I use phpword, a ms-word document generator. It creates a temporary file
then it renames it to the correct .docx format.
The user projop owns the php script and it run it as projop.
There isn't any httpd involved because it's a call from a TCL app using the exec function.
I created the php's temp folder in /home/projop/tmp and given 0777 plus made sure it's owned by projop:projop.
Should this belong to root group or maybe apache group? I'm on CentOS 6.5. not sure but I keep getting permission denied.
The php script Template.php that renames is also owned by projop
Warning: rename(/home/projop/tmp/yRRXn0,Mission Announcement Sheet - BB&T76.docx): Permission denied in /var/www/html/doc-generate/wwwroot/phpword/src/PhpWord/Template.php on line 340 Warning: rename
I dont know what's wrong. The user who owns the script is projop, the tmp folder is on the user's home directory and it's owned by projop.
Im not sure what's going on.
The /tmp folder permission:
[root#project-open-v40 projop]# ls -la
total 493808
drwxr-xr-x. 7 projop root 4096 Aug 6 09:40 .
drwxr-xr-x. 3 root root 4096 Jul 9 09:37 ..
drwxrwxr-x. 4 projop projop 4096 Oct 16 2012 acs-bootstrap-installer-master
-rwxr-xr-x. 1 projop projop 27527 Jul 15 10:32 gain_fns.php
-rw-r-----. 1 projop projop 2487 Jul 17 11:49 logo.gif
-rw-rw-r--. 1 projop projop 52535 Jul 23 09:57 master
-rwxr-xr-x. 1 projop projop 3039 Jul 28 14:37 notifyPM.php
-rw-r--r--. 1 projop projop 59719 Aug 5 09:35 resetInvoice.php
drwxr-xr-x. 3 apache apache 4096 Mar 12 15:34 templates
-rw-r--r--. 1 apache projop 7966720 Jul 9 09:37 templates.tar
drwxrwxrwx. 2 projop projop 4096 Aug 6 09:54 tmp
drwxr-xr-x. 6 apache apache 4096 Mar 2 02:43 vendor
-rw-r--r--. 1 apache projop 211886080 Jul 9 09:38 vendor.tar
drwxr-xr-x. 18 apache apache 4096 Jul 7 10:40 wwwroot
-rw-r--r--. 1 apache projop 285624320 Jul 9 09:38 wwwroot.tar
/tmp folder contents:
[root#project-open-v40 tmp]# ls -la
total 152
drwxrwxrwx. 2 projop projop 4096 Aug 6 09:54 .
drwxr-xr-x. 7 projop root 4096 Aug 6 09:40 ..
-rwxrwxrwx. 1 projop projop 34854 Aug 6 09:53 G0pC83
-rwxrwxrwx. 1 projop projop 34854 Aug 6 09:42 lLm9Iz
-rwxrwxrwx. 1 projop projop 34854 Aug 6 09:46 NR8CSg
-rwxrwxrwx. 1 projop projop 34854 Aug 6 09:54 yRRXn0
Looking at the rename command warning:
Warning: rename(/home/projop/tmp/yRRXn0,Mission Announcement Sheet - BB&T76.docx): Permission denied in /var/www/html/doc-generate/wwwroot/phpword/src/PhpWord/Template.php on line 340 Warning: rename
you're attempting to rename the file without specifying the path. This is then trying to rename to a different location from your expected /home/projop/tmp/
Try pre-pending the path to the second argument and trying again.
use chmod to change the permissions of the file before you attempt to rename it - changing the permissions to the 0777 as you have for the folder.
http://php.net/manual/en/function.chmod.php
Also use http://php.net/manual/en/function.fileperms.php to return the current values of the file, see if there's anything unusual there?
Another alternative if this fails is to use the PHP script to load the contents of the file and then save the contents under a new name, and delete the original. This is the long process of what renaming in effect does. This is less than ideal but is an option.
Edit:
You may not be allowed to rename contents of the /tmp/ folder, as it is a dedicated and specified temporary folder, so instead of renaming it there, try the process above of opening the file and then renaming and saving it to another more permanent destination.
Related
I think I am having problems with the max children limit for php-fpm. I am trying to find something in the logs. Where can I find php-fpm.log on my server? Running phpinfo() shows this:
I cannot find anything related to php-fpm in /var/log/.
I am also trying to find the php-fpm.conf that is mentioned at https://www.php.net/manual/en/install.fpm.configuration.php. Thank you.
UPDATE 1: I found at https://github.com/rlerdorf/php7dev/issues/48 that it asks to edit /usr/local/etc/php-fpm.d/www.conf. In my case, I cannot find that file:
root#jai [/usr/local/etc]# pwd
/usr/local/etc
root#jai [/usr/local/etc]# ls -al
total 8
drwxr-xr-x. 2 root root 4096 Sep 23 2011 ./
drwxr-xr-x. 15 root root 4096 Apr 7 15:02 ../
Do I need to create it at /usr/local/etc/php-fpm.d/www.conf?
UPDATE 2: I see I have a folder called ApachePHPFPM but the file inside (default_accounts_to_fpm) is empty:
root#jai [/var/cpanel/ApachePHPFPM]# pwd
/var/cpanel/ApachePHPFPM
root#jai [/var/cpanel/ApachePHPFPM]# ls -al
total 16
drwxr-xr-x 2 root root 4096 Mar 26 04:44 ./
drwx--x--x 108 root root 12288 Apr 17 13:44 ../
-rw-r--r-- 1 root root 0 Mar 26 04:44 default_accounts_to_fpm
root#jai [/var/cpanel/ApachePHPFPM]#
UPDATE 3: My server had this file:
/usr/local/cpanel/etc/php-fpm.conf
The file contains this:
; Error log file
; Default Value: /var/log/php-fpm.log
error_log = /usr/local/cpanel/logs/php-fpm/error.log
That means that my error logs for php-fpm are located in this file: /usr/local/cpanel/logs/php-fpm/error.log.
I navigated to /usr/local/cpanel/logs/php-fpm/ but I could not find error.log:
root#jai [/usr/local/cpanel/etc]# cd /usr/local/cpanel/logs/php-fpm/
root#jai [/usr/local/cpanel/logs/php-fpm]# ls -al
total 8
drwx------ 2 root root 4096 Mar 30 2018 ./
drwx--x--x 6 root root 4096 Apr 16 15:24 ../
root#jai [/usr/local/cpanel/logs/php-fpm]#
In /opt/cpanel/ea-php73/root/etc/php-fpm.conf I found this line:
error_log = /opt/cpanel/ea-php73/root/usr/var/log/php-fpm/error.log
I see the error log files there:
root#jai [/opt/cpanel/ea-php73/root/usr/var/log/php-fpm]# pwd
/opt/cpanel/ea-php73/root/usr/var/log/php-fpm
root#jai [/opt/cpanel/ea-php73/root/usr/var/log/php-fpm]# ls -al
total 151456
drwxrwx--- 2 nobody root 4096 Apr 14 17:36 ./
drwxr-xr-x 3 root root 4096 Mar 26 04:42 ../
-rw------- 1 root root 31536068 Apr 17 17:05 error.log
-rw------- 1 root root 32102325 Mar 29 03:26 error.log-20200329
-rw------- 1 root root 51453659 Apr 5 03:36 error.log-20200405
-rw------- 1 root root 39966549 Apr 12 02:55 error.log-20200412
root#jai [/opt/cpanel/ea-php73/root/usr/var/log/php-fpm]#
I am running Wordpress on a Debian Based (Raspbian Buster) LEMP server. For the most part, everything is working fine except some problems with uploading photos using the command line interface. I have many pictures in my servers ~/Pictures folder that I am trying to upload to wordpress using the command line interface.
I navigate to the root directory of my wordpress installation and run the following command:
wp media import ~/Pictures/*.jpg
To which I get the following errors:
Warning: Unable to import file '/home/Danran/Pictures/img_0754.jpg'. Reason: The uploaded file could not be moved to wp-content/uploads/2020/03.
for each corresponding file. I am fairly certain that this is some sort of permissions error, but because I am a noob, I don't want to risk tinkering around with permissions in my wordpress directory without some sort of guidance by a pro.
How can I get rid of this error and successfully import my photos to wordpressing using the wp-cli?
could you please verify that you have write permissions in the uploads directory?
if u are using apache, normally what I do is set the www-data group as the owner of that directory
chown -R www-data:www-data /var/www/wordpress/wp-content/uploads
but, if what you want is to know if it is a permissions problem, simply set the permissions to 777 of that directory, and try to upload the files again... if you succeed, then it is a problem permissions, and setting them to 777 grants the cli access to that folder.
chmod 777 /var/www/wordpress/wp-content/uploads
Once you upload all of your photos with the CLI, you can change the permissions back to their original with chmod -R 755 on the same uploads folder you originally modified.
However, I usually set the permissions as follows ..
Directories: 644
Files: 755
find /var/www/wordpress/ -type f -exec chmod 644 {} \;
find /var/www/wordpress/ -type d -exec chmod 755 {} \;
EDIT1
Compare it with yours:
/var/www/wordpress/
root#www:/var/www# ls -l
total 212
-rw-r--r-- 1 www-data nogroup 420 Nov 30 2017 index.php
-rw-r--r-- 1 www-data nogroup 19935 Jan 1 2019 license.txt
-rw-r--r-- 1 www-data nogroup 7368 Sep 2 2019 readme.html
-rw-r--r-- 1 www-data nogroup 6939 Sep 2 2019 wp-activate.php
drwxr-xr-x 9 www-data nogroup 4096 Dec 18 17:16 wp-admin
-rw-r--r-- 1 www-data nogroup 369 Nov 30 2017 wp-blog-header.php
-rw-r--r-- 1 www-data nogroup 2283 Jan 20 2019 wp-comments-post.php
-rw-r--r-- 1 www-data nogroup 2898 Jan 7 2019 wp-config-sample.php
-rw-r--r-- 1 www-data root 3310 Jan 7 11:54 wp-config.php
drwxr-xr-x 8 www-data nogroup 4096 Jan 7 15:17 wp-content
-rw-r--r-- 1 www-data nogroup 3955 Oct 10 18:52 wp-cron.php
drwxr-xr-x 20 www-data nogroup 12288 Dec 18 17:16 wp-includes
-rw-r--r-- 1 www-data nogroup 2504 Sep 2 2019 wp-links-opml.php
-rw-r--r-- 1 www-data nogroup 3326 Sep 2 2019 wp-load.php
-rw-r--r-- 1 www-data nogroup 47597 Dec 9 08:30 wp-login.php
-rw-r--r-- 1 www-data nogroup 8483 Sep 2 2019 wp-mail.php
-rw-r--r-- 1 www-data nogroup 19120 Oct 15 11:37 wp-settings.php
-rw-r--r-- 1 www-data nogroup 31112 Sep 2 2019 wp-signup.php
-rw-r--r-- 1 www-data nogroup 4764 Nov 30 2017 wp-trackback.php
-rw-r--r-- 1 www-data nogroup 3150 Jul 1 2019 xmlrpc.php
/var/www/wordpress/wp-content
root#www:/var/www/wp-content# ls -l
total 28
drwxr-xr-x 3 www-data www-data 4096 Jan 7 14:52 cache
-rw-r--r-- 1 www-data nogroup 28 Jan 8 2012 index.php
drwxr-xr-x 2 www-data www-data 4096 Jan 7 11:55 languages
drwxr-xr-x 11 www-data nogroup 4096 Jan 8 16:24 plugins
drwxr-xr-x 4 www-data nogroup 4096 Jan 7 13:51 themes
drwxr-xr-x 2 www-data www-data 4096 Jan 7 14:52 upgrade
drwxr-xr-x 6 www-data www-data 4096 Jan 7 14:50 uploads
I have a fresh server installed with httpd web server and php as CLI. I am able to execute any PHP script in console but when I put the same in a file and call it in browser, it outputs PHP script as it is.
Basically httpd is not parsing PHP script since the extension or module like mod_php is not available. I do not see any files with .so extension in the /etc/httpd/conf.modules.d
/etc/php.d is empty
and
/etc/httpd/conf.modules.d has
[root#ip-10-227-85-145 conf.modules.d]# ll
total 32
-rw-r--r-- 1 root root 3739 Jun 22 2018 00-base.conf
-rw-r--r-- 1 root root 139 Jun 22 2018 00-dav.conf
-rw-r--r-- 1 root root 41 Jun 22 2018 00-lua.conf
-rw-r--r-- 1 root root 742 Jun 22 2018 00-mpm.conf
-rw-r--r-- 1 root root 957 Jun 22 2018 00-proxy.conf
-rw-r--r-- 1 root root 88 Jun 22 2018 00-systemd.conf
-rw-r--r-- 1 root root 451 Jun 22 2018 01-cgi.conf
-rw-r--r-- 1 root root 59 Mar 31 2016 10-auth_openidc.conf
I am clueless what to do. yum install php5-mcrypt is not working.It gave me some error.
RHEL dosen't support mod_php. It uses fsm/fcgi - this is mentioned here - https://aws.amazon.com/premiumsupport/knowledge-center/ec2-php56-apache-rhel72/
I am getting the following permissions warning with a while reading a file:
PHP Warning: fopen(todo.txt): failed to open stream: Permission denied in /var/www/php/oauth/web/insert.php on line 26, referer: https://oauth.dev/dropbox_finish.php?state=5
This problem come just by executing this code:
try{
$f = fopen("todo.txt", "r+");
...
}
I have done a lot of things with the permissions, let me show the current ones and then I'll show the rest.
[root#windows8 abel]# ls -lah /var/www/php
total 32K
drwxr-xr-x. 8 abel apache 4.0K Jun 3 15:53 .
drwxr-xr-x. 6 root root 4.0K May 29 12:38 ..
drwxr-xr-x. 3 abel abel 4.0K May 25 11:38 backup
drwxr-xr--. 6 abel apache 4.0K May 28 16:00 oauth
drwxr-xr-x. 8 abel apache 4.0K Apr 16 16:22 teamerp
drwxrwxr-x. 2 abel abel 4.0K Apr 16 17:18 TeamERP
drwx------. 5 abel abel 4.0K Apr 27 17:14 wordpress
drwx------. 6 abel abel 4.0K Jun 3 15:55 wp-test
[root#windows8 abel]# ls -lah /var/www/php/oauth/
total 36K
drwxr-xr--. 6 abel apache 4.0K May 28 16:00 .
drwxr-xr-x. 8 abel apache 4.0K Jun 3 15:53 ..
drwxr-xr--. 2 abel apache 4.0K Jun 7 11:56 app
-rwxr-xr--. 1 abel apache 124 May 25 16:05 composer.json
-rwxr-xr--. 1 abel apache 3.5K May 25 16:19 composer.lock
-rwxr-xr--. 1 abel apache 9 May 23 12:39 .gitignore
drwxrwxr-x. 3 abel apache 4.0K May 24 17:54 nbproject
drwxr-xr--. 5 abel apache 4.0K May 25 16:19 vendor
drwxr-xr--. 4 abel apache 4.0K Jun 8 15:16 web
[root#windows8 abel]# ls -lah /var/www/php/oauth/web/
total 36K
drwxr-xr--. 4 abel apache 4.0K Jun 8 15:16 .
drwxr-xr--. 6 abel apache 4.0K May 28 16:00 ..
drwxrwxr-x. 2 abel apache 4.0K May 28 16:00 css
-rw-rw-r--. 1 abel apache 5.4K Jun 8 17:37 dropbox_finish.php
-rwxr-xr--. 1 abel apache 109 May 28 09:59 index.php
-rw-rw-r--. 1 abel apache 1.3K Jun 8 17:50 insert.php
drwxrwxr-x. 2 abel apache 4.0K Jun 7 11:36 js
-rwxrwxrwx. 1 abel apache 55 Jun 8 17:50 todo.txt
[root#windows8 abel]#
The file is todo.txt.It has 777 permissions, the website works, but this file is supposed to be open to write it. That is the only difference as compared to any other if the html and php files that apache is serving.
The user abel is a member of the apache group. I have also tried to make the file owned by the user apache and it did not work, besides apache can read the rest of the web files, it's just this-one.
Any hint?
EDIT: I have created a folder and put the file inside. the run the following:
echo substr(sprintf('%o', fileperms('todo/todo.txt')), -4);
the result is 0777. I do not know what is going on, php actually sees the file, but I am still getting the error.
EDIT2: I have also execute the following command to know if it was a selinux problem with the file.
semanage fcontext -a -t httpd_sys_rw_content_t /var/www/php/oauth/web/todo/todo.txt
No results.
I have a really strange error. PHP can't read a file that do exists... Some ideas? I have not SELinux installed. I'm using fedora 17 and php 5.4.
I already try everything I know, but the problem still remains.
[root#sqd var]# ls -lia
total 92
8194 drwxrwxrwx. 23 root root 4096 ago 17 10:30 .
2 dr-xr-xr-x. 19 root root 4096 ago 13 16:00 ..
32139 drwxr-xr-x. 2 root root 4096 may 22 13:42 account
288 drwxr-xr-x. 2 root root 4096 feb 3 2012 adm
13 drwxr-xr-x. 14 root root 4096 ago 8 10:26 cache
796005 drwxr-xr-x 2 root root 4096 feb 6 2012 cvs
289 drwxr-xr-x. 3 root root 4096 ago 21 18:07 db
290 drwxr-xr-x. 3 root root 4096 may 22 13:42 empty
263682 drwxr-xr-x. 3 root root 4096 ago 7 11:15 ftp
291 drwxr-xr-x. 2 root root 4096 feb 3 2012 games
35931 drwxrwx--T. 2 root gdm 4096 jun 8 16:05 gdm
292 drwxr-xr-x. 2 root root 4096 feb 3 2012 gopher
15 drwxr-xr-x. 45 root root 4096 ago 10 10:42 lib
296 drwxr-xr-x. 2 root root 4096 feb 3 2012 local
308 lrwxrwxrwx. 1 root root 11 may 22 13:39 lock -> ../run/lock
12 drwxr-xr-x. 14 root root 4096 ago 26 03:17 log
297 lrwxrwxrwx. 1 root root 10 may 22 13:39 mail -> spool/mail
298 drwxr-xr-x. 2 root root 4096 feb 3 2012 nis
931987 drwxrwxrwx 3 nobody nobody 4096 ago 17 10:32 nodejs
299 drwxr-xr-x. 2 root root 4096 feb 3 2012 opt
300 drwxr-xr-x. 2 root root 4096 feb 3 2012 preserve
307 lrwxrwxrwx. 1 root root 6 may 22 13:39 run -> ../run
301 drwxr-xr-x. 15 root root 4096 may 22 13:43 spool
305 drwxrwxrwx. 5 nobody nobody 4096 ago 30 14:13 tmp
262637 drwxr-xr-x. 7 root root 4096 ago 7 11:20 www
306 drwxr-xr-x. 2 root root 4096 feb 3 2012 yp
[root#sqd var]# ls -lia tmp/
total 216
305 drwxrwxrwx. 5 nobody nobody 4096 ago 30 14:13 .
8194 drwxrwxrwx. 23 root root 4096 ago 17 10:30 ..
3030 -rwxrwxrwx 1 nobody nobody 199397 ago 30 14:13 file_thumb_5363_1_0.jpg
But
<?php
highlight_file(__FILE__);
var_dump(file_exists('/var/tmp/file_thumb_5363_1_0.jpg'));
print out:
bool(false)
Fedora 16 introduced the concept of a "private tmp" /tmp and /var/tmp I would throw my 2 cents on that direction.
From the manual:
2.3.3. Services Private /tmp
A number of services managed by systemd have been modified to make use of its ability to provide them with a
private /tmp directory. Privileged services using /tmp and /var/tmp
have previously been found to be open to being interfered with by
unprivileged users, potentially leading to privilege escalation. Using
private /tmp directories for services prevents this style of exploit.
The directive added to the systemd unit files for the modified
services is:
[Service]
PrivateTmp=true