I have a php script and it owner is ROOT then I want to use it access to other account files and directories but when I try to access a 0750 file or directory I will got an error message say " failed to open dir: Permission denied"!
How can I do? Why the ROOT has no permission?
Root user definitely has the permission to execute everything, but the problem is, apache doesn't run from root.
To solve this, try change owner of the file to the user who runs apache. Commonly it is apache user, but with apache running, you can get it with this command:
ps aux | egrep '(apache|httpd)'
After that, change the owner of the file (assuming apache user is apache):
chown apache:apache file.php
Because this does not depend on the owner of the script, but which account executed the script.
Related
I am trying to run a server on ArchLinux, I have apache and PHP running normally, but i can't upload a file with PHP. I have seen many questions of this sort on Stackoverflow and I seem to have used all the suggestions I found, but I still get a
failed to open stream: Permission denied in /srv/http/upload.php
error.
To be precise
Warning: move_uploaded_file(): Unable to move '/tmp/phpZvJK1l' to '/home/administrator/SCRIPTS/tr/solution.cpp' in /srv/http/upload.php on line 20
I set the permissions for /tmp/, /home/administrator/SCRIPTS/tr and /srv/http to 777 (I know thats not right, but I am working locally right now and I want to get it working somehow).
Also I set all the owner of these directories to http (that is the user running PHP), but the thing still doesnt work.
Some PHP configurations do not allow file access outside the users docroot directory, so you may not have access to /tmp from within PHP. Try uploading your file(s) to a temp directory within your /home/administrator directory - preferably to a directory that isn't accessible to web browsers (a sibling directory to your docroot).
give permission to the /tmp dir :
sudo chmod 777 /tmp
As an Arch user I have the same issue when I work on web projects.
I'll recommend you to see this part of the Arch Wiki
User directories are available by default through http://localhost/~yourusername/ and show the contents of ~/public_html (this can be changed in /etc/httpd/conf/extra/httpd-userdir.conf).
So do to so you have to create the ~/public_html directory then
You must make sure that your home directory permissions are set properly so that Apache can get there. Your home directory and ~/public_html must be executable for others ("rest of the world"):
$ chmod o+x ~
$ chmod o+x ~/public_html
$ chmod -R o+r ~/public_html
After that you don't need to put your file under /srv/http/ you can now use ~/public_html as development directory.
I have this:
<?php
$oldmask = umask(0);
mkdir("test", 0777);
umask($oldmask);
?>
but receive the error
Warning: mkdir(): Permission denied in /Applications/XAMPP/xamppfiles/htdocs/add/add_site.php on line 27
I am on Mac OSX El Capitan using XAMPP.
So assuming you are calling your script through Apache, the apache user must have rights to write on the directory.
In order to do so, first you have to find what user is running apache, for this you may use :
ps aux | grep http
or
ps aux | grep apache
When you've found apache user, you can create a writable directory for apache :
mkdir /Applications/XAMPP/xamppfiles/htdocs/add/apachedir # create a directory for apache
# for the line below, replace apache:apache by your apache user:group.
chown apache:apache /Applications/XAMPP/xamppfiles/htdocs/add/apachedir # give directory ownership to apache user
Now if you edit your script as such :
mkdir("./apachedir/test", 0777);
Everything should be working.
Then I'd recommend you to be careful when changing a directory permission to 777, it means everyone can read / write in the folder. This is a bad practice most of the time, and critical when this folder is a son of apache webroot (any user could write in this directory and could run their code with apache rights).
You have to give full permission to you htdocs directory in xampp.
I am getting some interesting results on my server when i try to access any Directory or File via some Function.I have set all my file & directory permissions to 777 and have changed the content owner to Apache but i still get error messages.Code:
move_uploaded_file($_FILES['file']['tmp_name'], '/var/www/html/fileContent_Site/userData/'.$_SESSION['username'].DIRECTORY_SEPARATOR.$_FILES['file']['name']);
Or
file_put_contents('userData/userData.txt', $result,FILE_APPEND);
mkdir("userData/".$register['username']);
For 'move_uploaded_file()' i get:
move_uploaded_file(/var/www/php/Site/userData/radi/110729.png):failed to open stream: Permission denied in /var/www/php/Site/upload.php
move_uploaded_file(): Unable to move '/tmp/phpUFvMcn' to '/var/www/php/Site/userData/radi/110729.png' in /var/www/php/Site/upload.php
And for 'file_put_content()' and 'mkdir()'
file_put_contents(userData/userData.txt): failed to open stream: Permission denied in /var/www/php/Site/register.php
mkdir(): Permission denied in /var/www/php/Site/register.php
Check owners that runs PHP. To check - simply add these strings near your "file_put_contents" in your PHP file
echo "current user: ".get_current_user();
echo "script was executed under user: ".exec('whoami');
If you see the difference between current user and "script user", then you've found the issue.
Output example:
current user: root
script was executed under user: www-data
Just set the appropriate user to your PHP files directory/directory you want to write from your PHP script:
In Linux terminal execute:
chown -R www-data:www-data /path/to/the/folder
please, note, that "www-data" user is only for example. You should use your user you get from the "script was executed under user" output.
P.S:
To check folder owner, you could use this linux command:
ls -ltr
P.P.S:
check if your folder has the right access permission: 755
The folder php files should have "644" access permission.
To check permission, use the same command as for the owner check:
ls -ltr
You'll see something like:
drwxr-xr-x 10 www-data www-data 4096 Aug 5 15:18 api
Where "drwxr-xr-x" is access permission. Google it, to get more info about.
Open http.conf (in /opt/lampp/etc/httpd.conf) file.
Edit this part:
<IfModule unixd_module>
#
# If you wish httpd to run as a different user or group, you must run
# httpd as root initially and it will switch.
#
# User/Group: The name (or #number) of the user/group to run httpd as.
# It is usually good practice to create a dedicated user and group for
# running httpd, as with most system services.
#
User hostname
Group hostname
</IfModule>
See, if that works.
use
$_SERVER["DOCUMENT_ROOT"]."/myFolder/path to upload folder".
and check once
I have a function in PHP language to create an xml file when requested.
if(($file= fopen("./include/catalogo.xml", "w"))==false){echo 'non creo il file'; return false;}
"catalogo.xml" can't be created, permission denied. I know I should try to change permissions, but how can do this if the file doesn't exist? Or, are there things that I ignored?
I think you might be ignoring the permissions of the directory (./include).
I'm assuming you are running this PHP via a web-server and on Linux (like Apache for example) - in which case the user account that is trying to create the file will be 'apache' or 'www-data' (or whatever user your webserver is running under).
On your server - have a look at the permissions of ./include - you need to do one of two things:
a) make ./include world writable (so the 'apache' user can now create a file inside of it).
b) change the owner or group of the ./include to 'apache' so it can create a file inside of it.
Your PHP is fine - it's the permissions of the folder it is trying to create the file inside of that is not.
You have to change the ownership of the directory "include" and set it to the web server's user and set the permission to a reasonable value:
$ sudo chow www-data include
$ sudo chmod 755 include
If you don't know which user your web-server is running by you can open the include dir permissions world-wide:
$ sudo chmod 1777 include
after create the creation of catalogo.xml you check the include diretory:
$ sudo ls -al include
-rwxr-xr-x 1 http web 4096 May 5 15:37 catalogo-xml
Now you can change the ownership of the directory "include" and set it to the web server's user (http) and reset the permission to a reasonable value:
$ sudo chow http include
$ sudo chmod 755 include
See also the manual of chmod, chown and ls:
$ man chmod
$ man chown
$ man ls
If you use the terminal and go to the parent of folder your file will be created in, which is the parent of the include folder and type in the command:
chmod 777 include
This should change the permissions of this folder so you won't receive the permission denied error anymore. If you do try this command:
chmod -R 777 include
I'm working on a PHP script that runs a Python script on the server. My server is running CentOS 5.4 with Apache 2.2.3 and PHP 5.1.6.
This is the PHP code:
chdir("/home/cjones/git/pywrapper");
$output = shell_exec("python /home/cjones/git/pywrapper/wrapper.py");
This give me this error:
Warning: chdir() [function.chdir]: Permission denied (errno 13) in /var/www/html/wrapper.php on line 20
In the shell_exec call, I've also tried using "cd /home/cjo... && python ...", but that doesn't work.
The script needs to be run from that directory or it starts throwing errors because it can't find the files it wants. If all else fails, I could just hardcode the paths into the python script instead of using relative paths.
This is the relevant output of ls -l for ~/git
drwxrwxr-x 5 cjones cjones 4096 Mar 23 08:45 pywrapper
I had also tried chmod 777 ~/git/pywrapper but that didn't work. The current setting is just 775.
My best guess is that the apache user for some reason doesn't have access to my user's home directory? But I don't know how to allow it to.
It's not enough to change permissions on just the 'git' and 'pywrapper' directories. Apache will need to be able to access 'cjones' as well. Most Linux boxes default to users' home directories being mode 0700. If you don't want to loosen the permissions to the 0777 level and grant global access, you could change the group ownership to a new group that you and apache share, and grant 0770 to /home/cjones, /home/cjones/git, and /home/cjones/pywrapper
It is a better idea to have your web site's directory not be in your home directory, but symlink it to e.g. /var/www/mysite.
That said, you can chmod o+x ~; chmod o+x ~/git; #etc. for the directories and chmod o+r ~/git/pywrapper/blablablabla for the files python needs to be able to read when running as Apache.