How to View Detailed permissions for Bitbucket Server directory
Purpose
Bitbucket Server can encounter errors if the System User that runs the Bitbucket Server service doesn't have sufficient permissions over the Bitbucket Server Home and Bitbucket Server Installation directories. This can occur for example if Bitbucket Server is started as root resulting in certain files being created that the Bitbucket Server system user will not have permission over.
This is a known issue which is described here - Bitbucket Data Center showing error 'SpringMVC dispatcher could not be started' while starting up
Solution
In linux based systems we can check these permissions by using the tree
command with some extra options added at the root of the Bitbucket Server Home Directory and the Bitbucket Server Installation Directory (where Bitbucket Server was installed and started from);
tree -pufg
This command will give a detailed output of the directory structure and its permissions - specifically the full output of the directory in a tree like structure listing the owning user, group and the permissions specific to the directory/file.
The output will look similar to the below;
.
├── [drwxr-xr-x atlbitbu atlbitbu] ./atlassian-bitbucket
│ ├── [-rw-r--r-- atlbitbu atlbitbu] ./atlassian-bitbucket/fatal.jsp
│ ├── [drwxr-xr-x atlbitbu atlbitbu] ./atlassian-bitbucket/META-INF
│ │ └── [drwxr-xr-x atlbitbu atlbitbu] ./atlassian-bitbucket/META-INF/maven
│ │ └── [drwxr-xr-x atlbitbu atlbitbu] ./atlassian-bitbucket/META-INF/m
aven/com.atlassian.bitbucket.server
│ │ └── [drwxr-xr-x atlbitbu atlbitbu] ./atlassian-bitbucket/META-I
NF/maven/com.atlassian.bitbucket.server/bitbucket-webapp
│ │ ├── [-rw-r--r-- atlbitbu atlbitbu] ./atlassian-bitbucket/ME
TA-INF/maven/com.atlassian.bitbucket.server/bitbucket-webapp/pom.properties
│ │ └── [-rw-r--r-- atlbitbu atlbitbu] ./atlassian-bitbucket/META-INF/maven/com.atlassian.bitbucket.server/bitbucket-webapp/pom.xml
│ ├── [-rw-r--r-- atlbitbu atlbitbu] ./atlassian-bitbucket/startup.jsp
│ ├── [drwxr-xr-x atlbitbu atlbitbu] ./atlassian-bitbucket/static
│ │ ├── [-rw-r--r-- atlbitbu atlbitbu] ./atlassian-bitbucket/static/aui-variables.less
│ │ ├── [-rw-r--r-- atlbitbu atlbitbu] ./atlassian-bitbucket/static/aui-variables.less.css
│ │ ├── [drwxr-xr-x atlbitbu atlbitbu] ./atlassian-bitbucket/static/bitbucket
│ │ │ ├── [drwxr-xr-x atlbitbu atlbitbu] ./atlassian-bitbucket/static/bitbucket/component
We can either print this output to a file and then search for entries with the root
user or other users that shouldn't have the privileges.
Preferably we can also pipe in the grep command to search for the user as below;
tree -pufg | grep "root "
This will return all results that have root followed by a space. We add the space to ensure we don't pick up any unwanted files that may be named root.
Once you have identified that an unwanted user has permissions to a file or directory we can recursively change the owner of the whole directory by running;
chown -R atlbitbucket:atlbitbucket *
Ensure you are at the root of the Bitbucket Server Home Directory and the Bitbucket Server Installation Directory when you run this command as it will change the change the owner of everything recursively