Topic on Project:Support desk

Jump to navigation Jump to search

ACTION FAILED: Could not open lock file for "mwstore://local-backend/local-public/..."

5
Buffa (talkcontribs)

ISSUE:

  • After having installed mediawiki 1.32.0 (release on 2019-01-11) and having imported DB, pages and images from my old mediawiki 1.22.0 I am now unable to upload any image and receive the following error message:
Could not open lock file for "mwstore://local-backend/local-public/4/4c/whereverfile.png".
Make sure your upload directory is configured correctly and your web server has
permission to write to that directory.
See https://www.mediawiki.org/wiki/Special:MyLanguage/Manual:$wgUploadDirectory for
more information.
I checked all the topics within the mediawiki support desk but unfortunately none of them worked.
  • No need to mention that my LocalSettings.php does not contain any of the following variables
and even if I try to set these variables (again they do not appear by default in LocalSettings.php), by the time I save the modifications, my mediawiki does not load any longer:
#$wgUploadPath = "$wgScriptPath/images"
#$wgUploadDirectory = "$IP/images"
#$wgTmpDirectory = "$IP/images/temp"
  • I am 100% sure that the apache user is www-data (I have obtained it after having executed the following command:
ps -ef | egrep '(httpd|apache2|apache)' | grep -v `whoami` | grep -v root | head -n1 | awk '{print $1}'
  • I compared permissions of my previous Mediawiki with the new one and they are the very same ones


WORKAROUND (NOT ACCEPTABLE)

The only solution (temporary) I came across at the moment is to issue the following command:

chmod -R 777 images

but this is not acceptable for security reasons.


ENVIRONMENT

No LSB modules are available.
Distributor ID: Ubuntu
Description:    Ubuntu 16.04.5 LTS
Release:        16.04
Codename:       xenial

Can someone please help me????

I ran out my ideas.

Thanks.

Bawolff (talkcontribs)

Like the error message says, is the upload directory writable by the webuser? That's what 777 would do, but that's not the only way to accomplish that, you could for example change the group to be www-data and make the mode by 770

Buffa (talkcontribs)

Hi Bawolff,

I have already done what you suggested. I thought it was implicit in my original post. After discovering that the Apache user is www-data I set the owner of the .../images folder and its contents to www-data. I have also tried setting the group to www-data and also doing chmod -R 775 images.


Any other suggestion?

Ciencia Al Poder (talkcontribs)

Note also that doing chmod -R 777 images will also change mode of files inside that folder to be executable, which is the real security risk.

To fix this:

find images -type f -exec chmod 644 {} \;

As Bawolff noted, you should change ownership of the folder. If you already uploaded some files, the current file owner of the uploaded files would tell you what's the user you should set as owner of the images directory.

Buffa (talkcontribs)

Hi Ciencia Al Poder,

Your suggestion worked and I guess I need some fresh air as I didn't think about it.

For future readers:

FINAL SOLUTION

  1. Leave permissions to 777 for the .../images folder and its content (for the moment)
  2. Upload a file (whatever)
  3. Find the full path of this file
  4. Check who the owner is
  5. After that set permissions for the .../images folder and its contents to: 770 (as Bawolff suggested) and change owner and group of the .../images folder and its contents to the user as per point 4 above


Thanks to both Bawolff and Ciencia Al Poder.