The green HEALTH CHECK button (in the “About” menu) of my self-hosted installation of InvoiceNinja v5.10.29-W171 running on Ubuntu 24.04.1 and PHP 8.3.10 reports “php is not writable”.
If I attempt a “FORCE UPDATE” from the same menu I get the error
“500: Internal Server Error • Cannot update system because php is not writable”.
Obviously the ownership and permissions of all the files have been checked (both manually and using the Virtualmin “Fix Permissions” feature). Also, the symptoms are exactly the same even if I recursively chmod the entire site folder and all its contents to 0777.
I’ve reported this before but couldn’t reproduce it. Now it’s unfortunately 100% reproducible even on a completely clean installation.
I normally run OpenLiteSpeed 1.7.19 but have also checked that this is reproducible with exactly the same symptoms on Apache 2.4.62.
There’s nothing in the webserver or php error logs. The storage/logs/laravel.log contains this:
[2024-10-04 19:29:10] production.ERROR: Cannot update system because php is not writable {“userId”:1,“exception”:"[object] (App\Exceptions\FilePermissionsFailure(code: 0): Cannot update system because php is not writable at /home/beechesit/domains/accounts.beeches.it/app/Http/Controllers/SelfUpdateController.php:170)
There’s also a stack trace, which is attached. I can’t see anything of interest but it will probably be meaningful to the authors.
laravel.log.txt (10.9 KB)
Things are basically working otherwise but how can I get my updates running? I tried triggering from the “/update?secret=…” URL as well but nothing happens - I just see the usual dashboard and the old version still running.
Update: I forgot to mention that a phpinfo report can be viewed at Invoice Ninja in case that helps. I can’t see anything wrong in it.
Update 2: I’ve had a look at the code in /app/Utils/SystemHealth.php and it seems to be checking (line 159) that every single file (except for “.git”) is writable. That seems a bit excessive.
I also had a look at my files using the “lsattr” utility to see if the “immutable” bits are set on any of the files, and there are a few. In particular, there is a symlink to “php” that may be the culprit.
If I’m right, the question becomes “how did this ever work”?