Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Welcome to the CollectiveAccess support forum! Here the developers and community answer questions related to use of the software. Please include the following information in every new issue posted here:

  1. Version of the software that is used, along with browser and version

  2. If the issue pertains to Providence, Pawtucket or both

  3. What steps you’ve taken to try to resolve the issue

  4. Screenshots demonstrating the issue

  5. The relevant sections of your installation profile or configuration including the codes and settings defined for your local elements.

If your question pertains to data import or export, please also include:

  1. Data sample

  2. Your mapping

Answers may be delayed for posts that do not include sufficient information.

Vendor libraries: Permission denied exception (and "package abandoned"-warnings)

Hello everyone!

I'm trying to setup Providence from the git "develop" branch. Not for fun, but because I understood it so that there are certain issues/regressions fixed since v1.7.8 :smile:

The automatic installation of vendor libraries fails with a "permission denied" exception, although the providence/vendor subfolder is writable by apache user (775, group=www-data), and already contains subfolders for vendor libs automatically downloaded and populated by the installer.

It seems to try writing "./composer.lock" - but where?
How could this be fixed/prevented?

Thank you very much in advance!

The text in the gray are of the installer site is very hard to read (due to linebreaks missing), and the installer links to a documentation page for manually installing the vendor libraries, but that page is still empty/todo... :disappointed: - otherwise I would have tried installing them in the shell.

Error message

PS: I'm silently ignoring the "package abandoned" warnings...


  • It works when I enable write-access for www-data to the providence root folder.
    Could these new write-requirements be mentioned in the installer?
    And can I remove this write permission in the providence root folder after installation?

    Thank you very much in advance!

  • composer.lock need to be writable by the web server user, if you're installing vendor libs via web browser. If composer.lock doesn't exist yet, which it won't in a fresh install, then the directory enclosing the CA install needs to be writeable by the web server user, to allow composer.lock to be written. The vendor directory (if it already exists) will need to be writeable by the web server user as well.

    All the installer is doing is downloading composer and running it in the context of a web request. You could just as well download composer and run it yourself on the command line. In that case the directory and vendor permissions would need to be set to allow writing by your user.

    Once the vendor libs are installed, you'll need to make sure the htmlpurifier cache directory within vendor/ is writeable (this is a requirement of htmlpurifier), but otherwise you can set permissions anyway you like. Ownership of composer.lock and vendor/ (outside of the htmlpurifier requirement) is only required when running composer.

  • Thanks for clearing that up!

    I've used composer before, but ain't too familiar with it:
    Could you please provide a commandline example how to install these libs manually?

    Thank you again :smile:

  • I think I've found out how to do it manually:
    in providence-root folder (after assigning the right write-permissions):

    $ chgrp www-data . ./vendor
    $ chmod 775 . ./vendor
    $ sudo -u www-data composer update

    (Assuming that the webserver runs as "www-data")

  • edited September 12

    Thanks, this helped me out when I was stuck. I didn't quite understand it was trying to create the composer lock file in the root of the providence directory. I set up a fresh install in an Ubuntu 18.04 VM and was seeing the same error:

    [ErrorException]; file_put_contents(./composer.lock): failed to open stream: Permission denied;

    Even though I had made the /vendor directory writable by the www-data user. Probably a good thing to revert after you have finished installing the requirements.

    chmod 755 . ./vendor

    I would be happy to run composer manually, but I am not sure if you can just "apt install composer", but I am guessing so:

    root@collective-test:/var/www/providence# composer
    Command 'composer' not found, but can be installed with:
    apt install composer

    FYI, I also noticed a lot of deprecation warnings before this error message:

    Package phpunit/phpunit-mock-objects is abandoned, you should avoid using it. No replacement was suggested.; Package phpunit/php-token-stream is abandoned, you should avoid using it. No replacement was suggested.; Package zendframework/zend-escaper is abandoned, you should avoid using it. Use laminas/laminas-escaper instead.; Package phpoffice/phpexcel is abandoned, you should avoid using it. Use phpoffice/phpspreadsheet instead.; Package guzzlehttp/streams is abandoned, you should avoid using it. No replacement was suggested.; Package guzzlehttp/ringphp is abandoned, you should avoid using it. No replacement was suggested.; Package scholarslab/bagit is abandoned, you should avoid using it. No replacement was suggested.

    I should probably mention I was installing from providence-1.7.9rc1 release package.

  • @floydwilde

    Yes, I also installed composer like this (Debian 10):
    sudo apt install composer

Sign In or Register to comment.