I can't seem to get PHP to write to a text file on my Apache web server.
The file itself (log.txt) has an owner of "apache:apache" with access "-rw-rw-r--", its folder is owned by "apache:apache" and has permissions "drwxrwxr-x"...
Every time I tried to access log.txt, the Apache log reports "Permission Denied" on that file name.
Can anyone help?
Thanks.
apache usually runs as user www-data:www-data not apache:apache.
Are you sure the right uid/gid?
Try writing to a new file and see who owns it
Related
I host a website on linux server, I have got an error chmod permission denied error. Basically i want to change file permission chmod(0755) after file upload for security purpose..Any one has any idea..
PHP upload permission problem
Assuming you are running PHP under apache. You will need to make sure apache has permission to perform this action. If you are calling php via the command line, make sure the user that calls the script has permission to perform this action
The php script is unable to create file owing to denial of permissions.
PHP Script:
<?
echo exec('whoami');
file_put_contents('/var/www/html/sample.txt','Some random Text');
?>
Output :
apache
**Warning**: file_put_contents(/var/www/html/test/samds.txt): failed to open stream: Permission denied in **/var/www/html/index.php** on line **3**
The directory permissions are all 777
I have had same issue and i misplaced some configuration.Firstly remeber that the user who created the php file can read the file and if the user who created php file is different than the apache user in your case it is apache in that case you will get this exception if you try to write from different users.So what you have to do is simply,and i would suggest you to revoke the 777 permissions as i do not like idea of your files being publicity available on read and write to the world,so get it back to 755 and do the next on the command line of your server.
cd /var/www
change the user of the HTML only as we need it to be writable only,so do not touch the var and www,so basically as soon as you have navigated to he www directory you are going to change the HTML directory owner to the one who is currently running the apache server,and you got that info already,in your case it is apache so we are going to do the next,
chown apache:apache html
At this stage the html file owner will be apache so you will be able to write onto it.Anyway and meanwhile i would strongly suggest you to create separate directory inside html lets say testDir and try there,i would not suggest to change the root folder permissions,i had bad experience with them.Anyway i hope it will help as i suffer more then hour and just now got the right way to do it.This got my issue fixed,hope it will fix your's too.!
I have written a PHP script for file uploading and for testing I gave my upload directory 777 permissions. The script works fine.
Now I want to remove execute permissions for obvious reasons, but once I do that, I get the following error:
move_uploaded_file([filepath]) [function.move-uploaded-file]: failed to open stream: Permission denied
Just taking the permissions down from 777 to 776 causes this error to appear when I try to upload a file. I don't understand why having execute permissions should have anything to do with this - can someone PLEASE shed some light?
Thank you!
A directory must have execute permission to be accessible in Unix & Linux.
Quoting from here:
On a directory, the execute permission (also called the "search bit")
allows you to access files in the directory and enter it, with the cd
command, for example. However, note that although the execute bit lets
you enter the directory, you're not allowed to list its contents,
unless you also have the read permissions to that directory.
I agree with lserni that the fact that revoking execute permission on the directory for O (the third digit) causes the problem is worrisome as it indicates that the webserver is accessing the directory neither as owner nor as member of the group. You should fix that.
Just taking the permissions down from 777 to 776 causes this error to appear
This shouldn't happen. You ought to be able to run with 770 permissions, i.e., the directory should be owned by the Website user ID, with the group of web server.
This way the owner and the webserver are both able to manipulate the directory and the data. Ideally the Web server serving your website ought to assume the same user ID as the website owner, and that way you can keep the directory mode 700 and have it read-writeable and listable only by you.
If the last digit of the permissions is biting you, it means that the server is running with permissions for "everyone", which may be okay for a development site but isn't too good on a shared site (imagine your passwords being readable by any other website owner in the machine).
However, if you're running on a test machine, the 777 permissions are okay. Directory executable bit does not mean executable (a directory can't be executed anyway) but merely 'listable'. Without that bit, you can create and delete files but you can't know whether they're really there, and move_uploaded_files is objecting to this situation.
There are other solutions (e.g. chrooting each virtualhost in Apache); see also What are best practices for permissions on Apache-writable directories?
for removing the execute permissions you need to execute following commands..
chown -R nobody upload_directory
chmod -R 755 upload_directory
The first command changes the owner of your upload_directory and files under it to 'nobody' which is what php operates under. The second changes the upload_directory and files to only allow user access to writing. -R is for Recursive..
My code gets a permission denied error at the move_uploaded_file() function when I'm trying to save a file into a folder on my server (from the temp folder).
My user has full permissions across all the website directories and files. Is there an apache user that need permissions as well? How do I give permissions to this apache user?
If that isn't the case. Is there a way I can use the php chmod function to fix this problem?
Thanks for the help!
You are correct. The folder you need to move the file to doesn't need you to have permissions, it needs for the web server to have permissions.
Basically you need to figure out what account your web server is running as and give that user write permissions to the destination directory.
To figure out what your web server account name is, try the following command (assuming you're running Linux):
sudo lsof -i tcp:80
You should get back a bunch of lines with a USER column. One will be root, ignore that one. The other user listed is the user under which your web server is running. It's probably something like www or www-data or apache or the like.
After that, navigate to the parent directory of your upload directory and change it's ownership and permissions with the following command:
sudo chown www-data:www-data uploads
sudo chmod u+w uploads
At that point, your webserver user now has access to write to your uploads directory. If you have any trouble, post a comment and I'll try to help out.
I assume you gave the folder 777 permissions? The folder needs those permission.
I recently moved my website to a new host and now am experiencing some broken code..
I have an uploading script that is now returning this:
move_uploaded_file() failed to open
stream: Permission denied in *..
I've set the upload directory to 777 which worked fine, but my script is needed to have top level permissions..
(As the script itself sets permission to directories, does lots of copying etc)
Is there a way in apache I can set the PHP script to the owner of all the folders on my server?
Thanks
Also
When looking in phpInfo()
Under
apache2handler
User/Group nobody(99)/99
Is this related?
I wouldn't go that route, just give it permissions to the defined upload_tmp_dir, or define upload_tmp_dir to be a directory you have access to. If it is that directory you have problems with. If the target is the problem, and you've 777'ed it, something fishy is going on.
Do you have ssh access to your new host? The reason I ask is that it's probably not best to use the username/group as nobody, as most other services would use this too. I would change it to something like apache
You can then update httpd.conf, adding in these two lines (reloading the config after):
User apache
Group apache
Then, run chown apache:apache -R dir_name to make apache own it.
well,
When you are trying to set the permission like "0777", you must be running on same authority.
What I mean is.
For example, your script tells to change a folder/file permission to 0777, but the folder or file already has a permission and that is '0755' so you are not authorised to make that change. as the user have only 5 authority.
Either, you need to login to FTP and change the folder permission to 0777 and then you have full control over it or you have to stick with using 0755 or similar.