Z-Push 2.4.0 - nginx configuration file
Now that Z-push 2.4 has been released as official … I may suggest that when installing the z-push-config-nginx module the following permissions are also set during installation:
/var/lib/z-push/* must be owned by nginx : z-push (not apache:z-push)
/etc/logrotate.d/z-push.lr should remove “create apache apache”
I am running on Centos 7 with Nginx
Hi, thanks for the report. I’ve created an issue for it https://jira.z-hub.io/browse/ZP-1375
I am not sure why we didn’t see this/create the ticket before, but we will fix asap.
@milauria we have fixed ZP-1375 and it’s released in Z-Push 2.4.1 beta1.
Could you try to install/update to this version and report back? Thank you!
With the Z-Push 2.4.1 beta1 installed I see that now the logrotate contains “create root z-push” which also does not work for me.
I need to be “create nginx z-push” to make let z-push write its log file … or just delete the “create” statement so that it inherits the permission from its folder
Basically to make it work I need both /var/log/z-push and /var/lib/z-push to be owned by the “nginx” user
are there any errors? z-push group does have the right permissions for both folders, doesn’t it?
seems to be the file owner the problem, not the file group
The /var/lib/z-push owner needs to be “nginx”. The z-push install I think defaults the owner as “root” and in that case I get the below fatal error. After I did the “chown nginx” the error went away.
[FATAL] Exception: (FatalMisconfigurationException) - Not possible to write to the configured state directory.
[FATAL] FatalMisconfigurationException: Not possible to write to the configured state directory. - code: 0 - file: /usr/share/z-push/lib/default/filestatemachine.php:63
Similarly /var/log/z-push needs to owned by nginx AND needs to be writable only by the user.
The error I get: "parent directory has insecure permissions (It’s world writable or writable by group which is not “root”)"
I also removed altogether the “create” statement in the z-push.lr so that every new log is created with the same folder permission
could you post the output of
With the current spec file configuration it’s not so trivial to change the ownership to user nginx. That’s why we introduced the z-push group which has the right permissions.