Can not delete logs from system utilities

[jpimentel]

I have been working on cacti trying to fix some other problems I had today, and noticed that when I click clear cacti log file the alarms remain there, and only refresh. The link for the action is = to http://address/cacti/utilities.php?action=clear_logfile.

Any suggestions?

[gandalf]

The webserver's user seems to lack write permissions for that file
Reinhard

[jpimentel]

How do I check which user was created for mysql? The server I am on has a bunch of users, not sure which account to give the permissions to.

chown -R cactiuser rra/ log/

When it was installed I guess cactiuser was not selected.

[gandalf]

How do I check which user was created for mysql? The server I am on has a bunch of users, not sure which account to give the permissions to.

chown -R cactiuser rra/ log/

When it was installed I guess cactiuser was not selected.

I did not ask for the mysql user, I asked for the webserver's (httpd) user. The chown above is correct. But the logfile may need special permissions. Personally, I do not like that: deleting files from a browser. So I did not walk through this.
Reinhard

[jpimentel]

It just bugs me that it does not do what it is supposed to do, and that I dont know why, lol. Cactiuser has the proper permissions, but unfortunitly I can still not delete. When you say special permissons, what do you mean. I gave 777 so it should have total access. Is there somthing else I should look into?

[gandalf]

Write access for the directory? Not that sure on file permissions, sorry
Reinhard

[jpimentel]

Thanks for the help. I am in the right direction now. I will let ya know what was wrong and how I fixed it.

Thanks again

Cheers!

[N3NCY]

For me, the fix was:
chown -R nobody /opt/apache/htdocs/cacti/

My web server runs as user "nobody"
My cacti is installed in /opt/apache/htdocs/cacti/

[jpimentel]

\var\www\html\cacti is where mine is. The user is cacti user. I have set the correct permissions but for some unknown reason to me, I can only clear the logs manually through command line.

drwxr-xr-x 2 cactiuser cacti 4096 Feb 20 11:53 log
I am still looking into it, and as soon as I find a solution I will post. If you have any suggestions, let me know.

[jpimentel]

Anyone have any suggestions. I am still having problems with this one.

[elnino]

\var\www\html\cacti is where mine is. The user is cacti user. I have set the correct permissions but for some unknown reason to me, I can only clear the logs manually through command line.

Does Apache run as cactiuser also? On most systems, Apache runs as "nobody" and that is the user that needs access to delete the log file. If you are unsure, run this command:

Code: Select all

ps -ef | grep httpd

[jpimentel]

[root@syslog /]# ps -ef | grep httpd
root 30764 1 0 Feb17 ? 00:00:00 /usr/sbin/httpd
apache 16192 30764 0 Feb19 ? 00:00:43 /usr/sbin/httpd
apache 16193 30764 0 Feb19 ? 00:00:43 /usr/sbin/httpd
apache 16194 30764 0 Feb19 ? 00:00:44 /usr/sbin/httpd
apache 16196 30764 0 Feb19 ? 00:00:44 /usr/sbin/httpd
apache 16197 30764 0 Feb19 ? 00:00:39 /usr/sbin/httpd
apache 16198 30764 0 Feb19 ? 00:00:41 /usr/sbin/httpd
apache 16201 30764 0 Feb19 ? 00:00:44 /usr/sbin/httpd
apache 11972 30764 0 Feb20 ? 00:00:32 /usr/sbin/httpd
root 20046 19994 0 13:11 pts/3 00:00:00 grep httpd


This is what I got.

[elnino]

[root@syslog /]# ps -ef | grep httpd
root 30764 1 0 Feb17 ? 00:00:00 /usr/sbin/httpd
apache 16192 30764 0 Feb19 ? 00:00:43 /usr/sbin/httpd
apache 16193 30764 0 Feb19 ? 00:00:43 /usr/sbin/httpd
apache 16194 30764 0 Feb19 ? 00:00:44 /usr/sbin/httpd
apache 16196 30764 0 Feb19 ? 00:00:44 /usr/sbin/httpd
apache 16197 30764 0 Feb19 ? 00:00:39 /usr/sbin/httpd
apache 16198 30764 0 Feb19 ? 00:00:41 /usr/sbin/httpd
apache 16201 30764 0 Feb19 ? 00:00:44 /usr/sbin/httpd
apache 11972 30764 0 Feb20 ? 00:00:32 /usr/sbin/httpd
root 20046 19994 0 13:11 pts/3 00:00:00 grep httpd


This is what I got.

Ok, try making apache owner of your Cacti log file and see if the "Clear log file" link works. You might need to do it on the directory also, I'm not sure

[rony]

Ok, this thread is annoying me... Mostly because no one has given an answer that is a good answer.

The proper permissions should only be applyed as such:

• <cacti_path> should be owned by the cactiuser or some user OTHER THAN THE WEB SERVER. This is important as you don't want the webserver to have to abbility to overwrite php scripts.
• <cacti_path>/rra should be world readable but only writeable by the user that runs the poller, IE, cactiuser.
• <cacti_path>/log should be world readable and writable by the user that runs the poller. If you want to have the ability to clear the log from the web interface, then special permissions should be used. The best approach is to apply a sticky bit to the group permissions so that all files in the directory are set to the same group, despite the owner. So, you would make sure that you poller user and the webserver are members of the same group, IE, cactilog, and apply the following permissions to the <cacti_path>/logs directory: `chmod 2775 <cacti_path>/logs; chgrp cactilog <cacti_path>/logs`. This way any file in the <cacti_path>/logs directory if created by the poller or by the webserver will still be readable and writeable by the poller and the web server.

Any questions, let me know.

[jpimentel]

Thank you Tony