You are not logged in.

#1 2014-01-26 17:31:48

mamr
Member
Registered: 2008-08-16
Posts: 63

[Solved] Tiny Tiny RSS and file permissions

I'd like to install Tiny Tiny RSS on my Raspberry Pi running Arch. I already installed Lighttpd, PHP, MariaDB and tt-rss and configured tt-rss.

My config.php looks like this:

<?php
	// *******************************************
	// *** Database configuration (important!) ***
	// *******************************************

	define('DB_TYPE', 'mysql');
	define('DB_HOST', '');
	define('DB_USER', 'ttrss');
	define('DB_NAME', 'ttrss');
	define('DB_PASS', 'MYSECRETPW');
	define('DB_PORT', '');

	define('MYSQL_CHARSET', 'UTF8');
	// Connection charset for MySQL. If you have a legacy database and/or experience
	// garbage unicode characters with this option, try setting it to a blank string.

	// ***********************************
	// *** Basic settings (important!) ***
	// ***********************************

	define('SELF_URL_PATH', 'http://192.168.1.7/tt-rss/');
	// Full URL of your tt-rss installation. This should be set to the
	// location of tt-rss directory, e.g. http://example.org/tt-rss/
	// You need to set this option correctly otherwise several features
	// including PUSH, bookmarklets and browser integration will not work properly.

	define('FEED_CRYPT_KEY', '');
	// Key used for encryption of passwords for password-protected feeds
	// in the database. A string of 24 random characters. If left blank, encryption
	// is not used. Requires mcrypt functions.
	// Warning: changing this key will make your stored feed passwords impossible
	// to decrypt.
	
	define('SINGLE_USER_MODE', false);
	// Operate in single user mode, disables all functionality related to
	// multiple users and authentication. Enabling this assumes you have
	// your tt-rss directory protected by other means (e.g. http auth).

	define('SIMPLE_UPDATE_MODE', false);
	// Enables fallback update mode where tt-rss tries to update feeds in
	// background while tt-rss is open in your browser. 
	// If you don't have a lot of feeds and don't want to or can't run 
	// background processes while not running tt-rss, this method is generally 
	// viable to keep your feeds up to date.
	// Still, there are more robust (and recommended) updating methods 
	// available, you can read about them here: http://tt-rss.org/wiki/UpdatingFeeds

	// *****************************
	// *** Files and directories ***
	// *****************************

	define('PHP_EXECUTABLE', '/usr/bin/php');
	// Path to PHP *COMMAND LINE* executable, used for various command-line tt-rss 
	// programs and update daemon. Do not try to use CGI binary here, it won't work. 
	// If you see HTTP headers being displayed while running tt-rss scripts, 
	// then most probably you are using the CGI binary. If you are unsure what to 
	// put in here, ask your hosting provider.

	define('LOCK_DIRECTORY', 'lock');
	// Directory for lockfiles, must be writable to the user you run
	// daemon process or cronjobs under.

	define('CACHE_DIR', 'cache');
	// Local cache directory for RSS feed content.

	define('ICONS_DIR', "feed-icons");
	define('ICONS_URL', "feed-icons");
	// Local and URL path to the directory, where feed favicons are stored.
	// Unless you really know what you're doing, please keep those relative
	// to tt-rss main directory.

	// **********************
	// *** Authentication ***
	// **********************

	// Please see PLUGINS below to configure various authentication modules.

	define('AUTH_AUTO_CREATE', true);
	// Allow authentication modules to auto-create users in tt-rss internal
	// database when authenticated successfully.

	define('AUTH_AUTO_LOGIN', true);
	// Automatically login user on remote or other kind of externally supplied
	// authentication, otherwise redirect to login form as normal.
	// If set to true, users won't be able to set application language
	// and settings profile.

	// *********************
	// *** Feed settings ***
	// *********************

	define('FORCE_ARTICLE_PURGE', 0);
	// When this option is not 0, users ability to control feed purging
	// intervals is disabled and all articles (which are not starred) 
	// older than this amount of days are purged.

	// *** PubSubHubbub settings ***

	define('PUBSUBHUBBUB_HUB', '');
	// URL to a PubSubHubbub-compatible hub server. If defined, "Published
	// articles" generated feed would automatically become PUSH-enabled.

	define('PUBSUBHUBBUB_ENABLED', false);
	// Enable client PubSubHubbub support in tt-rss. When disabled, tt-rss
	// won't try to subscribe to PUSH feed updates.

	// *********************
	// *** Sphinx search ***
	// *********************

	define('SPHINX_ENABLED', false);
	// Enable fulltext search using Sphinx (http://www.sphinxsearch.com)
	// Please see http://tt-rss.org/wiki/SphinxSearch for more information.

	define('SPHINX_SERVER', 'localhost:9312');
	// Hostname:port combination for the Sphinx server.

	define('SPHINX_INDEX', 'ttrss, delta');
	// Index name in Sphinx configuration. You can specify multiple indexes
	// as a comma-separated string.
	// Example configuration files are available on tt-rss wiki.

	// ***********************************
	// *** Self-registrations by users ***
	// ***********************************

	define('ENABLE_REGISTRATION', false);
	// Allow users to register themselves. Please be aware that allowing
	// random people to access your tt-rss installation is a security risk
	// and potentially might lead to data loss or server exploit. Disabled
	// by default.

	define('REG_NOTIFY_ADDRESS', 'user@your.domain.dom');
	// Email address to send new user notifications to.

	define('REG_MAX_USERS', 10);
	// Maximum amount of users which will be allowed to register on this
	// system. 0 - no limit.

	// **********************************
	// *** Cookies and login sessions ***
	// **********************************
	
	define('SESSION_COOKIE_LIFETIME', 86400);
	// Default lifetime of a session (e.g. login) cookie. In seconds, 
	// 0 means cookie will be deleted when browser closes.

	define('SESSION_CHECK_ADDRESS', 1);
	// Check client IP address when validating session:
	// 0 - disable checking
	// 1 - check first 3 octets of an address (recommended)
	// 2 - check first 2 octets of an address
	// 3 - check entire address

	// *********************************
	// *** Email and digest settings ***
	// *********************************

	define('SMTP_FROM_NAME', 'Tiny Tiny RSS');
	define('SMTP_FROM_ADDRESS', 'noreply@your.domain.dom');
	// Name, address and subject for sending outgoing mail. This applies
	// to password reset notifications, digest emails and any other mail.

	define('DIGEST_SUBJECT', '[tt-rss] New headlines for last 24 hours');
	// Subject line for email digests

	define('SMTP_SERVER', '');
	// Hostname:port combination to send outgoing mail (i.e. localhost:25). 
	// Blank - use system MTA.
	
	define('SMTP_LOGIN', '');
	define('SMTP_PASSWORD', '');
	// These two options enable SMTP authentication when sending
	// outgoing mail. Only used with SMTP_SERVER.

	define('SMTP_SECURE', '');
	// Used to select a secure SMTP connection. Allowed values: ssl, tls,
	// or empty.
	
	// ***************************************
	// *** Other settings (less important) ***
	// ***************************************

	define('CHECK_FOR_NEW_VERSION', true);
	// Check for new versions of tt-rss automatically.

	define('DETECT_ARTICLE_LANGUAGE', true);
	// Detect article language when updating feeds, presently this is only
	// used for hyphenation. This may increase amount of CPU time used by 
	// update processes, disable if necessary (i.e. you are being billed
	// for CPU time).

	define('ENABLE_GZIP_OUTPUT', false);
	// Selectively gzip output to improve wire performance. This requires
	// PHP Zlib extension on the server.
	// Enabling this can break tt-rss in several httpd/php configurations,
	// if you experience weird errors and tt-rss failing to start, blank pages
	// after login, or content encoding errors, disable it.

	define('PLUGINS', 'auth_internal, note, updater');
	// Comma-separated list of plugins to load automatically for all users.
	// System plugins have to be specified here. Please enable at least one
	// authentication plugin here (auth_*).
	// Users may enable other user plugins from Preferences/Plugins but may not
	// disable plugins specified in this list.
	// Disabling auth_internal in this list would automatically disable
	// reset password link on the login form.
	
	define('LOG_DESTINATION', 'sql');
	// Log destination to use. Possible values: sql (uses internal logging
	// you can read in Preferences -> System), syslog - logs to system log.
	// Setting this to blank uses PHP logging (usually to http server 
	// error.log).

	define('CONFIG_VERSION', 26);
	// Expected config version. Please update this option in config.php
	// if necessary (after migrating all new options from this file).

	// vim:ft=php

After setting the config.php I modified the permissions of different files:

chmod -R 777 cache/upload && chmod -R 777 cache/images && chmod -R 777 cache/export && chmod -R 777 cache/js && chmod -R 777 feed-icons && chmod -R 777 lock

"ls -l /srv/http/tt-rss/":

-rw-r--r--  1 root root 17987 Dec 18 03:26 LICENSE
-rw-r--r--  1 root root  1433 Dec 18 03:26 README.md
drwxr-xr-x  2 root root  4096 Dec 18 03:26 api
-rw-r--r--  1 root root  1272 Dec 18 03:26 atom-to-html.xsl
-rw-r--r--  1 root root  3778 Dec 18 03:26 backend.php
lrwxrwxrwx  1 root root    21 Dec 18 15:56 cache -> /var/lib/tt-rss/cache
drwxr-xr-x  8 root root  4096 Dec 18 03:26 classes
-rw-r--r--  1 root root  8668 Jan 26 10:23 config.php
-rw-r--r--  1 root root  8728 Dec 18 03:26 config.php-dist
drwxr-xr-x  2 root root  4096 Dec 18 03:26 css
-rw-r--r--  1 root root  1542 Dec 18 03:26 errors.php
lrwxrwxrwx  1 root root    26 Dec 18 15:56 feed-icons -> /var/lib/tt-rss/feed-icons
-rw-r--r--  1 root root  1440 Dec 18 03:26 image.php
drwxr-xr-x  2 root root  4096 Dec 18 03:26 images
drwxr-xr-x  2 root root  4096 Dec 18 03:26 include
-rw-r--r--  1 root root 10087 Dec 18 03:26 index.php
drwxr-xr-x  2 root root  4096 Dec 18 03:26 install
drwxr-xr-x  2 root root  4096 Dec 18 03:26 js
drwxr-xr-x 14 root root  4096 Dec 18 03:26 lib
drwxr-xr-x 21 root root  4096 Dec 18 03:26 locale
lrwxrwxrwx  1 root root    20 Dec 18 15:56 lock -> /var/lib/tt-rss/lock
-rw-r--r--  1 root root 69372 Dec 18 03:26 messages.pot
-rw-r--r--  1 root root   805 Dec 18 03:26 opml.php
drwxr-xr-x 38 root root  4096 Dec 18 03:26 plugins
-rw-r--r--  1 root root  4615 Dec 18 03:26 prefs.php
-rw-r--r--  1 root root  1510 Dec 18 03:26 public.php
-rw-r--r--  1 root root 10248 Dec 18 03:26 register.php
drwxr-xr-x  3 root root  4096 Dec 18 03:26 schema
drwxr-xr-x  2 root root  4096 Dec 18 03:26 templates
drwxr-xr-x  2 root root  4096 Dec 18 03:26 themes
lrwxrwxrwx  1 root root    25 Jan 26 09:19 tt-rss -> /usr/share/webapps/tt-rss
-rwxr-xr-x  1 root root  9587 Dec 18 03:26 update.php
-rwxr-xr-x  1 root root  5988 Dec 18 03:26 update_daemon2.php
drwxr-xr-x  2 root root  4096 Dec 18 03:26 utils

"ls -l /srv/http/tt-rss/cache/":

drwxrwxrwx 2 http http 4096 Dec 18 03:26 export
drwxrwxrwx 2 http http 4096 Dec 18 03:26 images
drwxrwxrwx 2 http http 4096 Dec 18 03:26 js
drwxrwxrwx 2 http http 4096 Dec 18 03:26 simplepie
drwxrwxrwx 2 http http 4096 Dec 18 03:26 upload

Still, when I try to open http://192.168.1.7/tt-rss/ tt-rss tells me that it wasn't able to start properly because the file permissions for cache/images, cache/upload, cache/export, chmod -R 777 cache/js, feed-icons and lock need to be set to chmod -R 777. But that's what I already did. Any advice?

Last edited by mamr (2014-02-02 11:32:49)

Offline

#2 2014-01-26 19:36:50

jamesbond007
Member
From: Germany
Registered: 2009-06-14
Posts: 150

Re: [Solved] Tiny Tiny RSS and file permissions

Hi mamr,

I don't use Tiny Tiny RSS on my archlinux machine, but on a server that runs Debian. The only thing I had to do there was this:

cd /var/www/mysite/
chown -R www-data:www-data ttrss/ 

"www-data" is the user that is used to run the web server (apache2).

Offline

#3 2014-01-27 16:37:45

mamr
Member
Registered: 2008-08-16
Posts: 63

Re: [Solved] Tiny Tiny RSS and file permissions

Thanks for your help. I didn't have much time to fiddle around so I installed Debian and got ttrss to work with it. Thanks though!

Offline

#4 2014-01-30 17:43:08

mamr
Member
Registered: 2008-08-16
Posts: 63

Re: [Solved] Tiny Tiny RSS and file permissions

Since the whole thing is running on a Raspberry Pi, I tried Arch again today. (Hope to get more speed out of the system and I like Arch more than Debian for this hobby project.)

Now I have a different problem. I symlinked like I was told in the wiki:

ln -s /usr/share/webapps/tt-rss /srv/http/tt-rss

I can point my browser to the installer on http://localhost/tt-rss/install/ and do the steps over there. I created /etc/webapps/tt-rss/config.php and inserted the text created by the installer. I saved config.php and tried to point my browser to http://localhost/tt-rss/. I should be able to log in by now but this doesn't work. I always get thrown back to http://localhost/tt-rss/install/ although I explicitly try to go to http://localhost/tt-rss/.

The config.php seems to be readable by the user http (which seems to be running lighttpd). ls -l /etc/webbapps/tt-rss/ tells me

-rw-r--r--

for /etc/webapps/config.php.

What made me suspicous is that there is no config.php in /srv/http/tt-rss/. Is this a problem? I don't get where the config.php has to be stored. The wiki tells me to store it in /etc/webapps/tt-rss/. But tt-rss doesn't seem to recognize the config.php.

Offline

#5 2014-01-31 14:28:23

ewigkeit
Member
Registered: 2009-01-06
Posts: 53

Re: [Solved] Tiny Tiny RSS and file permissions

The informations in the Wiki are not up to date. Especially this:

tt-rss requires that the value of open_basedir is "none".

I ran ttrss for some time manually, till I discovered recently that it's in the repos. So I switched to the Arch-Package. You just need to install it, setup the database and - that' what took me some time to figure out - edit php.ini because of missing permissions. The following lines are working for me, but there might be security issues - or better ways to get it working!:

/etc/php/php.ini

include_path = ".:/usr/share/pear:/etc/webapps/tt-rss"
...
open_basedir = /srv/http/:/home/:/tmp/:/usr/share/pear/:/usr/share/webapps/:/etc/webapps/:/var/lib/tt-rss

and uncomment the following (if you didn't do that already):

extension=curl.so
extension=iconv.so
extension=mysql.so
extension=posix.so
extension=soap.so

Hopefully, this puts you in the right direction.

Offline

#6 2014-02-02 11:32:28

mamr
Member
Registered: 2008-08-16
Posts: 63

Re: [Solved] Tiny Tiny RSS and file permissions

Thanks for your help! It does work now. Since this is a device intended for testing, security is not an issue for me.

Offline

Board footer

Powered by FluxBB