should be aware of securing all the application directories, except the public one, from accessing through a browser. It could be achieved by setting some directives in the web server configuration (ie. .htaccess or the global one)

Thanks for the feedback!

Regards

Was this page helpful?
0 / 5 - 0 ratings

Related issues

PedroMD picture PedroMD  路  7Comments

deajan picture deajan  路  4Comments

sdutina picture sdutina  路  6Comments

robert-scheck picture robert-scheck  路  8Comments

vmario89 picture vmario89  路  5Comments