We Keep Coding

PHP restricted to document root, not file system root

I'm trying to change a text file located inside the /etc/nginx directory via php. I'm using fopen() to do this, however, I cannot access any directory outside my websites root folder.
For example, I have my website stored in the absolute path: /webroot/mywebsite/ and if I attempt to read anything outside that folder, like /etc/nginx, fopen() dies.
I have tried just using ../../etc/nginx but it cannot find it
I have tried running PHP as root
I have tried adding the user 'http' to the root group
I have tried setting the open_basedir variable in php.ini
I have tried symlinking the /etc folder to the /webroot folder, but it cannot find it
I have checked my Nginx config and all php configs are not overriding open_basedir
I have confirmed the php.ini I am editing does in fact change in phpinfo();
I have NOT tried chmodding the root directory of my Arch install. I fear this will break something
When I echo out realpath("index.php") it returns "/webroot/mywebsite/index.php"
This is how I've been confirming if I have access to my root directory, but it has not changed. I have no idea what else I can try. My old Debian install let me just use the absolute path. This is my new Arch install and this is the first time I've experienced this. I suspect it may be a permission issue, but I do not want to mas modify my entire OS root. Any other suggestions? Thanks

Well. I'm very surprised I was not able to find this answer after literally 4 hours of googling but here it is. Hopefully I save someone the trouble.
The problem was located here: /lib/systemd/system/php-fpm.service
Find the line "ProtectSystem=full" and set it to "false". Ta-da, I now have access everywhere.

Upload file returning “Missing a temporary folder”

I have my site hosted on GoDaddy and on that site I have a part for uploads, it worked fine until days ago, now it started to return error 6 - Missing a temporary folder for any file I try to upload, I tried several ways to solve it, changing the php.ini and still nothing.
In my PHP file if I use the command file_exists(sys_get_temp_dir()); returns me true, so the folder is there.
If I use the is_writable(sys_get_temp_dir()); command returns me false, maybe there is the problem, but the folder /tmp on my server has permission drwxrwxrwt.
If anyone can help me with this problem, since I followed several tutorials and nothing about the solution.

Some providers do NOT grant access to the initialization file for PHP, but rather customers must use a local php.ini file with only the entries needed and allowed to set in a customer account.
In the server's Site Administration menu -> Server -> PHP Info what does the output show for upload_tmp_dir?
More than likely on a shared host, one cannot access edit the main php.ini, but one can set some things via their own local (in their account) php.ini file with the right 'snippets'.
Good luck, hope this helps.

Well, the problem has been solved and it is more strange than I imagined, I will leave the answer here to help you if someone has the same problem.
It was necessary to execute the command chmod 777 / tmp, but this command could not be executed since it gave an error that the folder was read-only (Ready-Only file system). To resolve this, it was necessary to mount and remount it, but I couldn't do it either, as it wouldn't let me remount the /tmp folder
For another reason I had to restart the server and magically the server let me change the permissions to 777 (from drwxrwxrwt. to drwxrwxrwx.). With that problem solved.
I thank everyone who tried to help.

How do I add line of code to config.inc.php in phpmyadmin directory?

I'm getting this error message in phpmyadmin:
"The $cfg['TempDir'] (./tmp/) is not accessible. phpMyAdmin is not able to cache templates and will be slow because of this."
I followed the solution which was to go into the phpmyadmin directory and change the config.inc.php file to include this line of code $cfg['TempDir'] = '/tmp'; Doing this resulted in an error message "Can't open file to write."
How do I correctly add the line of code to this config file?

According to the warnings in https://docs.phpmyadmin.net/en/latest/config.html#cfg_TempDir, it's not an ideal security practice to point this to the general /tmp/ directory where other users and processes can access and manipulate the files. I prefer to make a tmp folder in the phpMyAdmin folder itself and stay with the default configuration directive for $cfg['TempDir']. An alternative would be to make a subfolder within /tmp (you may need to take precautions to make sure your distribution doesn't automatically purge the folder) and set permissions on that folder. At the very least, even if you're not worried about the security implications, you'll need to set the permissions such that the webserver process can write to that folder.
Or, just ignore the warning — phpMyAdmin will still work fine :)

I found a solution, it seems obvious now but I'm new to this. I opened the file using sudo gedit from the phpmyadmin directory in the terminal and I was able to save the changes. Previously, I was trying to edit the file right in the window of my file manager. Thank you!

Can't mkdir or open files on server, even with 777 permissions

I see that similar questions have been answered on Stack Overflow, but the solutions haven't fixed my particular problem, so I have to ask...
I have an app that needs to make directories and modify files outside the site directory. This works find on the production server.
After spinning up a test server with the exact same version of Ubuntu and PHP, I'm getting errors on the staging server when it tries to open files or create directories.
Here are the errors:
mkdir() [http://php.net/function.mkdir]: Permission denied
fopen(/root/Dropbox/Backend/Booth-01/settings.sh) [http://php.net/function.fopen]: failed to open stream: Permission denied
Things I have tried:
checking the username running the application (it's www-data)
changing the owner of the external directory recursively to www-data
changing permissions on the directory to 777 (I know, this is a bad idea, but I was just trying it to see if that would help until I figured out what the issue was and will change the permissions to something more restrictive once I get it working)
checking the umask value. It was set to 0002, which shouldn't give me problems. Just for kicks, I tried changing it to 0000 and it didn't help.
checking to make sure PHP's safe mode wasn't enabled.
checking to make sure that nothing was specified in open_basedir. In any case, if that was the issue, it would throw a different error message.
I can't think of what to try next and I'm hoping that someone else is seeing something that I'm not.
Ubuntu 12.04.5 x64
PHP 5.3.10

It's not only the folder itself you have to have permissions on. You should also check the parent folders. I think, if you check this, this will fix your problem.

If this is an external drive (see if it shows up in mount) then you may have to remount it. An auto-mounted external drive can thwart permissions
sudo umount <moint-point>
sudo mount /dev/<device> <new-moint-point>

Setting permissions in Fedora Apache/PHP

I am building a Fedora server (on VirtualBox right now). It is running Fedora 15.
I want my PHP script to be able to edit the contents of a file in the same folder it is in.
The PHP script and the file are in /home/user/public_html/
But, when I call "file_put_contents("./theFile.txt")" I get an error saying that it cannot open the stream, permission denied.
So, I have:
- Made the file permissions 0777.
- Made the folder permissions 0777.
- Added the "apache" user to the group "wheel".
- Changed the user folder permissions to 0771.
- Changed the owner of the public_html folder and the text file to "apache:apache".
I am at my wits end and I have idea what to do next. Suggestions?

SELinux is preventing you from writing out the file. See the httpd_selinux(8) man page for ways to work with/around it.