0

fopen is failing with failed to open stream: Permission denied in /var/www/html/ even though safe mode is turned off and open_basedir is set to none.

The folder that PHP is trying to read a file from is /home/vuser/files/ and it has 777 file permissions. Is there something I'm missing? can't figure out what user php is running as, because posix functions are not installed.

Here is the fopen command:

$src_dir = '/home/vuser/files'; fopen($src_dir . DIRECTORY_SEPARATOR . $filename, 'r');

mishka
  • 677
  • 6
  • 20
  • 1
    Show us the way you are opening files (your `fopen` call), I guess you are opening a relative path to your file. – Alain Tiemblo Apr 28 '13 at 06:34
  • Impossible to reply when if don't show your code here. Most likely it is a problem with a relative path and the wrong working directory... – arkascha Apr 28 '13 at 06:46
  • @Ninsuo I've included the fopen code – mishka Apr 28 '13 at 06:55
  • so both the file and the folder have the appropriate permissions? – half-fast Apr 28 '13 at 07:05
  • @half-fast Yes, that's right. – mishka Apr 28 '13 at 11:40
  • Wait, are you trying to access a file that's outside your webroot? If that folder is *before* your webroot, as it appears it is, without some special configuration, or clever programming your setup probably will not allow that for security purposes. You should be able to open the file for reading, but not for displaying. It really all depends on the config of your host and it sounds like theyre covering a basic security base. – half-fast Apr 28 '13 at 11:43
  • @half-fast Yes, it is outside webroot. Not sure which php setting is causing this as safe_mode is off, open_basedir is set to none. I think it has to do with the user as which php/apache is running and the user/group that owns the folder from which the script is attempting to read. Unsure how to check and fix. Basically, limited unix knowledge and hence stuck :( – mishka Apr 29 '13 at 02:28
  • One hackish workaround you can do is write your script to copy the file to the webroot, serve it then delete it, but again, depends on how often your server will access it. – half-fast Apr 29 '13 at 03:46
  • @half-fast hm...that doesn't help. For now I'm running it from command line via `sudo php /path/to/script.php` and is working fine. I'll have to review user permissions and groups. – mishka Apr 29 '13 at 04:36

0 Answers0