search

omega8cc / boa

Barracuda Octopus Aegir 5.2.0
https://omega8.cc/compare
395 stars 76 forks source link

Permission denied error when updating Drupal 8 core via Composer #1331

Open CLKeenan opened 5 years ago

CLKeenan commented 5 years ago

putty_2019-02-06_22-24-51

I started my Drupal site using drupal-composer/drupal-project (8.6.7), so I ran:

composer update drupal/core webflo/drupal-core-require-dev --with-dependencies as documented here: https://www.drupal.org/docs/8/update/update-core-via-composer

However, I ran into a permission denied error:

[Composer\Downloader\TransportException]
The "https://cgit.drupalcode.org/drupal/plain/sites/development.services.yml?h=8.6.8" file could not be 
written to .../web/sites/development.services.yml: failed to open stream: Permission denied

I tried to re-run the update command, but was told there was nothing to update. My Drupal Status report tells me that the platform is on 8.6.8, but I fear that only a subset of the required core files were updated to the latest 8.6.8 version.

My site is hosted by Omega8. When I ran the composer command to create my site ( drupal-composer/drupal-project), I ran it using the 'xyz.ftp' user. After I created the platform and site within the Aegir control panel, all of the folder/files within the /web folder (where /index.php and /core lives) are owned by 'xyz' user.

Both 'xyz' and 'xyz.ftp' users belong to the Group 'users'. The reason why this failed is because web/sites/development.services.yml is owned by 'xyz' and the chmod properties are 0755(which means the 'Users' Group has no write access).

All that said, I now have an understanding of 'why' it failed. What I don't know is why were the permissions setup this way in the first place and what would break if I changed them.

Questions are:

  1. How can I fix the permission error?
  2. How can I force re-run the code update to ensure all files are updated to 8.6.8?
omega8cc commented 5 years ago

You should not update core on any existing platform. BOA intentionally changes ownership of your codebase to the Aegir backend user to allow Aegir to manage its tasks without errors, and to make sure the codebase is not writable by the web user either, which is separate user, but also not writable by your limited shell user. Only the sites/all/modules,themes,libraries directories remain writable by the limited shell user. That is by design. To use updated core you should create a new platform with new core and migrate sites from previous platform. Besides, the sites/development.services.yml file is never used in BOA anyway, because this location is not multi-site aware, so instead BOA uses sites/foo.bar/files/development.services.yml, mainly to disable Redis for debugging, which is documented in https://github.com/omega8cc/boa/blob/master/docs/DEVELOPMENT.txt