New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Permission denied: search permissions are missing on a component of the path #6872
Comments
I may file a separate issue later for the |
My understanding is that we don't have any code that helps users who get into this state doing something like checking for it and then warning about it and/or fixing it, but we're not sure how it happens. When we create |
is this problem possible because of a more restrictive umask setting? I had umask 077 and /var/lib/letsencrypt was "drwx------" after certbot installation. Certificate request worked after I fixed the rights (added rx for others). |
Could be! We actually fixed the umask problem in our 1.3.0 release today. The PR with that change is #7742. Since I think this could have fixed the problem and we haven't seen any other updates here, I'm going to close this issue for now but please comment or open a new issue if the problems persist with an up-to-date version of Certbot. |
I have a more restrictive umask on my system (027) and I still got hit with this error today. Not sure whether a patch was supposed to land for this, but it's still broken. |
@twkonefal, check your Certbot version with |
My umask is set in /etc/profiles. The fix was "chmod o+x /var/lib/letsencrypt/". |
I am sorry but there are likely two unrelated issues in this report. The important one is the second (see title).
My operating system is (include version):
Distributor ID: Ubuntu
Description: Ubuntu 16.04.6 LTS
Release: 16.04
Codename: xenial
I installed Certbot with (certbot-auto, OS package manager, pip, etc):
certbot-auto probably, it's a self-contained executable (not inside package)
I ran this command and it produced this output:
I found the first issue in cron logs
cron:
/root/certbot-auto renew --no-self-upgrade --quiet
I figured I need to upgrade so I ran this manually:
/root/certbot-auto renew
I have a
fancy
ServerAlias/ServerName/DocumentRoot setup so I figured certbot got confused and disabled everything. This lead to the important issue:The apache error log contained this:
The error message indicated how to solve the actual problem:
chmod o+x /var/lib/letsencrypt/
=> profitSo... you might want to fix it on your end.
The text was updated successfully, but these errors were encountered: