PHP File Writing Permissions

Discussion in 'PHP' started by J.T., Jun 9, 2010.

  1. J.T.

    J.T. New Member

    Hi,

    I can't seem to get this right.

    When a script needs write access to a folder, for example for sessions or error logs, in apache I simply chown-ed them apache:apache and left them chmod 755.

    Now with Litespeed, I can't figure out who executes the script.

    In the server-wide settings I have:

    Running As user(nobody) : group(nobody)

    In the VH:

    ExtApp Set UID Mode DocRoot UID

    The owner of the docroot of that VH happens to be lsadm:lsadm

    So I figured by either making the folder I intend to have PHP write in owned by nobody:nobody or lsadm:lsadm I'd be able to write in it when it's chmod 755. But somehow, I need to up that to 777 for it to work. And I don't like 777.

    How can I figure out who runs the PHP process and should therefore be the owner of a folder in order to write to it?

    What are the recommended ownership settings for LSWS?
  2. J.T.

    J.T. New Member

    I just found out that get_current_user = lsadm and getmyuid is 100, which in /etc/passwd equates to lsadm indeed. So if the script is run by lsadm, which can't the script write to a file owned by lsadm?
  3. NiteWave

    NiteWave Administrator

    I did some tests locally, to enable

    need define a vhost level lsphp5 ExtApp first, say "lsphp5_vh" as its name.

    then in vhost "Script Handler", select this lsphp5_vh to handle php.

    if select lsphp extApp defined in server level, lsphp will run as server uid/gid, i.e., nobody in this case.
  4. J.T.

    J.T. New Member

    Hi,

    This issue is still present.

    I have exactly what you say, with a VHost level script handler which has a name different from the default. It handles PHP. The DocRoot UID is owned by lsadm:lsadm and a file further down the document tree is also owned by lsadm:lsadm

    In the PHP script I echo get_current_user() and this confirms it's lsadm. The script tries to write to a cache folder again owned by lsadm:lsadm but it can't. Only when I chmod the cache folder recursively 777 it works. 755 doesn't work either.

    What can I be overlooking?
  5. NiteWave

    NiteWave Administrator

    echo umask() while echo get_current_user()
  6. mmaama

    mmaama New Member

    Try compiling Litespeed with phpsuexec, i had the very same issue and that's the way i fixed it.
  7. mistwang

    mistwang LiteSpeed Staff

    Does your server use a special secure kernel? Or something special with PHP? Sohusin?

    try
    Code:
    sudo -u lsadm touch test_file
    under that directory, see if it has permission issue or not.

Share This Page