Problem with permissions before upgrade

I’ve found a way to get around this but today I decided that there must be something wrong and I should fix it.
Every time I try to upgrade, I get the bad file permissions error.
This is for files in the log and the following list:

/var/www/sugarcrm/cache/modules/Users/Uservardefs.php	0755	root	www-data
/var/www/sugarcrm/cache/modules/UserPreferences/UserPreferencevardefs.php	0755	root	www-data
/var/www/sugarcrm/cache/modules/SecurityGroups/SecurityGroupvardefs.php	0755	root	www-data
/var/www/sugarcrm/cache/modules/SchedulersJobs/SchedulersJobvardefs.php	0755	root	www-data
/var/www/sugarcrm/cache/modules/Schedulers/Schedulervardefs.php	0755	root	www-data
/var/www/sugarcrm/cache/modules/Relationships/Relationshipvardefs.php	0755	root	www-data
/var/www/sugarcrm/cache/modules/InboundEmail/InboundEmailvardefs.php	0755	root	www-data
/var/www/sugarcrm/cache/modules/Employees/Employeevardefs.php	0755	root	www-data
/var/www/sugarcrm/cache/modules/EmailAddresses/EmailAddressvardefs.php	0755	root	www-data
/var/www/sugarcrm/cache/modules/Administration/Administrationvardefs.php	0755	root	www-data
/var/www/sugarcrm/cache/modules/AOW_WorkFlow/AOW_WorkFlowvardefs.php	0755	root	www-data
/var/www/sugarcrm/cache/modules/AOD_Index/AOD_Indexvardefs.php	0755	root	www-data

My config.php is OK. For my install (Debian 8) these should be www-data/www-data.
As you can see from the list above, I have user as “root” but correct group.
The logs are all root/root.
One posting said that the cron job may be set up wrong.
Here is my cron list

crontab -l -u root
* * * * * cd /var/www/sugarcrm/; php -f cron.php > /dev/null 2>&1 
@daily /etc/webmin/mysql/ --all
29 10 * * * /etc/webmin/package-updates/
# 0 15 * * * test -x /usr/sbin/cron-apt && /usr/sbin/cron-apt

and for www-data, there is nothing.

crontab -l -u www-data
crontab -l -u www-data
# Edit this file to introduce tasks to be run by cron.
# Each task to run has to be defined through a single line
# indicating with different fields when the task will be run
# and what command to run for the task
# To define the time you can provide concrete values for
# minute (m), hour (h), day of month (dom), month (mon),
# and day of week (dow) or use '*' in these fields (for 'any').# 
# Notice that tasks will be started based on the cron's system
# daemon's notion of time and timezones.
# Output of the crontab jobs (including errors) is sent through
# email to the user the crontab file belongs to (unless redirected).
# For example, you can run a backup of all your user accounts
# at 5 a.m every week with:
# For more information see the manual pages of crontab(5) and cron(8)
# m h  dom mon dow   command
# 0 5 * * 1 tar -zcf /var/backups/home.tgz /home/

So only root is running cron jobs.
And this is what is in the syslog

cat /var/log/syslog | grep -i cron
Dec 30 06:26:01 crm /USR/SBIN/CRON[29497]: (root) CMD (cd /var/www/sugarcrm/; php -f cron.php > /dev/null 2>&1 )

I also noticed that the following is the the cron.php. I don’t know if this has any bearing on the issue.

global $current_user;
$current_user = new User();

I presume that the following line in the root crontab is wrong and should be run by www-data?

* * * * * cd /var/www/sugarcrm/; php -f cron.php > /dev/null 2>&1 

Can someone confirm this thought is correct?

Hello! You have a perfect case of the “cron shouldn’t be running as root” problem.

Each user has its own cron. Go into the root cron and remove the line with cron.php in it.

Then enter the www-data cron with this command:

sudo crontab -e -u www-data

And add that line there. Check your logs to make sure that the cron jobs now run as www-data.

Don’t forget to reset your permissions one final time - if all goes well, you shouldn’t have to do that anymore after today.

If it works for you, please go into that Github issue and place a “+1” reaction on the initial text. Thank you. Merry new year!

1 Like

Thanks that worked!