function.fopen: failed to open stream: Permission denied in PHP_问答_开发者

function.fopen: failed to open stream: Permission denied in PHP

开发者 https://www.devze.com 2023-02-16 01:49 出处：网络

I\'m trying to create XML sitemaps for my websi开发者_开发知识库te from my PHP application. The idea is to either create a new file or overwrite an existing file. When I call fopen, I get the followin

I'm trying to create XML sitemaps for my websi开发者_开发知识库te from my PHP application. The idea is to either create a new file or overwrite an existing file. When I call fopen, I get the following error:

[function.fopen]: failed to open stream: Permission denied

I'm trying to write to the webroot and its permissions are: 755. This means that the owner has write permission, right? What do I need to do to make my script be able to write to this folder? 777 would be a bad thing, right? Can I run my script as owner somehow?

Thanks.

Yep, as you've said, using 777 could be huge mistake. The webserver doesn't run with the same user as you use to create files and folders.

You have some options:

Run the sitemap creation as a cronjob, using an user with rights to write there, other than the apache user.
Put the sitemap in another directory, and the set up a 302 Redirect or a symlink. In this case, if you have a security issue that let's someone to write your sitemap.xml, at least they'll not be able to create another file with a more dangerous extensions (like PHP, which may result in a site intrusion).
Make a rewrite rule to redirect any hit to sitemap.xml, to a php script that outputs the appropriate XML.

Good luck!

I'm a beginner and I had this problem as well. I am using Ubuntu linux w/ php and apache

Write a php script w/ the following: <?php exec('whoami'); ?> and run it on your server. This tells you who the current user of the script is
SSH to your server.
Make a group that has read and write access to the files you need.
Make group have read, write, and execute on folders you need.
Make the current user you found in the first step, part of the group that has access to the files you need.
Restart Apache: sudo apachectl restart

main commands you need are:

groupadd: Create a new group
usermod: add your user to a new group
chgrp: changes files / folders to group you specify
chmod: changes permissions on the files / folders you specify. All the commands you need are here: http://www.yolinux.com/TUTORIALS/LinuxTutorialManagingGroups.html

If you have ACL enabled on the webroot partition just grant the web server username full rights

setfacl -m u:apache:rwx /var/www/html

Replace apache with the web server username and /var/www/html with your webroot location.

had the same problem

Looks like apache is running as nobody in the nobody group

so if you do a

useradd -G nobody youruser

chown -R youruser:nobody .

Then change the permission to 0775

chmod -R 0775 .

or you may add nobody to your usergroup

useradd -G nobody yourgroup

this be a better solution

Does it work with group write enabled (i.e. 775)? Check your group permissions for the directory the file is in. As long as your PHP user (usually www-data) is part of that group, and it's the only user, you should be fine with 775 (or even 774).

Like Pascal said! just find your apache user

<?php exec'whoami'; ?>

and then

useradd -G username username2
chown -R username:username2 .
chmod -R 0775 .

And its done! Thank you Pascal!

777 is pretty normal, because PHP does not run as you, it runs as a PHP user, Apache, etc. The fact is, your webhost should have a higher set of permissions that prevents other users from writing/deleting your files.