If someone could help me with this issue, it would be much appreciated.

I'm running Fedora Core 5 which had Apache and PHP 5.1.6 installed. I've
got it so it can run a PHP script okay. However, it doesn't have any access
to the file system because it keeps getting a permission denied. I can't
create directories, write to files, etc.

Now, normally this is just because the current user 'apache' doesn't have
write permission to the file system. However, I've not only changed the
recursive directory from my /web root to have 777 full permissions, I've
also changed the file/directory owner and group to be 'apache' - still with
no luck.

Any ideas what might be going on?

Here's my script:

$output = shell_exec('whoami');
echo "<pre>Who Am I: $output</pre>";

$output = shell_exec('groups');
echo "<pre>Groups: $output</pre>";

$output = shell_exec('ls -l');
echo "<pre>Directory Listing:<br>$output</pre>";

$fp = fopen('test.dat', 'w');
fwrite($fp, "this is my data");
fclose($fp);

if(mkdir('temp3'))
{
print('<p>Created temp3</p>');
}
else
{
print('<p>Could not create temp3</p>');
}

$output = shell_exec('ls -l');
echo "<pre>Directory Listing:<br>$output</pre>";

This is the output it generates:

Who Am I: apache
Groups: apache
Directory Listing:total 8
-rwxrwxrwx 1 apache apache 1484 Jul 21 04:31 test.php

Warning: fopen(test.dat) [function.fopen]: failed to open stream: Permission
denied in /web/webbuild/test.php on line 29

Warning: fwrite(): supplied argument is not a valid stream resource in
/web/webbuild/test.php on line 30

Warning: fclose(): supplied argument is not a valid stream resource in
/web/webbuild/test.php on line 31

Warning: mkdir() [function.mkdir]: Permission denied in
/web/webbuild/test.php on line 33

Could not create temp3

Directory Listing:total 8
-rwxrwxrwx 1 apache apache 1484 Jul 21 04:31 test.php

Any ideas why it can't write to the filesystem?

Many thanks in advance.

Martin
php [at] martin.student-film.com

hmm, seems to work if I have my Apache DocumentRoot pointing to
/var/www/html instead of my /web directory.

Well, I'm still confused why that would make a difference.

Again, any help would be much appreciated.

Thanks.

Martin

"Martin Adams" <php [at] martin.student-film.com> wrote in message
news:uYnoi.447$QD2.72 [at] newsfe1-gui.ntli.net...
> If someone could help me with this issue, it would be much appreciated.
>
> I'm running Fedora Core 5 which had Apache and PHP 5.1.6 installed. I've
> got it so it can run a PHP script okay. However, it doesn't have any
> access to the file system because it keeps getting a permission denied. I
> can't create directories, write to files, etc.
>
> Now, normally this is just because the current user 'apache' doesn't have
> write permission to the file system. However, I've not only changed the
> recursive directory from my /web root to have 777 full permissions, I've
> also changed the file/directory owner and group to be 'apache' - still
> with no luck.
>
> Any ideas what might be going on?
>
> Here's my script:
>
> $output = shell_exec('whoami');
> echo "<pre>Who Am I: $output</pre>";
>
> $output = shell_exec('groups');
> echo "<pre>Groups: $output</pre>";
>
> $output = shell_exec('ls -l');
> echo "<pre>Directory Listing:<br>$output</pre>";
>
> $fp = fopen('test.dat', 'w');
> fwrite($fp, "this is my data");
> fclose($fp);
>
> if(mkdir('temp3'))
> {
> print('<p>Created temp3</p>');
> }
> else
> {
> print('<p>Could not create temp3</p>');
> }
>
> $output = shell_exec('ls -l');
> echo "<pre>Directory Listing:<br>$output</pre>";
>
> This is the output it generates:
>
> Who Am I: apache
> Groups: apache
> Directory Listing:total 8
> -rwxrwxrwx 1 apache apache 1484 Jul 21 04:31 test.php
>
> Warning: fopen(test.dat) [function.fopen]: failed to open stream:
> Permission denied in /web/webbuild/test.php on line 29
>
> Warning: fwrite(): supplied argument is not a valid stream resource in
> /web/webbuild/test.php on line 30
>
> Warning: fclose(): supplied argument is not a valid stream resource in
> /web/webbuild/test.php on line 31
>
> Warning: mkdir() [function.mkdir]: Permission denied in
> /web/webbuild/test.php on line 33
>
> Could not create temp3
>
> Directory Listing:total 8
> -rwxrwxrwx 1 apache apache 1484 Jul 21 04:31 test.php
>
> Any ideas why it can't write to the filesystem?
>
> Many thanks in advance.
>
> Martin
> php [at] martin.student-film.com
>
>
>
>

Martin Adams wrote:
> hmm, seems to work if I have my Apache DocumentRoot pointing to
> /var/www/html instead of my /web directory.
>
> Well, I'm still confused why that would make a difference.

Check that you really has access to the directory in question

ls -l /

The directory must have 'x' set for apache to be able to read from it.
If you want to make it "useble" by all, try with

chmom 1777 /web

and lastly, check your apache config, do you use vhost, then you need to chnge
the DocumentRoot in the right place, also see to not have more than one
DocumentRoot for each vhost and for the default host and don't forget to
restart the apache after you made changes in the config.


--

//Aho

Thanks for the info. I think the problem was a little more complex as I had
all the permissions correct. I think I've fixed it though using this web
page as a reference:
http://docs.fedoraproject.org/selinux-apache-fc3/sn-simple-s etup.html

For what I can tell, there is a command called chcon that I could run to
relabel the directories and files (something new to me). After running
chcon -R -h -t httpd_sys_content_t /web it seems to have fixed it.
Hopefully that's all I need to do.

Thanks,

Martin


"J.O. Aho" <user [at] example.net> wrote in message
news:5geur1F33djufU1 [at] mid.individual.net...
> Martin Adams wrote:
>> hmm, seems to work if I have my Apache DocumentRoot pointing to
>> /var/www/html instead of my /web directory.
>>
>> Well, I'm still confused why that would make a difference.
>
> Check that you really has access to the directory in question
>
> ls -l /
>
> The directory must have 'x' set for apache to be able to read from it.
> If you want to make it "useble" by all, try with
>
> chmom 1777 /web
>
> and lastly, check your apache config, do you use vhost, then you need to
> chnge
> the DocumentRoot in the right place, also see to not have more than one
> DocumentRoot for each vhost and for the default host and don't forget to
> restart the apache after you made changes in the config.
>
>
> --
>
> //Aho

Martin Adams wrote:
> Thanks for the info. I think the problem was a little more complex as I had
> all the permissions correct. After running
> chcon -R -h -t httpd_sys_content_t /web it seems to have fixed it.
> Hopefully that's all I need to do.

As you seems to use a SELinux, it's still question about permissions, as
SELinux adds another level of those too the system.

Keep in mind that using another port the 80 will require you to tweak with the
SELinux permissions again.

--

//Aho

Ahhh, so I wonder if it's related to me having to tunnel into my box on a
different port then get SSH to forward it to port 80 that might be causing
it.

Thanks for the advise, at least I made progress :o)

Martin


"J.O. Aho" <user [at] example.net> wrote in message
news:5ggclpF3gg1igU1 [at] mid.individual.net...
> Martin Adams wrote:
>> Thanks for the info. I think the problem was a little more complex as I
>> had
>> all the permissions correct. After running
>> chcon -R -h -t httpd_sys_content_t /web it seems to have fixed it.
>> Hopefully that's all I need to do.
>
> As you seems to use a SELinux, it's still question about permissions, as
> SELinux adds another level of those too the system.
>
> Keep in mind that using another port the 80 will require you to tweak with
> the
> SELinux permissions again.
>
> --
>
> //Aho