[Solved] NFS and LiteSpeed

[netjess]

Hello,

I have setup an NFS server to hold site files, I have two LiteSpeed servers with a load balancer and would like to use NFS rather than rsync to keep them the same.
The NFS server seems to work fine. I cann SSH into either of the web servers and create files from the CLI.

When I try to modify the VHOST to use the NFS mounted folder as the site root the admin UI gives me the error "*file /var/www/conf/sitename/vhconf.xml does not exist. Please create manually".

Then I look at the server log it has the following:
--------------------------------
[192.168.1.2:54372-0#_AdminVHost] [STDERR] PHP Warning: is_file() [<a href='function.is-file'>function.is-file</a>]: Stat failed for /var/www/conf/sitename/vhconf.xml (errno=13 - Permission denied) in /usr/local/lsws/admin/html.4.0.20/classes/ConfValidation.php on line 627
--------------------------------
The NFS share is mounted as /var/www/share
I am attemting to use the site as follows:
/var/www/share/sitename/
/var/www/conf/sitename/vhconf.xml <-- keeping the conf xml local.

I have tried to chmod and chown the folders to allow www-data access.
for the folder /var/www/conf/
drwxrwxr-- 3 www-data share 4096 2011-07-08 17:01 conf

I am not sure abot the part of the error "192.168.1.2:54372-0#_AdminVHost".
192.168.1.2 is not my IP or the IP of the web server. where is this comming from or is it not an IP?

Thank you,

 

[webizen]

192.168.1.2 (internal IP) is the client IP. The error message indicates that NFS client (webserver) has no write permission to files on the NFS server. make sure folder /var/www/conf/sitename/ should be writeable by www-data.

--------------------------------
[192.168.1.2:54372-0#_AdminVHost] [STDERR] PHP Warning: is_file() [<a href='function.is-file'>function.is-file</a>]: Stat failed for /var/www/conf/sitename/vhconf.xml (errno=13 - Permission denied) in /usr/local/lsws/admin/html.4.0.20/classes/ConfValidation.php on line 627
--------------------------------

 

[netjess]

192.168.1.2 is not my workstation IP or the IP of the web server (it is the IP of my proxy).
Also /var/www/conf/sitename/ is a local path on the web server and not the NFS share.

I do not understand why it would be attempting to reference the proxy IP in a write attempt. I am doing all of this logged into the admin interface If I can loginto the admin UI why wouldn't it execute a change?

 

[netjess]

OK, just for giggles, I tried using Firefox with no proxy setings to log into the admin UI. It gives the same error even though Firefox is not using the proxy. So I still have not clue how it is getting the 192.168.1.2 IP.

 

[netjess]

Well, I really don't believe that it should be referencing my local IP as the source for a mkdir request. I added the following to the /etc/exports file on the NFS server:
/share 192.168.1.44(rw,sync,no_root_squash,no_subtree_check) 192.168.1.2(rw,sync,no_root_squash,no_subtree_check).
restarted NFS.
This still failed.

 

[webizen]

it depends on your local routing table as to why your local IP is used as source.

Regarding permission issue, create test file in /var/www/conf/sitename/ (which is local on the web server) as www-data from CLI and see if it works. i.e., run below as root

cd /var/www/conf/sitename
su -c 'touch test' www-data

cd /var/www/share/sitename/
su -c 'touch test' www-data

Regarding your nfs share setup, you should have the IP for your webserver IP listed as client instead of 192.168.1.2 (end user).

 

[netjess]

About the NFS setup I do have the web servers IPs in there. I just added my local IPs since it appeared it was attempting to write as if from there.

/etc/exports:
/share 199.204.136.47(rw,sync,no_root_squash,no_subtree_check) 199.204.136.48(rw,sync,no_root_squash,no_subtree_check)
/share 192.168.1.44(rw,sync,no_root_squash,no_subtree_check) 192.168.1.2(rw,sync,no_root_squash,no_subtree_check)
----------------------------------------------

Regarding testing www-data account, do you know what password I would use or do I need to reset the password for www-data account? Isn't that account auto generated when you setup the web server?
Thank you.

 

[webizen]

...
Regarding testing www-data account, do you know what password I would use or do I need to reset the password for www-data account? Isn't that account auto generated when you setup the web server?

If you run the command (i.e., su -c 'touch test' www-data) as root user, you should not be prompted for password.

 

[netjess]

OK, well I used "sudo su -c 'touch test' www-data" and passed the password of the user I was ssh'd and that worked just fine.

 

[webizen]

also make sure admin server user (i.e., lsadm) has write permission.

 

[netjess]

regarding the lsadm account. could I just add that account to a group I created for permission to the folder or would that have some advers impact? or should I just chmod and add the permission?

 

[webizen]

vhconf.xml is supposed to be created by lsadm. lsadm user should be able to create files under /var/www/conf/sitename. lsadm should also be in the web server group.

 

[netjess]

I sent you a PM.
Thank you for your help. Is there a writeup or KB article on how to setup a NFS repository behind LiteSpeed servers?
I did some searching but couldn't locate anything.

 

[webizen]

LSWS has no knowledge of NFS. Just make sure NFS share has the same ownership/permission as if it is local file system: admin web user (lsadm) has ownership and write permission to the config files.

# ls -ld /path/to/lsws/conf
drwx------ 4 lsadm lsadm 4096 Jul 10 12:47 /path/to/lsws/conf/ # e.g. /usr/local/lsws/conf

 

[netjess]

It seems I was able to fix this by using the command:
sudo chown -R lsadm:lsadm /path/to/conf

Thanks.