Apache+PHP write permissions on unix

views:

633

answers:

+1 Q:

Apache+PHP write permissions on unix

I'm trying to launch PHP site with apache on fedora and I have a problem about writting permissions. It looks like apache does not have write permissions to some folders, but I canno understand why.

I've checked httpd.conf and it has group: apache, user: apache. I then made: chown -R apache:apache www and set 777 permissions to the folders, but it still says:

Warning: file_put_contents(/var/www/public/temp.txt) [function.file-put-contents]: failed to open stream: Permission denied in /var/www/public/newtest.php on line 8

Please advice.

UPDATE: Btw, if I make "php newtest.php" from command line, the file temp.txt is created with group root and user root. It just doest not work from the browser.

make chmod 775 to newtest.php ;)

Amad 2010-02-14 19:20:20

As I already mentioned, I made 777 to the entire folder (including newtest.php of course). temp.txt is a new file which I want to be created, it does not exist yet.

Pavel Dubinin 2010-02-14 19:34:40

ls -la /var/www/public

Just to check :-)

Qwerty 2010-02-14 20:31:45

Ok, the folder itself has this:drwxrwxrwx 8 apache apache 4096 2010-02-13 04:08 publicThe file I'm executing:-rwxrwxrwx 1 apache apache 213 2010-02-14 06:34 newtest.php

Pavel Dubinin 2010-02-14 20:42:53

Weird. Are you sure that temp.txt is not already there?Also, what will happen if you try "sudo -u apache echo test > /var/www/public/temp.txt" ?

Qwerty 2010-02-14 20:56:49

yes, it was not there. When I launced the command you suggested (under root), it have created it, but when I try my PHP script again, it still shows the same error even though the file is there. I'm certain it has something to do with apache permissions, but not sure what exactly..

Pavel Dubinin 2010-02-14 21:11:51

Hmm. Other reasons could be safe_mode or open_basedir options enabled in php.ini or in apache config or in .htaccess. But I think they should produce slightly different warnings.

Qwerty 2010-02-14 21:24:01

no.. this is not the case. both are off.

Pavel Dubinin 2010-02-14 21:48:17

http://stackoverflow.com/questions/1870875/php-cannot-write-to-file-even-though-it-has-777-permissions - maybe same issue? :-)

Qwerty 2010-02-14 21:57:22

nope, I'm running ext3 if you meant filesystem issue.

Pavel Dubinin 2010-02-14 22:22:47

I'm about to give up :-)Crazy idea: maybe you didn't restart apache and it's running under nobody's rights? Try system('id') from your script :-)

Qwerty 2010-02-14 23:04:51

no, it's running as apache user and group, I've just rechecked that from php. I'm sort of confused myself...

Pavel Dubinin 2010-02-14 23:32:15

Qwerty 2010-02-15 00:35:05

I already did 0777 to the entire tree.. is_readable returns true, is_writable returns false.

Pavel Dubinin 2010-02-15 19:59:45

have you tried to touch temp.txt and just change file_put_contents() and add FILE_APPEND flag?

f13o 2010-02-14 21:37:52

Any file operation gives permission error, so it does not matter what I do: file_put_contents, fwrite, imagepng - all give similar errors. touch returned this: Warning: touch() [function.touch]: Utime failed: Permission denied in /var/www/public/newtest.php on line 6

Pavel Dubinin 2010-02-14 21:52:10

I meant shell touch command...

f13o 2010-02-14 22:56:18

anyway this does not help. and I need to be able to create files, not just modify it.

Pavel Dubinin 2010-02-14 23:33:43

Turn off SELinux ?

f13o 2010-02-15 09:18:52

I'd recommend switching apache to mod_itk as mpm and running the particular vhost with permissions of the owner document root directory and contained php scripts.

hurikhan77 2010-02-14 22:09:54

how should this help with my issue? I don't really need vhost here..

Pavel Dubinin 2010-02-14 22:25:25

In Apache there is at least a default vhost configured usually. You probably want to try to set the vhost owner there. But you probably also want to improve your question because mod_itk is overkill in single vhost setups and I would not have suggested it then. ;-)

hurikhan77 2010-02-14 22:27:54

+1 A:

Warning: file_put_contents(/var/www/public/temp.txt) [function.file-put-contents]: failed to open stream: Permission denied in /var/www/public/newtest.php on line 8

There is so much bad stuff here.

Lets start with the fact that you really want to keep httpd writeable files well away from your code - certainly in a seperate directory, preferably outside the document root altogether.

chown -R apache:apache www and set 777 permissions to the folders

And did you check afterwards what the permissions actually were? BTW see also the point above - if you've made your entire website writeable by the everybody then you're just asking for trouble. You certainly chouldn't change BOTH the owner AND the permissions.

Have you got SELinux enabled? (run sestatus as root). If so then you either need to disable it or learn how to configure it - but I'd recommend you get to grips with old-fashioned permissions first, then disable SELinux.

symcbean 2010-02-14 23:37:08

Ok, I know that 777 is not the way to store files, but in order to solve the problem I had to try everything. I've disabled SELinux now. sestatus root now shows "SELinux status: disabled", but the problem is still there :( Any ideas?

Pavel Dubinin 2010-02-15 19:56:16

Ah no, actually it helped, just had the old file with root permissions here. thanks alot

Pavel Dubinin 2010-02-15 20:08:03

ansaurus

tags:

views:

answers:

Apache+PHP write permissions on unix

related questions