Error "php is not writable" even with everything chmoded to 0777

The green HEALTH CHECK button (in the “About” menu) of my self-hosted installation of InvoiceNinja v5.10.29-W171 running on Ubuntu 24.04.1 and PHP 8.3.10 reports “php is not writable”.

If I attempt a “FORCE UPDATE” from the same menu I get the error

“500: Internal Server Error • Cannot update system because php is not writable”.

Obviously the ownership and permissions of all the files have been checked (both manually and using the Virtualmin “Fix Permissions” feature). Also, the symptoms are exactly the same even if I recursively chmod the entire site folder and all its contents to 0777.

I’ve reported this before but couldn’t reproduce it. Now it’s unfortunately 100% reproducible even on a completely clean installation.

I normally run OpenLiteSpeed 1.7.19 but have also checked that this is reproducible with exactly the same symptoms on Apache 2.4.62.

There’s nothing in the webserver or php error logs. The storage/logs/laravel.log contains this:

[2024-10-04 19:29:10] production.ERROR: Cannot update system because php is not writable {“userId”:1,“exception”:"[object] (App\Exceptions\FilePermissionsFailure(code: 0): Cannot update system because php is not writable at /home/beechesit/domains/accounts.beeches.it/app/Http/Controllers/SelfUpdateController.php:170)

There’s also a stack trace, which is attached. I can’t see anything of interest but it will probably be meaningful to the authors.
laravel.log.txt (10.9 KB)

Things are basically working otherwise but how can I get my updates running? I tried triggering from the “/update?secret=…” URL as well but nothing happens - I just see the usual dashboard and the old version still running.

Update: I forgot to mention that a phpinfo report can be viewed at Invoice Ninja in case that helps. I can’t see anything wrong in it.

Update 2: I’ve had a look at the code in /app/Utils/SystemHealth.php and it seems to be checking (line 159) that every single file (except for “.git”) is writable. That seems a bit excessive.

I also had a look at my files using the “lsattr” utility to see if the “immutable” bits are set on any of the files, and there are a few. In particular, there is a symlink to “php” that may be the culprit.

If I’m right, the question becomes “how did this ever work”?

(Replying to myself because this may be the solution and no-one else has responded)

I think I’ve found it. I created a completely empty top-level folder, unzipped the invoiceninja files, copied across my .env file and it’s working - passing the health check and updating.

I’m not sure how long it will last because other folders and files are created by the control panel and users from time to time, for example the .well-known folder, SSL certificates and mailboxes. The site does still work in Apache2 as well as OpenLiteSpeed, fortunately.

Hope this helps other people suffering “not writable” issues.

Update: The answer to my “how did this ever work?” question seems to be that all the files I found using “lsattr” were just “dot” or “double dot” links, and those are explicitly excluded from the check. But lsattr can’t check symlinks, and threw the following errors during the scan:

lsattr: Operation not supported While reading flags on ./bin/php
lsattr: Operation not supported While reading flags on ./logs/access_log
lsattr: Operation not supported While reading flags on ./logs/error_log
lsattr: Operation not supported While reading flags on ./etc/php.ini

I believe those are all symlinks created by the control panel, and the first of those was indeed the culprit in this case, I think. As far as I can tell none are essential for operation of the site.