FreshRSS: Permission is denied for `/opt/FreshRSS/data/users/dietpi/log.txt`

Troubleshooting
1

Hi everyone,
Running DietPi 6.28.0, with pi-hole (pihole 4.4, FTL 4.3.1) and dependencies (GIT, LLSP) with DropBear, everything up to date as of today (2020/04/21).

I installed FreshRSS, but encountered two issues:

  1. http://dietpi/freshrss redirects to the pi-hole page “did you mean to go to the admin page?”
    This was resolved by running the following:
sed -i 's|/var/www/html|/var/www|g' /etc/lighttpd/lighttpd.conf
systemctl restart lighttpd
  1. [current issue] When loading http://dietpi/freshrss and logging in, I receive the following error:
### Application problem ### 
Permission is denied for `/opt/FreshRSS/data/users/dietpi/log.txt`

2.1 The following command as recommended here https://github.com/FreshRSS/FreshRSS/issues/1825 did not resolve the issue

sudo chown -R :www-data . && sudo chmod -R g+r . && sudo chmod -R g+w ./data/

I am quite new at linux, so I apologise in advance if this is a simple issue to solve.

2

Hi,

many thanks for your report. I guess you would need to change your last statement a little bit and specify complete path to the FreshRSS data directory

chown -R :www-data . && sudo chmod -R g+r . && sudo chmod -R g+w /opt/FreshRSS/data/

pls can you do a ls -la /opt/FreshRSS/ before and after you executed the command.

3

Thank you Joulinar for your very prompt response!

Apologies, I read your last sentence too late and ran the command before I got to the “before you run the command” part. Typical, hey? My bad, I’m sorry.

The command did not resolve the issue. Please see the output from
ls -la /opt/FreshRSS/ below (after the command was run & dietpi restarted):

root@DietPi:~# ls -la /opt/FreshRSS/
total 312
drwxrwxr-x 12 root www-data  4096 Apr 20 22:27 .
drwxr-xr-x  4 root root      4096 Apr 21 10:41 ..
drwxrwxr-x 11 root www-data  4096 Apr 20 22:27 app
-rw-rw-r--  1 root www-data 90679 Apr 20 22:27 CHANGELOG.md
drwxrwxr-x  3 root www-data  4096 Apr 20 22:27 cli
-rw-rw-r--  1 root www-data  6055 Apr 20 22:27 config.default.php
-rw-rw-r--  1 root www-data  2609 Apr 20 22:27 config-user.default.php
-rw-rw-r--  1 root www-data  2285 Apr 20 22:27 constants.php
-rw-rw-r--  1 root www-data  3393 Apr 20 22:27 CONTRIBUTING.md
-rw-rw-r--  1 root www-data 14328 Apr 20 22:27 CREDITS.md
drwxrwxr-x  9 root www-data  4096 Apr 21 10:41 data
drwxrwxr-x  3 root www-data  4096 Apr 20 22:27 Docker
-rw-rw-r--  1 root www-data    69 Apr 20 22:27 .dockerignore
drwxrwxr-x  8 root www-data  4096 Apr 20 22:27 docs
-rw-rw-r--  1 root www-data   525 Apr 20 22:27 .editorconfig
drwxrwxr-x  2 root www-data  4096 Apr 20 22:27 extensions
-rw-rw-r--  1 root www-data   250 Apr 20 22:27 force-https.default.txt
-rw-rw-r--  1 root www-data    19 Apr 20 22:27 .gitattributes
drwxrwxr-x  2 root www-data  4096 Apr 20 22:27 .github
-rw-rw-r--  1 root www-data   166 Apr 20 22:27 .gitignore
-rw-rw-r--  1 root www-data    93 Apr 20 22:27 .hadolint.yaml
-rw-rw-r--  1 root www-data   308 Apr 20 22:27 index.html
-rw-rw-r--  1 root www-data    64 Apr 20 22:27 index.php
-rw-rw-r--  1 root www-data    85 Apr 20 22:27 .jshintignore
-rw-rw-r--  1 root www-data    95 Apr 20 22:27 .jshintrc
drwxrwxr-x  6 root www-data  4096 Apr 20 22:27 lib
-rw-rw-r--  1 root www-data 34523 Apr 20 22:27 LICENSE.txt
-rw-rw-r--  1 root www-data  3212 Apr 20 22:27 Makefile
-rw-rw-r--  1 root www-data   263 Apr 20 22:27 .markdownlint.json
-rw-rw-r--  1 root www-data   548 Apr 20 22:27 opml.default.xml
drwxrwxr-x  6 root www-data  4096 Apr 20 22:27 p
-rw-rw-r--  1 root www-data  4596 Apr 20 22:27 phpcs.xml
-rw-rw-r--  1 root www-data 13685 Apr 20 22:27 README.fr.md
-rw-rw-r--  1 root www-data  9089 Apr 20 22:27 README.md
-rw-rw-r--  1 root www-data   136 Apr 20 22:27 .stylelintignore
-rw-rw-r--  1 root www-data  1970 Apr 20 22:27 .stylelintrc
drwxrwxr-x  3 root www-data  4096 Apr 20 22:27 tests
-rw-rw-r--  1 root www-data  2416 Apr 20 22:27 .travis.yml

Screenshot, for what it’s worth: https://i.imgur.com/v80nNLD.png

Thanks again!

*Update: The folder ‘dietpi’ does exist in /opt/FreshRSS/data/users, but I assume with the correct permissions, the webserver should have writing capabilities?

Below the output of ls -la /opt/FreshRSS/ for those directories:

/opt/FreshRSS/data:
total 56
drwxrwxr-x  9 root     www-data 4096 Apr 21 10:41 .
drwxrwxr-x 12 root     www-data 4096 Apr 20 22:27 ..
drwxrwxr-x  2 root     www-data 4096 Apr 20 22:27 cache
-rw-rw-r--  1 www-data www-data  456 Apr 21 10:41 config.php
drwxrwxr-x  2 root     www-data 4096 Apr 20 22:27 extensions-data
drwxrwxr-x  2 root     www-data 4096 Apr 20 22:27 favicons
drwxrwxr-x  2 root     www-data 4096 Apr 20 22:27 fever
-rw-rw-r--  1 root     www-data  137 Apr 20 22:27 .gitignore
-rw-rw-r--  1 root     www-data  174 Apr 21 10:41 .htaccess
-rw-rw-r--  1 root     www-data  309 Apr 21 10:41 index.html
drwxrwxr-x  4 root     www-data 4096 Apr 20 22:27 PubSubHubbub
drwxrwxr-x  2 root     www-data 4096 Apr 20 22:27 tokens
-rw-rw-r--  1 root     www-data 2771 Apr 20 22:27 tos.example.html
drwxrwxr-x  3 root     www-data 4096 Apr 20 22:27 users

/opt/FreshRSS/data/users:
total 20
drwxrwxr-x 3 root www-data 4096 Apr 20 22:27 .
drwxrwxr-x 9 root www-data 4096 Apr 21 10:41 ..
drwxrwxr-x 2 root www-data 4096 Apr 20 22:27 _
-rw-rw-r-- 1 root www-data   42 Apr 20 22:27 .gitignore
-rw-rw-r-- 1 root www-data  309 Apr 21 10:41 index.html

/opt/FreshRSS/data/users/_:
total 12
drwxrwxr-x 2 root www-data 4096 Apr 20 22:27 .
drwxrwxr-x 3 root www-data 4096 Apr 20 22:27 ..
-rw-rw-r-- 1 root www-data    0 Apr 20 22:27 .gitignore
-rw-rw-r-- 1 root www-data  309 Apr 21 10:41 index.html
4

probably you would need to create the folder ‘dietpi’ and assign correct permissions

mkdir /opt/FreshRSS/data/users/dietpi/
chmod 775 /opt/FreshRSS/data/users/dietpi/
chown www-data:www-data /opt/FreshRSS/data/users/dietpi/
reboot
5

thank you, this resolved the error message.

Although, now I cannot log in. Tried (username, password): dietpi, dietpi; root, dietpi; dietpi, ; root, ; freshrss, , etc.

In FreshRSS config, freshrss, dietpi and is correctly configured for mariadb access, as far as I can tell.

Following https://github.com/FreshRSS/FreshRSS/issues/1082#issuecomment-185222031 I set ‘auth_type’ => ‘none’, but after reboot, FreshRSS returns a HTTP 500 error on http://192.168.8.125/freshrss/i/

Manually loading http://192.168.8.125/freshrss/i/?c=user&a=profile returns a valid website, where I can change the ‘dietpi’ password, but upon clicking save, it returns to a HTTP 500 error.

I think I set ‘auth_type’ => ‘form’ again, reboot, reload http://192.168.8.125/freshrss/i/?c=user&a=profile, which allowed me to reset the password again, after which it saved correctly, but now:

When I log in with incorrect details, logon screen shows ‘invalid password’ (correct behaviour; previously returned OP error message)
When I log in with correct details, the logon screen proceeds to a HTTP 500 error.

I’ll try playing around with this later again. For now, I uninstalled it, cleared it’s directory in /opt/ and deleted the database (so I can start with a clean slate)

Since you resolved my initial issue, I’m marking your answer as the solution, and the rest of the issues here are with FreshRSS and it’s conflicts with PiHole (probably) or misconfigured MariaDB database, and not with DietPi itself. My money is on PiHole, since any url following dietpi, e.g. http://192.168.8.125/fakesite, returns PiHole’s webpage “did you mean to go to the (PiHole) admin panel?”

6

I tinkered around so much, I don’t know what solved it, but it’s working now.

What I think also had an effect: My GlobalPassword had a forbidden symbol: ‘$’

I changed by global password, rebooted, installed FreshRSS, rebooted, launched webpage. Upon login, still OP error 1 & 2. For 2: created new user, logged in successfully, went to profile management, made myself admin privs, and yeah, everything seems to be working now.

I’d like to think it was the password that was the issue. Maybe https://github.com/MichaIng/DietPi/issues/2215 is related.

7

issue 1 is related to PiHole as Pihole by default is blocking access to the web server other than PiHole itself

8

I ran into these same issues. #1 appears to be DietPi incorrectly setting the account owner of the FreshRSS directory to root instead of www-data which was fixed by changing it recursively to www-data, and #2 appears to be that the ‘dietpi’ user doesn’t successfully get created in FreshRSS which was fixed by creating a user and editing FreshRSS/data/config.php to set the newly created FreshRSS user as ‘default_user’.