VIDEOS directory flag error

[gbrn]

@DanielnetoDotCom I checked the following information that is being displayed erroneously:

Folder is created.

The permissions of all folders are: drwxr-xr-x

Folder owner is not root, could this be a problem?

[DanielnetoDotCom]

the information is correct, give the correct permission as described

[gbrn]

@DanielnetoDotCom So there is conflicting information: In the installer, it asks for permissions to be 775 for the videos folder.

Your videos directory must be writable The video directory does not exists, AVideo had no permition to create it, you must create it manualy! sudo mkdir /var/www/html/AVideo/videos

Then you can set the permissions (www-data means apache user). sudo chown www-data:www-data /var/www/html/AVideo/videos && sudo chmod 755 /var/www/html/AVideo/videos

My folder permission is set as per the installer. That's why I'm in doubt what is correct... the installer with 775... or 777 that says in the Compatibility Check?

The other problem is that he is having the videos folder created again... it is already created, including 200Gb of files!

Are these commands correct?

sudo mkdir /var/www/html/AVideo/view/configurations.phpvideos sudo chmod -R 777 /var/www/html/AVideo/view/configurations.phpvideos

In this image that I captured earlier, it already has other information...

[DanielnetoDotCom]

you are right, the correct one is the 777

the commands above are wrong

the correct may be

sudo mkdir /var/www/html/AVideo/videos
sudo chmod -R 777 /var/www/html/AVideo/videos

[gbrn]

ok Dani thanks for the correction.

As for the owner of the files and directories... it still maintains the command: sudo chown www-data:www-data /var/www/html/AVideo/videos I should put it recursive too, correct?

[DanielnetoDotCom]

make it recursive

[gbrn]

Dani, the directories and files are with correct permissions 777 and I defined that the owner is www-data. But the error presented by the system is the same from the beginning:

There's something wrong. Check the printscreen.... the path that the system indicates is not even correct.

Below is the listing of the videos directory and its respective permissions:

[DanielnetoDotCom]

Hi

I do not know why it is showing the view/configuration.php for you

are you using Ubuntu as a webserver?

be careful something seems to be messed up

I suspect something is wrong with your videos/configuration.php

please share its content here (hide your password and salt)

[gbrn]

Yes, I did a fresh install of Ubuntu 22.04.

I'm checking the settings in apache.

[gbrn]

I applied the following lines... but I didn't see a difference:

<Directory /var/www/html/AVideo/>
        Options Indexes FollowSymLinks
        XSendFile on
        XSendFilePath /var/www/html/AVideo/
        AllowOverride All
        Require all granted
        Order Allow,Deny
        Allow from All
</Directory>

[gbrn]

Dani, now it's ok... the problem is the same as reflected in the issue #7643

I had changed the lines DocumentRoot /var/www/html/ to DocumentRoot /var/www/html/AVideo/. This caused several problems. Fixed issue with accessing still images and videos.

[gbrn]

@DanielnetoDotCom I need to review the initial settings for APACHE2. I can't use the settings provided in the installation wiki: https://github.com/WWBN/AVideo/wiki/How-to-install-LAMP,-FFMPEG-and-Git-on-a-fresh-Ubuntu-22.x-for-AVideo-Platform-version-11.x-or-newer

There is something wrong with these instructions:

<VirtualHost *:80>
    DocumentRoot "/var/www/html/AVideo"
    ServerName mysite.com
    # ServerAlias www.mysite.com
    ServerAdmin webmaster@localhost
    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
<VirtualHost *:443>
    DocumentRoot "/var/www/html/AVideo"
    ServerName mysite.com
    # ServerAlias www.mysite.com
    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
<Directory /var/www/html/AVideo/>
    Options Indexes FollowSymLinks
    XSendFile on
    XSendFilePath /var/www/html/AVideo/
    AllowOverride All
    Require all granted
    Order Allow,Deny
    Allow from All
</Directory>

Putting this configuration that you teach in the installation step by step, my website presents all the errors reported in this issue

The configuration file I created looks like this:

<VirtualHost *:80>
    DocumentRoot "/var/www/html/AVideo"
    ServerName cinetv.com.br
    # ServerAlias www.mysite.com
    ServerAdmin webmaster@localhost
    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
<VirtualHost *:443>
    DocumentRoot "/var/www/html/AVideo"
    ServerName cinetv.com.br
    # ServerAlias www.mysite.com
    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
<Directory /var/www/html/AVideo/>
    Options Indexes FollowSymLinks
    XSendFile on
    XSendFilePath /var/www/html/AVideo/
    AllowOverride All
    Require all granted
    Order Allow,Deny
    Allow from All
</Directory>

Can you help improve this configuration?

. . . . Detail:

I noticed that the command to disable the default site defined in 000-default.conf is missing: sudo a2dissite 000-default.conf

I noticed that missing the command, used to load new .CONF files created:

To activate the new configuration, you need to run:
  systemctl reload apache2

[gbrn]

@DanielnetoDotCom Exemplifying the problem:

I'm trying to access the video file: http://cinetv.com.br/videos/video_230117134835_v6502/video_230117134835_v6502_HD.mp4 It is not loaded. Any video is not displayed, whether or not you are logged in to the AVideo platform.

When I access the URL of the image in the same directory, it opens normally: http://cinetv.com.br/videos/video_230117134835_v6502/video_230117134835_v6502.jpg

Only the video that does not display...

The files are on the server. With access permission 777 and owner www-data:

In the AVideo log, it informs that it does not find the image: [21-Feb-2023 23:44:45 America/Sao_Paulo] AVideoLog::DEBUG: Image not found for AVideo/videos/video_230117134835_v6502/video_230117134835_v6502_portrait_thumbsV2.jpg we are using path/to/my/streamer/site/videos/video_230117134835_v6502/video_230117134835_v6502_portrait.jpg instead SCRIPT_NAME: /view/img/image404.php

Apache log (I can't find anything wrong with apache): [22/Feb/2023:03:06:19 +0000] "GET /videos/video_230117134835_v6502/video_230117134835_v6502_HD.mp4 HTTP/1.1" 200 1181 "http://cinetv.com.br/videos/video_230117134835_v6502/video_230117134835_v6502_HD.mp4" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36"

[DanielnetoDotCom]

check this https://github.com/WWBN/AVideo/wiki/Install-Apache-XSendFIle

[gbrn]

@DanielnetoDotCom It worked! libapache2-mod-xsendfile was installed and enabled.

ubuntu@ubuntu-server-arm-02:/$ sudo apt-get install libapache2-mod-xsendfile
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
libapache2-mod-xsendfile is already the newest version (0.12-2).

ubuntu@ubuntu-server-arm-02:/$ sudo a2enmod xsendfile
Module xsendfile already enabled

But the virtual host didn't have the correct lines, XSendFile and the directory needed to be enabled: XSendFile on XSendFilePath /var/www/html/AVideo/

Thanks!

[gbrn]

you are right, the correct one is the 777

the commands above are wrong

the correct may be

sudo mkdir /var/www/html/AVideo/videos
sudo chmod -R 777 /var/www/html/AVideo/videos

@DanielnetoDotCom This issue has been fixed... but I was wondering... the 777 permission for the VIDEO directory would be a vulnerability. Because 777 gives maximum permission to files and directories. And in this directory there is a file with the database password. Could you tell me about the security of this command 777 this directory?

[gbrn]

In tests I changed the permissions to 755 and so far I haven't seen any permission issues. Even the system says that the directory has write permission:

[para2022]

In tests I changed the permissions to 755 and so far I haven't seen any permission issues. Even the system says that the directory has write permission:

Go into your videos directory and set avideo.log and configuration.php to 644

[gbrn]

@para2022 It is not very clear these settings. @DanielnetoDotCom says to put 777. I asked @DanielnetoDotCom about security, if it was risky to use 777 and nothing was said. I care about it!

Currently my entire VIDEOS directory is in 777 recursive (As I was instructed): drwxrwxrwx 422 www-data www-data 36864 May 7 19:19 videos

Although the system when creating new videos it doesn't get 777 initially.

I'm going to test changing the permission to 644 for the two files: avideo.log and configuration.php

@DanielnetoDotCom If you set up a table with the permissions that each directory and system files must have, it will be very useful for all of us users of the AVideo platform. I think it's good that we compromise with the security of the whole system.

[para2022]

I see no reason why the videos dir should be world writable as avideo should be the only script writing there and creating folders 755 and files 644 just like it should be. Folders generally should never be world writable to the web.