Metasploit mailing list archives

Previous By Date Next
Previous By Thread Next

Re: MSP Thin Rails permission issue

From: rdd37it () hotmail com
Date: Tue, 08 Nov 2011 11:41:53 -0600
-------- Original Message --------
Subject: Re: [framework] MSP Thin Rails permission issue
 Date:   Tue, 08 Nov 2011 00:47:21 -0600
 From:   HD Moore [1]<hdm () metasploit com>
  To:    [2]framework () spool metasploit com
On 11/7/2011 1:30 PM, RDD IT wrote:

I dug around for awhile and it looks like the following error
 in apps/pro/ui/log/thin.log may be related:

Writing PID to log/thin.pid
Using rails adapter
Exiting!

/opt/metasploit-4.1.2/ruby/lib/ruby/gems/1.9.1/gems/rails-2.3.5/lib/initializer.rb:902:in
read': Permission denied -
/opt/metasploit-4.1.2/apps/pro/ui/config/database.yml (Errno::EACCES)

I've run all commands as root, so file/directory permissions should not
be an issue.



Does this suggest that the database credentials in database.yml file
don't align with those created in the postgres install process? Any
suggestions?



Thanks for the report. We run the "thin" service as a non-root user;
somehow the permissions were modified so that this service can no longer
read the database configuration file. Can you double check and make sure
the 'daemon' user has read access to this file?



The files that 'daemon' should own include:



Yup, that was the issue. The list of files within my directory owned by daemon was short two: 
./apps/pro/ui/log/production.log and ./apps/pro/ui/log/thin.pid. 
chown -R daemon:root apps/pro/ui/log/; all services then start without issue.

I hadn't changed any ownership / permissions previously, so I'm not sure why this came up. 

Regardless, thank you very much for the assistance.
_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework
Previous By Date Next
Previous By Thread Next

Current thread: