Example of Suitecrm creating files with different permissions

I had posted that Suitecrm creates weird permissions. Here is a good example from v8.3. This is from a bitnami container but v8.3 creates a file called config_override.php when you change options like enabling stack trace. This causes an error and failure because, in this case, Suitecrm doesn’t have permissions to the file it created.

This is what I refer to as not being “self-aware”. The app should know who the apache user is and root and who Suitecrm can use for permissions by now. If we can find out where these files and caches are created and add logging then I believe the next versions can make better headway. Permissions on Suitecrm are probably the #1 problem I have seen. I do not believe users should be messing with permissions and making directory permisssion changes. I believe that is a job for the software and is needed so that more people can have error-free installations.

Take a look. Suitecrm installs most files with daemon and root permissions. Then, it creates the config_override.php and access fails. User has done nothing except checked the “stack trace” option. There are a lot of options written to config_override so when the file isn’t accessible then we end up with a lot of server 500 issues. Developers should log file and directory creation variables to help debug this stuff. It would make everyone’s job to help debug much easier.

$sugar_config['default_export_charset'] = 'ISO-8859-1';
$sugar_config['email_allow_send_as_user'] = false;
$sugar_config['email_xss'] = 'YToxMzp7czo2OiJhcHBsZXQiO3M6NjoiYXBwbGV0IjtzOjQ6ImJhc2UiO3M6NDoiYmFzZSI7czo1OiJlbWJlZCI7czo1OiJlbWJlZCI7czo0OiJmb3JtIjtzOjQ6ImZvcm0iO3M6NToiZnJhbWUiO3M6NToiZnJhbWUiO3M6ODoiZnJhbWVzZXQiO3M6ODoiZnJhbWVzZXQiO3M6NjoiaWZyYW1lIjtzOjY6ImlmcmFtZSI7czo2OiJpbXBvcnQiO3M6ODoiXD9pbXBvcnQiO3M6NToibGF5ZXIiO3M6NToibGF5ZXIiO3M6NDoibGluayI7czo0OiJsaW5rIjtzOjY6Im9iamVjdCI7czo2OiJvYmplY3QiO3M6MzoieG1wIjtzOjM6InhtcCI7czo2OiJzY3JpcHQiO3M6Njoic2NyaXB0Ijt9';
$sugar_config['developerMode'] = false;
$sugar_config['logger']['level'] = 'warn';
$sugar_config['stackTrace'] = false;
$sugar_config['stack_trace_errors'] = false;
$sugar_config['dashlet_auto_refresh_min'] = '-1';
$sugar_config['log_memory_usage'] = true;

If it is properly configured, it won’t do this.

You need correct ownerships and permissions to start with.

This includes things often overlooked such as the ownerships and permissions of the parent directories, and their SetUID and SetGID bits. I believe this is what’s tripping you in the example you described.

Then you need proper settings in config.php, default_permissions array.