I am trying to move file to another folder but it gives Permission denied error. Here is the permission of that files.
-rwxrwxrwx 1 root www-data 394 Oct 11 14:40 namechange.xml*
-rwxrwxrwx 1 root www-data 395 Oct 11 14:40 namechange1.xml*
-rwxrwxrwx 1 root www-data 345 Oct 11 14:40 roomchange.xml*
and here id the code that I used to move files
rename("resources/xml_checkin/namechange.xml", "resources/xml_checkout/test.xml")
;
Follow these steps:
Please open your terminal
Login with ssh
locate to the destination file using cd /var/www/html
Give permission to the particular folder using command chmod -R 777 path/folder or command chmod -R 777 path/filename
First try to change the chmod to 775, if it doesn't work then use 777
then try to move your files and see the result.
If issue persists again, let me know.
Related
I'm having permissions problems when running the following PHP script as root:
#!/usr/bin/php
<?php
$ph = proc_open('whoami', [['pipe','r'],['pipe','w'],['file','/tmp/foo.bar', 'w']], $fds);
if ($ph) {
echo 'command output: ' . stream_get_contents($fds[1]);
proc_close($ph);
} else {
echo 'proc_open failed' . PHP_EOL;
}
The script itself runs fine if /tmp/foo.bar doesn't exist, or is owned by root. But if ownership is changed to another user, proc_open will fail regardless of permissions on the file.
SELinux is disabled, and we are not using ACLs. I'm using PHP 7.4.33 (I know it's old and unsupported, but it's a requirement for FreePBX) on Alma Linux 9.1.
Output:
$ ./test.php
command output: root
$ ls -lah /tmp/
total 12K
drwxrwxrwt. 18 root root 4.0K Dec 14 16:57 .
dr-xr-xr-x. 18 root root 4.0K Dec 14 16:48 ..
-rw-r--r-- 1 root root 0 Dec 14 16:57 foo.bar
$ chown admin /tmp/foo.bar
$ ./test.php
proc_open failed
$ chmod 777 /tmp/foo.bar
$ ./test.php
proc_open failed
$ ls -lah /tmp/
total 12K
drwxrwxrwt. 18 root root 4.0K Dec 14 16:57 .
dr-xr-xr-x. 18 root root 4.0K Dec 14 16:48 ..
-rwxrwxrwx 1 admin root 0 Dec 14 16:57 foo.bar
$ tail -2 /var/log/php.log
[14-Dec-2022 16:57:17 America/Toronto] PHP Warning: proc_open(/tmp/foo.bar): failed to open stream: Permission denied in /test.php on line 3
[14-Dec-2022 16:57:28 America/Toronto] PHP Warning: proc_open(/tmp/foo.bar): failed to open stream: Permission denied in /test.php on line 3
Even disregarding the fact that I'm root, group permissions should allow me full access to the file. So what's going on?
This is due to the permissions on the /tmp directory. When PHP tries to open the file for writing, it gets the EACCES error. From the documentation of open(2):
EACCES
Where O_CREAT is specified, the protected_fifos or protected_regular sysctl is enabled, the file already exists and is a FIFO or regular file, the owner of the file is neither the current user nor the owner of the containing directory, and the containing directory is both world- or group-writable and sticky. For details, see the descriptions of /proc/sys/fs/protected_fifos and /proc/sys/fs/protected_regular in proc(5).
/tmp has the sticky bit set so that anyone can create files there, but users can only delete their own files. Although root can bypass this deletion restriction, it can't bypass the above check in open().
Ok I tried this in a different directory than /tmp, as suggested in comments, and it worked as expected. Using that to hone my search terms I was able pretty quickly to find this U&L answer. Beginning with kernel 4.19 the fs.protected_regular kernel parameter was made available. This parameter:
Disallows open of FIFOs or regular files not owned by the user in world writable sticky directories, unless the owner is the same as that of the directory or the file is opened without the O_CREAT flag. The purpose is to make data spoofing attacks harder.
Apparently it's enabled by default. So because /tmp is world-writable and sticky, I can't touch files that aren't mine – even if I'm root. For the record, if I have to disable this feature:
sysctl fs.protected_regular=0
echo 'fs.protected_regular=0' > /etc/sysctl.d/90-writabletemp.conf
But I'll be better off trying to work around it in the code somehow.
Let's say my storage/logs directory is empty at the moment.
I do a request from Postman and there is an error.
So, Laravel attempts to log it to the storage/logs directory.
Since it is empty, it creates a new file.
Here it is - please notice the owners/permissions:
-rw-r--r-- 1 www-data www-data 9955 Dec 29 10:29 laravel-2020-12-29.log
I read in this answer that the user should be me (let's call my user myuser) and that both me and the group should have read and write permissions.
(and I think that's correct - myuser should be the owner if, for example, I want to run an artisan cmd or sth)
So, I run the following two commands:
sudo chown -R $USER:www-data app/storage
sudo chmod -R ug+w app/storage
Then the permissions of the file become:
-rw-rw-r-- 1 myuser www-data 9955 Dec 29 10:29 laravel-2020-12-29.log
Now, if I try to do a request from Postman again, it still works.
But if I try the next day (or if I delete the file and try again), the new file is created with the initial permissions again:
-rw-r--r-- 1 www-data www-data 9955 Dec 29 10:32 laravel-2020-12-29.log
Why is this happening?
What should be done so that the permissions are set to the proper ones?
You can fix this problem with changing the config of your laravel project
Go to this path config/logging.php and find the line which has daily as key and change it like this for example:
'daily' => [
...
'permission' => 0664,
],
After that the log file generate with this permission
I'm trying to get a simple PHP file to work on a linux Centos 7 server using apache. The problem is that the php code doesn't seem to have permission to write to the folder. The simple test php file below illustrates the problem
<?php
echo shell_exec('whoami');
echo "<br>";
$myfile = fopen("test.txt","w") or die("could not open test file");
fclose($myfile);
?>;
Just to try to get it to work I have done
sudo chmod -R a+rwx /var/www
and yet I keep getting the "could not open test file" error message. What am I doing wrong? Incidentally, the 'whoami' is coming back as 'apache'
**Edit*
In the light of the suggestion below I've done some changes and am now showing the full permissioning for the folders. I've created the group www-data and have added the user apache to it.
[prompt]$ groups apache
apache : apache www-data
For /var/www:
0 drwxrwsrwx. 4 root www-data 33 Jul 27 08:19 www
For /var/www/html:
0 drwxrwsrwx. 2 root www-data 137 Jul 27 12:43 html
The file I'm trying to load:
4 -rwxrwxrwx. 1 root www-data 182 Jul 27 12:40 test.php
It's still not working unfortunately. Might it be something in the apache configuration? Any suggestions would be much appreciated
Here are two options you can try
Option 1
Make sure the group is www-data on '/var/www'.
prompt> sudo chgrp www-data /var/www
Make '/var/www' writable for the group.
prompt> sudo chmod 775 /var/www
Set the GID for www-data for all sub-folders.
prompt> sudo chmod g+s /var/www
Your directory should look like this on an 'ls -l' output.
drwxrwsr-x
Last, add your user name to the www-data group (secondary group).
prompt> sudo useradd -aG www-data [USERNAME]
Option 2
Use the mod_userdir as described in https://httpd.apache.org/docs/2.4/mod/mod_userdir.html
I would recommend the first option as it suits your needs better.
I want to delete deleteme.txt in the Ubuntu web server.
So I made 4.php do the following:
<?php
unlink('deleteme.txt');
?>
deleteme.txt has the following permission status:
-rwxrwxrwx 1 ubuntu ubuntu 19 Jun 12 06:18 deleteme.txt
When I execute "4.php", this error always occurs
Warning: unlink(deleteme.txt): Permission denied in /var/www/html/4.php on line 2
I already tried chmod 777 deleteme.txt and chown ubuntu /var/www/html on the directory which contains "deleteme.txt"
I also tried chown ubuntu /var/www/ on the parent directory of that file.
you need to chown to www-data, thus meaning that the www-data will gain ownership of the file allowing you to delete it through unlink with php.
Like so:
$ chown www-data <file or folder>
I have an PHP website on a RHEL5/CentOS dedicated server. The website is located at /var/www/html/beta
I have a script:
/var/www/html/beta/scriptA.php
which calls a function in
/var/www/html/beta/code/inc/functions.php
The function uses move_uploaded_file() as follows:
$status = move_uploaded_file($imagetmp_name,$destinationPath);
Printing these values shows:
imagetmp_name=/tmp/phpiECxB6
destinationPath=in_upload/images/907770756_publicpage.jpg
status=false
Which I thought should have worked since 'in_upload/images' exists:
drwxr-xr-x 5 root root 4096 Oct 19 07:40 in_upload
and
drwxr-xr-x 2 root root 4096 Oct 19 07:40 images
What am I doing wrong?
You don't have writing permisions to in_upload neither images, only for root.
Use
chmod a+w in_upload
chmod a+w images
or change that directories' owner/group to the user, under which is apache running.
example:
chown apache:apache in_upload
chmod g+w in_upload