Cannot publish beyond the base webroot

horsager's Avatar

horsager

29 May, 2012 05:48 PM

We publish from Cascade to our Solaris web server using a proxy user.

When I create files/directories as the user on the server, my ACL's are retained and the proxy user creates them successfully.
However, if I publish from Cascade I can only publish files to the base webroot. Folders won't publish. Anything files deeper than the base root won't publish including files.

I've tried every combination or file permissions and ACL's I can think of so far.

  1. 1 Posted by Artur on 29 May, 2012 08:53 PM

    Artur's Avatar

    Could you please provide us with exact error message that appears in the publish report? Also, please verify that the user has rights to create folders on the web server. Also, does Cascade publish the assets using FTP or SFTP connection?

    Thanks

  2. 2 Posted by horsager on 30 May, 2012 01:48 PM

    horsager's Avatar

    Hi,

    An example of the error message is attached. I've tried the old account and a new one I setup. Both have rights to create folders. Both can SFTP from other locations and function normally. When I try to use them in Cascade as a transport I get the message attached.

    SFTP is being used to publish. Protocol version is 3.

  3. 3 Posted by Artur on 30 May, 2012 04:04 PM

    Artur's Avatar

    Thanks for the info. Looking at the line numbers in the logs, it appears that you are running an older version of Cascade Server and several modifications has been made to the SFTPShuttle class since then, one modification involving a fix for "SFTP publishing results with errors stating that a directory already exists" which is somewhat related. I would recommend upgrading Cascade Server to a newer version but to be sure it is Cascade causing problems in your specific case, using an SFTP client, please log in using the same account as provided in the FTP Transport and please attempt to create a folder inside and copy a file to it. This way we will know for sure it is problem with Cascade and not SFTP account settings. If you have any additional comments or questions, please comment below which will reopen this ticket. Thanks.

  4. Artur closed this discussion on 30 May, 2012 04:04 PM.

  5. horsager re-opened this discussion on 30 May, 2012 09:34 PM

  6. 4 Posted by horsager on 30 May, 2012 09:34 PM

    horsager's Avatar

    The account can do what you asked. I have now updated to 6.10.4 and the issue is still occurring.

    Chris

  7. 5 Posted by Artur on 30 May, 2012 09:43 PM

    Artur's Avatar

    Chris,

    Nothing has changed in that class since 6.10.4 so now we should be looking at the same and most up-to-date code. Could you please copy the errors from the logs again, after executing in 6.10.4?

    Thanks

  8. 6 Posted by horsager on 31 May, 2012 01:08 PM

    horsager's Avatar

    There were destination failures during the publish. Jobs publishing to the same destination have been skipped for this publish.
    [official] : com.hannonhill.cascade.model.publish.transmit.ShuttleRuntimeException: Error occurred during SFTP transport: Could not put file with path '/usr/local/etc/httpd/htdocs/style/landingpage.css' onto server: Permission denied at com.hannonhill.cascade.model.publish.transmit.SFTPShuttle.sendFile(SFTPShuttle.java:143) at com.hannonhill.cascade.model.publish.callback.TransmitCallbackImpl.transmitRendering(TransmitCallbackImpl.java:355) at com.hannonhill.cascade.model.publish.callback.TransmitCallbackImpl.access$000(TransmitCallbackImpl.java:53) at com.hannonhill.cascade.model.publish.callback.TransmitCallbackImpl$1.execute(TransmitCallbackImpl.java:115) at com.hannonhill.cascade.model.publish.callback.TransmitCallbackImpl.executeAndRetry(TransmitCallbackImpl.java:258) at com.hannonhill.cascade.model.publish.callback.TransmitCallbackImpl.transmit(TransmitCallbackImpl.java:127) at com.hannonhill.publish.Publisher$AggregateTransmitCallback.transmit(Publisher.java:1091) at com.hannonhill.publish.Publisher.transmit(Publisher.java:916) at com.hannonhill.publish.Publisher.publishInCurrentThread(Publisher.java:899) at com.hannonhill.publish.Publisher.access$1400(Publisher.java:71) at com.hannonhill.publish.Publisher$2.run(Publisher.java:714) at com.hannonhill.publish.DelegateRunner$1.run(DelegateRunner.java:88) at java.lang.Thread.run(Unknown Source) Caused by: com.hannonhill.cascade.model.publish.transmit.ShuttleRuntimeException: Could not put file with path '/usr/local/etc/httpd/htdocs/style/landingpage.css' onto server: Permission denied at com.hannonhill.cascade.model.publish.transmit.SFTPShuttle.putFile(SFTPShuttle.java:472) at com.hannonhill.cascade.model.publish.transmit.SFTPShuttle.sendFile(SFTPShuttle.java:118) ... 12 more Caused by: 3: Permission denied at com.jcraft.jsch.ChannelSftp.throwStatusError(ChannelSftp.java:2289) at com.jcraft.jsch.ChannelSftp._put(ChannelSftp.java:485) at com.jcraft.jsch.ChannelSftp.put(ChannelSftp.java:439) at com.jcraft.jsch.ChannelSftp.put(ChannelSftp.java:406) at com.hannonhill.cascade.model.publish.transmit.SFTPShuttle.putFile(SFTPShuttle.java:467) ... 13 more

  9. 7 Posted by horsager on 31 May, 2012 01:35 PM

    horsager's Avatar

    I think I figured that out... I take it Cascade does some kind of preminary check on file ownership and if the proxy account doesn't own a file it just declares permission denied? I have been granting rights through ACLs, but it appears that Cascade simply ignores them so you must be doing an extra ownership check outside of SFTP. That would explain why it works from anything else I try.

    -----Original Message-----
    From: Christopher Horsager
    Sent: Thursday, May 31, 2012 8:09 AM
    To: 'Artur'
    Subject: RE: Cannot publish beyond the base webroot [General]

    There were destination failures during the publish. Jobs publishing to the same destination have been skipped for this publish.
    [official] : com.hannonhill.cascade.model.publish.transmit.ShuttleRuntimeException: Error occurred during SFTP transport: Could not put file with path '/usr/local/etc/httpd/htdocs/style/landingpage.css' onto server: Permission denied at com.hannonhill.cascade.model.publish.transmit.SFTPShuttle.sendFile(SFTPShuttle.java:143) at com.hannonhill.cascade.model.publish.callback.TransmitCallbackImpl.transmitRendering(TransmitCallbackImpl.java:355) at com.hannonhill.cascade.model.publish.callback.TransmitCallbackImpl.access$000(TransmitCallbackImpl.java:53) at com.hannonhill.cascade.model.publish.callback.TransmitCallbackImpl$1.execute(TransmitCallbackImpl.java:115) at com.hannonhill.cascade.model.publish.callback.TransmitCallbackImpl.executeAndRetry(TransmitCallbackImpl.java:258) at com.hannonhill.cascade.model.publish.callback.TransmitCallbackImpl.transmit(TransmitCallbackImpl.java:127) at com.hannonhill.publish.Publisher$AggregateTransmitCallback.transmit(Publisher.java:1091) at com.hannonhill.publish.Publisher.transmit(Publisher.java:916) at com.hannonhill.publish.Publisher.publishInCurrentThread(Publisher.java:899) at com.hannonhill.publish.Publisher.access$1400(Publisher.java:71) at com.hannonhill.publish.Publisher$2.run(Publisher.java:714) at com.hannonhill.publish.DelegateRunner$1.run(DelegateRunner.java:88) at java.lang.Thread.run(Unknown Source) Caused by: com.hannonhill.cascade.model.publish.transmit.ShuttleRuntimeException: Could not put file with path '/usr/local/etc/httpd/htdocs/style/landingpage.css' onto server: Permission denied at com.hannonhill.cascade.model.publish.transmit.SFTPShuttle.putFile(SFTPShuttle.java:472) at com.hannonhill.cascade.model.publish.transmit.SFTPShuttle.sendFile(SFTPShuttle.java:118) ... 12 more Caused by: 3: Permission denied at com.jcraft.jsch.ChannelSftp.throwStatusError(ChannelSftp.java:2289) at com.jcraft.jsch.ChannelSftp._put(ChannelSftp.java:485) at com.jcraft.jsch.ChannelSftp.put(ChannelSftp.java:439) at com.jcraft.jsch.ChannelSftp.put(ChannelSftp.java:406) at com.hannonhill.cascade.model.publish.transmit.SFTPShuttle.putFile(SFTPShuttle.java:467) ... 13 more

  10. 8 Posted by Bradley Wagner on 31 May, 2012 09:02 PM

    Bradley Wagner's Avatar

    The error that you attached indicates that it's failing at a point where it's trying to execute a simple PUT call using SFTP.

    Did you say you figured the issue out? What was the solution? Can you attach the output of a terminal session that shows you using SFTP to PUT a file on your webserver from the server where your CMS resides?

  11. 9 Posted by horsager on 31 May, 2012 09:06 PM

    horsager's Avatar

    Yes, it's fixed. Something about Cascade's use of SFTP is ignoring ACL's. I swapped everything around so the proxy was getting rights from direct ownership (not ideal) instead of from ACL grants. SFTP calls from multiple hosts and applications all function properly the other way around.

    Thanks for your Help,

    Chris

  12. Bradley Wagner closed this discussion on 01 Jun, 2012 12:28 AM.

Comments are currently closed for this discussion. You can start a new one.

Keyboard shortcuts

Generic

? Show this help
ESC Blurs the current field

Comment Form

r Focus the comment reply box
^ + ↩ Submit the comment

You can use Command ⌘ instead of Control ^ on Mac