Im getting denied running the following function (which is located in
/var/www/mysite/public_html/app/Controllers/Script.php)
$structure = '/var/www/mysite/public_html/app/Controllers/folder1/newfolder';
if (!mkdir($structure, 0755, true)) {
die();
}
I dont want to give to the web server general root permissions and also I want to keep folder1 in 755.
What I did is to edit the sudoers file trying to give to apache root permisions just in that specific path, I added this line:
www-data ALL=NOPASSWD:
/var/www/mysite/public_html/app/Controllers/Script.php
However Im still getting the same error, what is missing here?
I do not know anything about php but must likely you is running them scripts with the wrong user
check who’s the owner of the dir.
$ ls -lash
change ownership.
$ sudo chown -R $USER:$USER /path/to/dir
chown changes owner
‘-R’ change the ownership of subdirs and files
$USER current user
Related
I'm trying to create a secure way to handle file uploads by uploading the files to a directory outside of public_html.
I'm testing my script and my script works when I execute sudo php receive_files.php, but when I run receive_files.php without sudo I get failed to open stream: Permission denied.
Right now all permissions all the way back to var/www/html/mysite/public_html are set to 755. I tried changing all of them to 775 and the command still didn't work
Without sudo. And I'm pretty sure that would not be secure. How do I get around this problem?
My code:
$encoded_file = $_POST['file'];
$user_id = $_POST['user_id'];
$decoded_file = base64_decode($encoded_file);
$new_directory = "../../../../../../user_uploads/$user_id/";
if(!file_exists($new_directory)){
mkdir($new_directory, 0775, true);
file_put_contents($new_directory . $decoded_file);
}
Sudo is required when you are not the owner of something or you try to change permissions. So if you want php script to have access to upper directory. Change the group or user owner of upper directory same as php executor, in most cases its www-data
You can check owner of php script by using
ls -al
Then change owner using
chown -hR www-data:www-data directorypath
For more detail check manual of chown command
This will most probably fix your issue
Additional info
specifying absolute path instead of relative path solved the issue
I am working on apache sever and generating some tmpdir using follwoing code.
$tmpdatadir = "/home/user/tmpdata/".$id."/";
if (mkdir($tmpdatadir)) {
/* do something */
}
dir created:
drwxr-xr-x 2 www-data www-data 4096 Aug 30 17:16 147257020639481
but when i try to write some data using
exec ("cat file.txt >". $tmpdatadir."sample.txt")
i get following error message.
permission denied. As i copy file as user:user so how can i change permision of directory. I found chown does this but i am not sure how can i change ownership of whole directory.
First of all, please review the permissions for www-data folder with ls /lrt, is that way you can see if your user is able to write on the file.
Then, you can use the command: chmod 666 www-data to change the permission of the file to read and write for all users, in this link you can find the syntax for chmod command and a useful calculator if you want limit other users.
Also I share with you the specific functions for commands chown and chmod. See this site.
I've tried to use chmod function in php to change permissions to 777 temporarily, upload the file and then change it back to 755. But it didn't work, as it doesn't allow me to use the chmod function via php.
if(chmod($path, 0777) ) {
if(!move_uploaded_file($oldfile, $newfileloc)) {
return false;
}
chmod($path, 0755);
return true;
}
else
return false;
I had it working on my previous server with 755 permissions given to the folder.
I'm not sure how permissions work, so please help, thanks!
EDIT:
What permissions should my /var/www folder have so that web-server can write files?
EDIT 2:
Okay, I had this figured out. I just have to give permissions to www-data:www-data to make sure webserver has all the required permissions.
But, the issue I'm getting is that when I have /var/www has chown www-data:www-data, the php functions are working fine but I'm getting permissions denied error when using FileZilla. So right now I have to change permissions to root:www-data everytime I need to transfer something via FileZilla and then back to www-data:www-data to make sure my webserver's working fine. Anyone got a fix for this?
you can give 755 permission. But You have to change owner and group for /var/www/ folder. It should have www-data's ownership and group ownership. Check first which user has ownership and group ownership for this folder. run this below command.
ll /var/www/
if it has root access then it would look like this.
drwxr-xr-x. 2 root root 23 Mar 21 17:33 html
change the owner and group owner to www-data user using below command.
chown -R www-data:www.data /var/www
You can keep folder permission 755. -R option is use for giving permission recursively to its child folders and files.
I have assign anyone the right to read and write.
chmod 777 -R /home/test
An error occurred When to remove it with php function:
rmdir('/home/test');
Warning: rmdir(/home/test): Permission denied
Having 777 permission to /home/test isn't enough, the process trying to remove it also needs to have permission to alter /home (since removing /home/test constitute a change to /home).
The answer is likely that you have an ownership issue. The directory is probably owned by another user and group.
You can change this by using the chown command which stands for change ownership.
chown user:group directory/file.extension
I have a function in PHP language to create an xml file when requested.
if(($file= fopen("./include/catalogo.xml", "w"))==false){echo 'non creo il file'; return false;}
"catalogo.xml" can't be created, permission denied. I know I should try to change permissions, but how can do this if the file doesn't exist? Or, are there things that I ignored?
I think you might be ignoring the permissions of the directory (./include).
I'm assuming you are running this PHP via a web-server and on Linux (like Apache for example) - in which case the user account that is trying to create the file will be 'apache' or 'www-data' (or whatever user your webserver is running under).
On your server - have a look at the permissions of ./include - you need to do one of two things:
a) make ./include world writable (so the 'apache' user can now create a file inside of it).
b) change the owner or group of the ./include to 'apache' so it can create a file inside of it.
Your PHP is fine - it's the permissions of the folder it is trying to create the file inside of that is not.
You have to change the ownership of the directory "include" and set it to the web server's user and set the permission to a reasonable value:
$ sudo chow www-data include
$ sudo chmod 755 include
If you don't know which user your web-server is running by you can open the include dir permissions world-wide:
$ sudo chmod 1777 include
after create the creation of catalogo.xml you check the include diretory:
$ sudo ls -al include
-rwxr-xr-x 1 http web 4096 May 5 15:37 catalogo-xml
Now you can change the ownership of the directory "include" and set it to the web server's user (http) and reset the permission to a reasonable value:
$ sudo chow http include
$ sudo chmod 755 include
See also the manual of chmod, chown and ls:
$ man chmod
$ man chown
$ man ls
If you use the terminal and go to the parent of folder your file will be created in, which is the parent of the include folder and type in the command:
chmod 777 include
This should change the permissions of this folder so you won't receive the permission denied error anymore. If you do try this command:
chmod -R 777 include