2

Ok - this is a weird one.

I've now got my domain pointing to a new EC2 instance running our website, but initially I thought I had some issues with file permissions, has now turned to be where the web service is holding a completely separate file system layer on top of the one already in place.

What do I mean? Any file I upload to the site, or that I create using file_put_contents() is not accessible if I SSH in to the server. Completely invisible. This is a big problem for me, as I have got jobs on cron on the root user which is designed to look for these files and perform whatever jobs it needs to.

If I restart the apache2 service - the files that had been created in that session are reset, as if they were never there in the first place. Even if I don't restart the session - I have no way of accessing these file again - though it would probably only work if I redirect it as a file download. As far as PHP is concerned, they are in scandir(), true for file_exists() etc.

Has anyone had any familiarity with this and know how I can disable it so it behaves as normal? On my research, it sounds similar to EFS, but have no idea to turn that off, let alone turn it on.

Thanks. NB: I have asked this on Stack Overflow, but this is more of a "server fault" question.

Jester
  • 121
  • 1

2 Answers2

0

If PHP scandir() can see the file but ssh doesn't that's really weird. Couple of possibilities to check:

  • Are you 100% sure that you're logged in to the same server where the PHP code runs? If it's a cluster or a docker container you may have multiple instances running?

  • Speaking of docker containers - they have their own filesystem. Are you running your website in Docker by any chance?

  • Or is the website running in a chroot environment? That way you'd have to look for the uploaded file in some subdirectory. To check that upload a file with some unique name (e.g. abcdefgh.txt) and then look for in in the filesystem with find / -name abcdefgh.txt and see what path comes back.

It will be something like this. It's not likely that a file would simply be invisible for SSH, there's something more to it.

Hope that helps :)

MLu
  • 24,849
  • 5
  • 59
  • 86
  • Thanks for the tips! I really thought the same, except about the chroot Env, unless that's turned on by default I haven't added that, but I'll try and check it out. To be sure I was in the same server, checked the IP by using `curl https://ipinfo.io/ip `, spot on. The uploads now seem like a separate issue, need to fix some PHP setting, but otherwise using `file_put_contents` creates a file that only the web user can seem to access. I'll try your 3rd point to find it, though the `realpath()` seems to think it's in the same directory... – Jester Apr 03 '19 at 09:25
  • @Jester I think `realpath()` doesn't see past the `chroot` boundary. It only resolves symbolic links but not paths outside chroot. – MLu Apr 03 '19 at 21:39
  • How do I verify it's enabled, and how to disable if it is? – Jester Apr 03 '19 at 21:41
  • @Jester have you found the uploaded file *somewhere* on the filesystem? Anywhere? – MLu Apr 03 '19 at 21:44
0

MLu, genius. I was using locate and perhaps I had the syntax wrong or it was for the wrong OS, but find found it.

The reason for this whole canundrum, is nicely explained in this blog post. If you modify the setting to false, then use the command systemctl daemon-reload and restar the apache2 service - back to normal!

Sorry for my late reply - my last VM (after making some config edits) crashed and burned with some weird memory allocation issues. shrug!

Jester
  • 121
  • 1