Hi,
I am new with Magento (CE). Version 2 looks nice, so congrats to developers.
Well, to the point: I installed Magento 2 in a server running Nginx. I tried to follow the instructions on the installation manual, but I still got two messages I want to ask about:
1. One of my cron jobs gives me this result...
PHP Fatal error: Uncaught exception 'UnexpectedValueException' with message 'RecursiveDirectoryIterator::__construct(var/generation/Magento/CatalogUrlRewrite/Model/Storage): failed to open dir: Permission denied' in update/app/code/Magento/Update/CronReadinessCheck.php:84
(I removed my folder and URL for privacy sake)
...and I don't know what could be causing it or how to solve it.
2. When I log in to the backstore, I get a message which reads:
"Your web server is set up incorrectly and allows unauthorized access to sensitive files"
Without stating which are the sensitive files I would need to protect. How can I find out?
Thanking you...
For both issues it is because your file permissions are wrong.
I am going to make two assumptions for the sake of example, you will have to change them where they differ on your installation. They are that your nginx server process is installed and running as a user called 'nginx' and you have a regular account that you are using for adding files to the server called 'webuser'.
First you need to set the permissions on your magento web server directory so that you 'webuser' are the owner of the files and 'nginx' as the group. To do this, as a user with root privileges issue the command...
chown -R webuser:nginx /path
where /path = the root path for your magento installation.
Next change the permissions as follows ...
find . -type d -exec chmod 770 {} \; && find . -type f -exec chmod 660 {} \; && chmod u+x bin/magento
Now when you run the cron make sure you are doing this as the owner of the file system, in this example called 'webuser'.
Do NOT run it as root as the files created will have root as the owner.
You may have to repeat the application of permissions after you have run the cron scripts to ensure all files and directories created by the scripts have the correct permissions.
See this link about permissions and user/group setup:
http://devdocs.magento.com/guides/v2.0/install-gde/install/file-system-perms.html
Note that there is an open issue about this at:
https://github.com/magento/magento2/issues/2412
Please vote on this issue. I believe perms should be opened up as they are too strict now. There is nothing wrong with setting directories/files to 775/664.
Hello again,
Ok, I followed your instructions and changed the ownership to every file, but it is still giving me the error message on the main screen.
I will add this to the to-do list for the time being (perhaps it is a bug, as you stated, so I am going to give programmers some time to correct it and publish an update), and start configuring the store and placing the catalog of products prices.
Thanks,
Tedel