4

I'm running an apache server on lubuntu, and am trying to use php to write a text file that the users can then download. I changed the permissions as so:

sudo chmod 775 /var/www -R

But I still get an error when I execute the script:

Warning: fopen(3): failed to open stream: Permission denied in /var/www/myPage.php on line 217 Could not open file!

Here is the php code:

    $filename = $liste[0][0];

    $fh = fopen($filename, "x+") or die("Could not open file!");

    fwrite($fh, "foo") or die("Could not write to file");

    fclose($fh);

Do I need to change other permissions? Or is there another way to do what I'm trying to do? Thanks

Jessica Chambers
  • 1,246
  • 5
  • 28
  • 56
  • try to check permision of that folder by right clicking on that. you will see write permission is not there/ – Alive to die - Anant Apr 21 '16 at 09:30
  • 1
    What is the result of `ls -l /var/www/myPage.php` ? Which user and group owns the file ? – Aurel Apr 21 '16 at 09:36
  • Try using absolute path to write to file. [fopen-perm-denied](http://stackoverflow.com/questions/3882244/php-fopen-permission-denied) – Ani Menon Apr 21 '16 at 09:39
  • With the `chmod` command, you have set full access for the owner and group of the file. Make sure that it is `www-data` that owns the file or that `www-data` is in the files group. – M. Eriksson Apr 21 '16 at 09:39
  • Please be aware the chmod 775 is a bit broad/permissive. The default of 755 for directories and 644 for files should be sufficient in most cases. It's usually an ownership problem that needs to be fixed rather than broaden the permissions. – Oldskool Apr 21 '16 at 09:40
  • open your terminal and write `gksu nautilus` then it will show `files` folder. Now when you click on that it will open an administrator window. Now go to the file and change the permission to read+write+execute (644 for files and 777 for folders). Sometime files permission not changed using chmod command. I faced it when my files and folders are resist in `opt/lampp` – Alive to die - Anant Apr 21 '16 at 09:41
  • @Aurel here are the user permissions I got from ls -l (baseaera is the sudo user) : -rwxrwxr-x 1 baseaera baseaera – Jessica Chambers Apr 21 '16 at 09:46
  • how would I know if www-data owns the file or is in the group? – Jessica Chambers Apr 21 '16 at 09:49
  • Make www-data the group owner (`chgrp www-data /var/www/myPage.php`) or add the www-data user to the baseaera group (`adduser www-data basearea`), but www-data (user or group) needs to have write access to your file. – Aurel Apr 21 '16 at 10:00
  • Possible duplicate of [Failed to open stream : No such file or directory](http://stackoverflow.com/questions/36577020/failed-to-open-stream-no-such-file-or-directory) – Vic Seedoubleyew Apr 27 '16 at 12:01

1 Answers1

9

Writing into a folder requires the Apache user to have writing, reading and executing privileges on that folder.

  1. So, first try to identify the name of the Apache user (often www-data).

  2. Then check if that user is either the owner or in the group of the folder where you want to write files.

  3. Give write, read and execute (7) privileges on that folder for that user. Give everyone else who don't need writing the read and execute privileges (5) on the same folder.

  4. (recommended) Give write and read (6) privileges to your files for the www-data user. Everyone else only need read privileges (4).

If www-data is neither the owner nor in the group of the file, then you should change either one of them. After doing this, you may find yourself unable to access the web folder if you access the server with a user other than www-data and other than root (like "webeditor"), and that user is neither the owner nor in the group.

I recommend:

  1. Set the owner and group to the Apache user/group.

    chown -R www-data:www-data /var/www

  2. Add the webeditor user (or whichever you use to connect to the server on ssh or ftp) to the www-data group.

    usermod -a -G www-data webeditor

  3. Give folders the write, read and execute privileges to the owner. Avoid the writing privileges on everyone else.

    find /var/www -type d -exec chmod 755 {} \;

  4. Files do not require the execution privilege. Only reading and writing is necessary for the www-data user, the rest only need reading privileges, so 644 is enough for our files.

    find /var/www -type f -exec chmod 644 {} \;
Marc Compte
  • 4,579
  • 2
  • 16
  • 22