HTML Logo by World Wide Web Consortium (www.w3.org). Click to learn more about our commitment to accessibility and standards.

Moving forward with Composr

ocPortal has been relaunched as Composr CMS, which is now in beta. ocPortal 9 will be superseded by Composr 10.

Head over to compo.sr for our new site, and to our migration roadmap. Existing ocPortal member accounts have been mirrored.


Backup not working

Login / Search

 [ Join | More ]
 Add topic 
Posted
Rating:
#106823 (In Topic #20830)
TQ
Avatar

Honoured member

Hi

I've update to v9.0.18 and tried to do a backup today using the backup add-on which I've been using for a couple of years each week without problem. Unfortunately, since the update it only created a very small .txt file and no .tar & .gz files.

At the foot of the .txt file (which include a list of all the tables) is this:

Code

[07-Mar-2015 19:53:25 UTC] PHP Warning: opendir(,) [<a href='http://www.php.net/manual/en/function.opendir.php'>function.opendir.php</a>]: Access is denied. (code: 5) in sources\tar.php on line 251 @ http://hamfiles.co.uk/adminzone/index.php?page=admin_backup&type=make_backup


I have used the upgrader to check the file permissions which reports 'All permissions are correct'

Any suggestions would be much appreciated.

TQ
Back to the top
 
Posted
Rating:
#106825
Avatar

Hi,

I don't think this is a problem in the new patch release, just a coincidence. It's a weird one, it's like it finds a filesystem node called "," (comma), recognises it as a readable directory, then cannot access it.

I'm posting a hotfix that works around it, and logs a "cannot access" message to the log file before continuing. It'll also tidy up a few things, as we hadn't run through and tested the backup UI in a while.


Become a fan of ocPortal on Facebook or add me as a friend. Add me on on Twitter.
Was I helpful?
  • If not, please let us know how we can do better (please try and propose any bigger ideas in such a way that they are fundable and scalable).
  • If so, please let others know about ocPortal whenever you see the opportunity.
  • If my reply is too Vulcan or expressed too much in business-strategy terms, and not particularly personal, I apologise. As a company & project maintainer, time is very limited to me, so usually when I write a reply I try and make it generic advice to all readers. I'm also naturally a joined-up thinker, so I always express my thoughts in combined business and technical terms. I recognise not everyone likes that, don't let my Vulcan-thinking stop you enjoying ocPortal on fun personal projects.
  • If my response can inspire a community tutorial, that's a great way of giving back to the project as a user.
Back to the top
 
Important!
Posted
Rating:
#106826
Avatar

Automated fix message

TQ said

Hi

I've update to v9.0.18 and tried to do a backup today using the backup add-on which I've been using for a couple of years each week without problem. Unfortunately, since the update it only created a very small .txt file and no .tar & .gz files.

At the foot of the .txt file (which include a list of all the tables) is this:

Code

[07-Mar-2015 19:53:25 UTC] PHP Warning: opendir(,) [<a href='http://www.php.net/manual/en/function.opendir.php'>function.opendir.php</a>]: Access is denied. (code: 5) in sources\tar.php on line 251 @ http://hamfiles.co.uk/adminzone/index.php?page=admin_backup&type=make_backup


I have used the upgrader to check the file permissions which reports 'All permissions are correct'

Any suggestions would be much appreciated.

TQ
This issue has been filed on the tracker as issue #1818, with a fix.


Become a fan of ocPortal on Facebook or add me as a friend. Add me on on Twitter.
Was I helpful?
  • If not, please let us know how we can do better (please try and propose any bigger ideas in such a way that they are fundable and scalable).
  • If so, please let others know about ocPortal whenever you see the opportunity.
  • If my reply is too Vulcan or expressed too much in business-strategy terms, and not particularly personal, I apologise. As a company & project maintainer, time is very limited to me, so usually when I write a reply I try and make it generic advice to all readers. I'm also naturally a joined-up thinker, so I always express my thoughts in combined business and technical terms. I recognise not everyone likes that, don't let my Vulcan-thinking stop you enjoying ocPortal on fun personal projects.
  • If my response can inspire a community tutorial, that's a great way of giving back to the project as a user.
Important!
 
Posted
Rating:
#106828
TQ
Avatar

Honoured member

Chris Graham said

This issue has been filed on the tracker as issue #1818, with a fix.
Hi Chris,

Thanks for jumping on this so quickly!

Some progress but not so much. The report is slightly different and it does now create a .tar file even though it's 4Mb rather than over 900Mb.

This is the relevant part of the log (again preceded with the table names):

Code

Could not access C:\HostingSpaces\hamfiles.co.uk\hamfiles.co.uk\wwwroot/ [case 2]

TAR generated, now compressing it.


I have done a file integrity check with the following results:

Code

These files are actually missing and need uploading (you can find them in the manual installer ZIP for the version you're running):

  • site/pages/html_custom/EN/download_tree_made.htm

These files are outdated (you can find the correct versions in the manual installer ZIP for the version you're running):

  • themes/default/images/favicon.ico

These files do not match the ones bundled with your version, but claim to be newer (so these might be bug fixes someone has put here):

  • sources/failure.php
  • sources/input_filter.php
  • sources/tar.php

The only obvious anomaly is the missing file, what's this all about. It's nothing I've added then removed (as far as I remember).

For full disclosure I should mention 2 things; this is a Windows box and that last weekend 2 separate hackers managed to get into all the sites and write index.html & default.html files into every site folder plus a couple of php files to 2 domains. I have a few sites that use php so no blame is apportioned to OCP but I thought I'd mention it.

I'm owning up to this because of your comment about it being a coincidence as I have trawled the server and tweaked some folder security setting since last weekends event. I should also mention that I didn't need to do anything to the OCP site as I had already (recently) checked the permissions with the upgrader.

Your thoughts would be very much appreciated.

TQ
Back to the top
 
Posted
Rating:
#106829
Avatar

Ah, ok. This is making more sense now. PHP is quite linuxy, it does not interact with the full Windows permissions model, it considers files/directories 'readable' and 'writable' and not much else – meaning any errors observed are some levels removed from the actual permissions configuration mechanism used.

I misinterpreted the original error. There is no directory called "comma", just ocPortal stripped the path from the error message for security reasons (we avoid path disclosure vulnerabilities).

Make sure the base directory has directory listing permissions for your web user (not sure if it is IIS_USR, or whatever – depends how Windows is configured), it'll definitely be something like that.


Become a fan of ocPortal on Facebook or add me as a friend. Add me on on Twitter.
Was I helpful?
  • If not, please let us know how we can do better (please try and propose any bigger ideas in such a way that they are fundable and scalable).
  • If so, please let others know about ocPortal whenever you see the opportunity.
  • If my reply is too Vulcan or expressed too much in business-strategy terms, and not particularly personal, I apologise. As a company & project maintainer, time is very limited to me, so usually when I write a reply I try and make it generic advice to all readers. I'm also naturally a joined-up thinker, so I always express my thoughts in combined business and technical terms. I recognise not everyone likes that, don't let my Vulcan-thinking stop you enjoying ocPortal on fun personal projects.
  • If my response can inspire a community tutorial, that's a great way of giving back to the project as a user.
Back to the top
 
Posted
Rating:
#106832
TQ
Avatar

Honoured member

Hi Chris,

Again, thanks for the quick response!

I've checked the entire site, folder by folder, and I can see no security setting errors at all.

In the time between your last 2 messages I discovered that the url for an animated gif file I had on the home page was corrupt so I removed it.

Now, if I run backup I get the 'TAR generated, now compressing it. Your action was successful.' messages at the end of the log file.

Problem is, the .tar only contains the database, not the site. It is equivalent to selecting 'Database Backup Only' even though 'Full Backup' is selected.

If I do a db only backup it's size, byte-for-byte, is identical to the so-called full backup.

Any last thoughts ...

Thanks again

TQ
Back to the top
 
Posted
Rating:
#106833
Avatar

ocPortal is definitely not being allowed to list the files in the base directory, there's nothing else I can say about it I'm afraid.


Become a fan of ocPortal on Facebook or add me as a friend. Add me on on Twitter.
Was I helpful?
  • If not, please let us know how we can do better (please try and propose any bigger ideas in such a way that they are fundable and scalable).
  • If so, please let others know about ocPortal whenever you see the opportunity.
  • If my reply is too Vulcan or expressed too much in business-strategy terms, and not particularly personal, I apologise. As a company & project maintainer, time is very limited to me, so usually when I write a reply I try and make it generic advice to all readers. I'm also naturally a joined-up thinker, so I always express my thoughts in combined business and technical terms. I recognise not everyone likes that, don't let my Vulcan-thinking stop you enjoying ocPortal on fun personal projects.
  • If my response can inspire a community tutorial, that's a great way of giving back to the project as a user.
Back to the top
 
1 guests and 0 members have just viewed this: None
Control functions:

Quick reply   Contract

Your name:
Your message: