starred/BookStack
1
0
Fork 0
mirror of https://github.com/BookStackApp/BookStack.git synced 2026-02-05 08:39:55 +03:00
Code Issues 531 Packages Projects Releases 10 Wiki Activity

Permission Denied #2791

New Issue
Closed
opened 2026-02-05 05:12:44 +03:00 by OVERLORD · 8 comments
OVERLORD commented 2026-02-05 05:12:44 +03:00
Owner
Copy Link

Originally created by @Suddenflame on GitHub (May 13, 2022).

Attempted Debugging

  • I have read the debugging page

Searched GitHub Issues

  • I have searched GitHub for the issue.

Describe the Scenario

Trying to install BookStack onto a new RHEL 8 server but still having issues with permissions it seems. I even tested by giving 777 to the storage location with no change in the permission error.

The error log is from one that I set to 777.

I have set user to nginx and group to nginx as that's what Nginx is currently set to.

I followed the code here:
https://github.com/blogmotion/bm-bookstack-install/blob/master/bookstack-install-centos8.sh

Exact BookStack Version

Latest

Log Content

2022/05/13 13:00:28 [error] 30750#0: *11 FastCGI sent in stderr: "PHP message: PHP Fatal error:  Uncaught ErrorException: file_put_contents(/var/www/bookstack/storage/framework/views/444e2e0a8c776f8bed9002e3000a037539df392e.php): failed to open stream: Permission denied in /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Filesystem/Filesystem.php:187
Stack trace:
#0 [internal function]: Illuminate\Foundation\Bootstrap\HandleExceptions->handleError()
#1 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Filesystem/Filesystem.php(187): file_put_contents()
#2 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/View/Compilers/BladeCompiler.php(169): Illuminate\Filesystem\Filesystem->put()
#3 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/View/Engines/CompilerEngine.php(55): Illuminate\View\Compilers\BladeCompiler->compile()
#4 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/View/View.php(139): Illuminate\View\Engines\CompilerEngine->get()
#5 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/View/View.php(122):...PHP message: PHP Fatal error:  Uncaught ErrorException: file_put_contents(/var/www/bookstack/storage/framework/views/444e2e0a8c776f8bed9002e3000a037539df392e.php): failed to open stream: Permission denied in /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Filesystem/Filesystem.php:187
Stack trace:
#0 [internal function]: Illuminate\Foundation\Bootstrap\HandleExceptions->handleError()
#1 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Filesystem/Filesystem.php(187): file_put_contents()
#2 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/View/Compilers/BladeCompiler.php(169): Illuminate\Filesystem\Filesystem->put()
#3 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/View/Engines/CompilerEngine.php(55): Illuminate\View\Compilers\BladeCompiler->compile()
#4 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/View/View.php(139): Illuminate\View\Engines\CompilerEngine->get()
#5 /var/www/bookstack/vendor/larave

PHP Version

7.4

Hosting Environment

RHEL 8 with Nginx

Originally created by @Suddenflame on GitHub (May 13, 2022). ### Attempted Debugging - [X] I have read the debugging page ### Searched GitHub Issues - [X] I have searched GitHub for the issue. ### Describe the Scenario Trying to install BookStack onto a new RHEL 8 server but still having issues with permissions it seems. I even tested by giving 777 to the storage location with no change in the permission error. The error log is from one that I set to 777. I have set user to nginx and group to nginx as that's what Nginx is currently set to. I followed the code here: https://github.com/blogmotion/bm-bookstack-install/blob/master/bookstack-install-centos8.sh ### Exact BookStack Version Latest ### Log Content ``` 2022/05/13 13:00:28 [error] 30750#0: *11 FastCGI sent in stderr: "PHP message: PHP Fatal error: Uncaught ErrorException: file_put_contents(/var/www/bookstack/storage/framework/views/444e2e0a8c776f8bed9002e3000a037539df392e.php): failed to open stream: Permission denied in /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Filesystem/Filesystem.php:187 Stack trace: #0 [internal function]: Illuminate\Foundation\Bootstrap\HandleExceptions->handleError() #1 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Filesystem/Filesystem.php(187): file_put_contents() #2 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/View/Compilers/BladeCompiler.php(169): Illuminate\Filesystem\Filesystem->put() #3 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/View/Engines/CompilerEngine.php(55): Illuminate\View\Compilers\BladeCompiler->compile() #4 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/View/View.php(139): Illuminate\View\Engines\CompilerEngine->get() #5 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/View/View.php(122):...PHP message: PHP Fatal error: Uncaught ErrorException: file_put_contents(/var/www/bookstack/storage/framework/views/444e2e0a8c776f8bed9002e3000a037539df392e.php): failed to open stream: Permission denied in /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Filesystem/Filesystem.php:187 Stack trace: #0 [internal function]: Illuminate\Foundation\Bootstrap\HandleExceptions->handleError() #1 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Filesystem/Filesystem.php(187): file_put_contents() #2 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/View/Compilers/BladeCompiler.php(169): Illuminate\Filesystem\Filesystem->put() #3 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/View/Engines/CompilerEngine.php(55): Illuminate\View\Compilers\BladeCompiler->compile() #4 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/View/View.php(139): Illuminate\View\Engines\CompilerEngine->get() #5 /var/www/bookstack/vendor/larave ``` ### PHP Version 7.4 ### Hosting Environment RHEL 8 with Nginx
OVERLORD added the 🐕 Support label 2026-02-05 05:12:44 +03:00
OVERLORD commented 2026-02-05 05:13:00 +03:00
Author
Owner
Copy Link

@ssddanbrown commented on GitHub (May 13, 2022):

Hi @Suddenflame,

This to me sounds like it could be SELinux. Is SELinux active currently?

@ssddanbrown commented on GitHub (May 13, 2022): Hi @Suddenflame, This to me sounds like it could be SELinux. Is SELinux active currently?
OVERLORD commented 2026-02-05 05:13:06 +03:00
Author
Owner
Copy Link

@Suddenflame commented on GitHub (May 13, 2022):

Hi @Suddenflame,

This to me sounds like it could be SELinux. Is SELinux active currently?

SELinux is currently active:
SELinux status: enabled
SELinuxfs mount: /sys/fs/selinux
SELinux root directory: /etc/selinux
Loaded policy name: targeted
Current mode: enforcing
Mode from config file: enforcing
Policy MLS status: enabled
Policy deny_unknown status: allowed
Memory protection checking: actual (secure)
Max kernel policy version: 33

@Suddenflame commented on GitHub (May 13, 2022): > Hi @Suddenflame, > > This to me sounds like it could be SELinux. Is SELinux active currently? SELinux is currently active: SELinux status: enabled SELinuxfs mount: /sys/fs/selinux SELinux root directory: /etc/selinux Loaded policy name: targeted Current mode: enforcing Mode from config file: enforcing Policy MLS status: enabled Policy deny_unknown status: allowed Memory protection checking: actual (secure) Max kernel policy version: 33
OVERLORD commented 2026-02-05 05:13:09 +03:00
Author
Owner
Copy Link

@ssddanbrown commented on GitHub (May 13, 2022):

@Suddenflame Are you able to temporarily disable SELinux to see if things start working? To confirm that it's SELinux?

Alternatively you could watch/search your audit logs to see if you're getting related events:
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html/security-enhanced_linux/sect-security-enhanced_linux-fixing_problems-searching_for_and_viewing_denials

@ssddanbrown commented on GitHub (May 13, 2022): @Suddenflame Are you able to temporarily disable SELinux to see if things start working? To confirm that it's SELinux? Alternatively you could watch/search your audit logs to see if you're getting related events: https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html/security-enhanced_linux/sect-security-enhanced_linux-fixing_problems-searching_for_and_viewing_denials
OVERLORD commented 2026-02-05 05:13:13 +03:00
Author
Owner
Copy Link

@Suddenflame commented on GitHub (May 13, 2022):

@Suddenflame Are you able to temporarily disable SELinux to see if things start working? To confirm that it's SELinux?

Alternatively you could watch/search your audit logs to see if you're getting related events: https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html/security-enhanced_linux/sect-security-enhanced_linux-fixing_problems-searching_for_and_viewing_denials

New error message after disabling.
2022/05/13 14:04:27 [error] 1648#0: *1 open() "/var/www/bookstack/public/login" failed (2: No such file or directory),

@Suddenflame commented on GitHub (May 13, 2022): > @Suddenflame Are you able to temporarily disable SELinux to see if things start working? To confirm that it's SELinux? > > Alternatively you could watch/search your audit logs to see if you're getting related events: https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html/security-enhanced_linux/sect-security-enhanced_linux-fixing_problems-searching_for_and_viewing_denials New error message after disabling. 2022/05/13 14:04:27 [error] 1648#0: *1 open() "/var/www/bookstack/public/login" failed (2: No such file or directory),
OVERLORD commented 2026-02-05 05:13:19 +03:00
Author
Owner
Copy Link

@ssddanbrown commented on GitHub (May 14, 2022):

@Suddenflame Sounds like something wrong with your nginx config since requests are not being routed to the public/index.php file as expected. What does your BookStack nginx config look like?

@ssddanbrown commented on GitHub (May 14, 2022): @Suddenflame Sounds like something wrong with your nginx config since requests are not being routed to the `public/index.php` file as expected. What does your BookStack nginx config look like?
OVERLORD commented 2026-02-05 05:13:25 +03:00
Author
Owner
Copy Link

@Suddenflame commented on GitHub (May 16, 2022):

# For more information on configuration, see:
#   * Official English Documentation: http://nginx.org/en/docs/
#   * Official Russian Documentation: http://nginx.org/ru/docs/

user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;

# Load dynamic modules. See /usr/share/doc/nginx/README.dynamic.
include /usr/share/nginx/modules/*.conf;

events {
    worker_connections 1024;
}

http {
    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile            on;
    tcp_nopush          on;
    tcp_nodelay         on;
    keepalive_timeout   65;
    types_hash_max_size 2048;

    include             /etc/nginx/mime.types;
    default_type        application/octet-stream;

    # Load modular configuration files from the /etc/nginx/conf.d directory.
    # See http://nginx.org/en/docs/ngx_core_module.html#include
    # for more information.
    include /etc/nginx/conf.d/*.conf;

    server {
        listen       80 default_server;
        listen       [::]:80 default_server;
        server_name  _;
        #root         /usr/share/nginx/html;
		root /var/www/bookstack/public;
		index  index.php index.html;

        # Load configuration files for the default server block.
        include /etc/nginx/default.d/*.conf;

        location / {
        }
		location ~* \.php$ {
			# With php-fpm unix sockets
			fastcgi_pass unix:/run/php-fpm/www.sock;
			include         fastcgi_params;
			fastcgi_param   SCRIPT_FILENAME    $document_root$fastcgi_script_name;
			fastcgi_param   SCRIPT_NAME        $fastcgi_script_name;
		}
        error_page 404 /404.html;
            location = /40x.html {
        }

        error_page 500 502 503 504 /50x.html;
            location = /50x.html {
        }
    }
 #Settings for a TLS enabled server.

    server {
        listen       443 ssl http2 default_server;
        listen       [::]:443 ssl http2 default_server;
        server_name  _;
        #root         /usr/share/nginx/html;
		root /var/www/bookstack/public;
		index  index.php index.html;

        ssl_certificate "/etc/pki/nginx/server.crt";
        ssl_certificate_key "/etc/pki/nginx/private/server.key";
        ssl_session_cache shared:SSL:1m;
        ssl_session_timeout  10m;
        ssl_ciphers PROFILE=SYSTEM;
        ssl_prefer_server_ciphers on;

        #Load configuration files for the default server block.
        include /etc/nginx/default.d/*.conf;

        location / {
        }
		location ~* \.php$ {
			# With php-fpm unix sockets
			fastcgi_pass unix:/run/php-fpm/www.sock;
			include         fastcgi_params;
			fastcgi_param   SCRIPT_FILENAME    $document_root$fastcgi_script_name;
			fastcgi_param   SCRIPT_NAME        $fastcgi_script_name;
		}
        error_page 404 /404.html;
            location = /40x.html {
        }

        error_page 500 502 503 504 /50x.html;
            location = /50x.html {
        }
    }

}
@Suddenflame commented on GitHub (May 16, 2022): ``` # For more information on configuration, see: # * Official English Documentation: http://nginx.org/en/docs/ # * Official Russian Documentation: http://nginx.org/ru/docs/ user nginx; worker_processes auto; error_log /var/log/nginx/error.log; pid /run/nginx.pid; # Load dynamic modules. See /usr/share/doc/nginx/README.dynamic. include /usr/share/nginx/modules/*.conf; events { worker_connections 1024; } http { log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; access_log /var/log/nginx/access.log main; sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 2048; include /etc/nginx/mime.types; default_type application/octet-stream; # Load modular configuration files from the /etc/nginx/conf.d directory. # See http://nginx.org/en/docs/ngx_core_module.html#include # for more information. include /etc/nginx/conf.d/*.conf; server { listen 80 default_server; listen [::]:80 default_server; server_name _; #root /usr/share/nginx/html; root /var/www/bookstack/public; index index.php index.html; # Load configuration files for the default server block. include /etc/nginx/default.d/*.conf; location / { } location ~* \.php$ { # With php-fpm unix sockets fastcgi_pass unix:/run/php-fpm/www.sock; include fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param SCRIPT_NAME $fastcgi_script_name; } error_page 404 /404.html; location = /40x.html { } error_page 500 502 503 504 /50x.html; location = /50x.html { } } #Settings for a TLS enabled server. server { listen 443 ssl http2 default_server; listen [::]:443 ssl http2 default_server; server_name _; #root /usr/share/nginx/html; root /var/www/bookstack/public; index index.php index.html; ssl_certificate "/etc/pki/nginx/server.crt"; ssl_certificate_key "/etc/pki/nginx/private/server.key"; ssl_session_cache shared:SSL:1m; ssl_session_timeout 10m; ssl_ciphers PROFILE=SYSTEM; ssl_prefer_server_ciphers on; #Load configuration files for the default server block. include /etc/nginx/default.d/*.conf; location / { } location ~* \.php$ { # With php-fpm unix sockets fastcgi_pass unix:/run/php-fpm/www.sock; include fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param SCRIPT_NAME $fastcgi_script_name; } error_page 404 /404.html; location = /40x.html { } error_page 500 502 503 504 /50x.html; location = /50x.html { } } } ```
OVERLORD commented 2026-02-05 05:13:29 +03:00
Author
Owner
Copy Link

@ssddanbrown commented on GitHub (May 16, 2022):

@ssddanbrown both of your server { blocks are missing the handling for location / {, as can be seen here:

ed56c07a70/config/nginx/ubuntu-1604-install-config (L10-L12)

@ssddanbrown commented on GitHub (May 16, 2022): @ssddanbrown both of your `server {` blocks are missing the handling for `location / {`, as can be seen here: https://github.com/BookStackApp/devops/blob/ed56c07a709531855899847bb8c7691691d12c87/config/nginx/ubuntu-1604-install-config#L10-L12
OVERLORD commented 2026-02-05 05:13:35 +03:00
Author
Owner
Copy Link

@Suddenflame commented on GitHub (May 16, 2022):

Alright after all of that I finally got on to the login page thanks!

@Suddenflame commented on GitHub (May 16, 2022): Alright after all of that I finally got on to the login page thanks!
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
🎨 Design
📖 Docs Update
🐛 Bug
🐛 Bug
:cat2:🐈 Possible duplicate
💿 Database
Open to discussion
💻 Front-End
🐕 Support
🚪 Authentication
🌍 Translations
🔌 API Task
🏭 Back-End
Upstream
🔨 Feature Request
🛠️ Enhancement
🛠️ Enhancement
🛠️ Enhancement
❤️ Happy feedback
🔒 Security
🔍 Pending Validation
💆 UX
📝 WYSIWYG Editor
🌔 Out of scope
🔩 API Request
:octocat: Admin/Meta
🖌️ View Customization
Question
🚀 Priority
🛡️ Blocked
🚚 Export System
A11y
🔧 Maintenance
> Markdown Editor
No Label 🐕 Support
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
OVERLORD
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: starred/BookStack#2791
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?