PHP mkdir() permission denied

28
2014-06
  • Jon

    I've got a server setup with Centos 5.6, Apache 2.2.19 and PHP 5.2.17. PHP is being handled by suPHP.

    In the global php.ini
    safe_mode = off
    open_basedir = none

    Apache is set to run as nobody in the suPHP config.

    I've got two domains setup in:
    /home/user1/public_html and /home/user2/public_html

    Both public_html directories have permissions of 0750 with group as nobody

    All files/directories in each user directory are owned by that user and have the group set to that user as well.

    I'm running a script in /home/user1/public_html/scripts/functions.php which is trying to create a directory in /home/user2/public_html/user_files (which has chmod permissions set to 0757), however I'm getting a permission denied error...

    I'm assuming this is to do with the fact that PHP is being run as nobody, but I'm not sure what to change to enable scripts in each user's folder to write into the other user's folder, unless I make the user folder's writable by anybody, which doesn't sound very safe...

    Does anybody know where I'm going wrong?

    EDIT:

    drwx--x--x    root.root      /home  
drwx-wx--x    user2.user2    /home/user2
drwxrwx---    user2.nobody   /home/user2/public_html 
drwxrwxrwx    user2.nobody   /home/user2/public_html/user_files
    • Answers
  • binfalse

    The directory /home/user2/public_html/user_files is owned by xxx:nobody and comes with the permissions 757, correct?
    757 means it is read/accessible by anyone, but write access is only granted to users not in group nobody. So your problem might be solved if you just change the group of this directory, or better, change the permissions to 775. With 775 the owner and the group have write permissions, so they can create further files/directories in it, but no one else is able to write to this dir.

  • 8088

    I had a similar problem on F15, and SELinux was the culprit in my case. Try:

    chcon -R -h -t http_sys_rw_content_t /home/user2/public_html/user_files

    Use the same command on any other dirs where you want Apache to have R/W access. If it works, use semanage to make the context change permanent across reboots.

  • Jon

    In the end I created a new group containing user1 and user2 and just changed the group ownerships on the relevant folders to allow cross-folder writing.


    • Related Question

    Php having access to the filesystem - getting Permission Denied
  • Hugh

    I'm trying to track down a php issue with a tool that I'm trying to install, and have tracked it down, I believe, to a permissions issue with the filesystem, I believe...

    I now have the following simple .php file:

    <?php
system("/bin/ls");
?>

    When I run this, I see the following error in /var/log/httpd/error_log:

    sh: /bin/ls: Permission denied

    If I change the php to run:

    <?php
system("/bin/env");
?>

    Then I see the output that I was expecting.

    So it's not the execution that doesn't have permissions, it's what the executable is trying to read that is having problems.

    (The tool I am trying to get working here is phplicensewatcher - a tool for keeping an eye on what is going on with various license management daemons)

    Thanks


    • Related Answers
  • John T

    The first two thing I would check:

    • What user is PHP running under? If it's spawned by Apache, it is likely running as "nobody", "www" or "apache" depending on the version and configuration.

    • What directory are you trying to list? Check the permissions on that directory. Does the user PHP is running as have permission to access that directory?