2


I am working on a leaflet map site with access to real time weather data. To avoid having to use SUID, because of it's security problems, I am using symbolic links from /var/www to my imagery data. These are simple png files, and this is working.

I then wanted to have real time data based on mouse position hovering over the image data. For this, I created an SQLite3 database with the actual values. At first, as a test, I manually put this database in the site root, and everything worked out perfectly. Unfortunately I cannot have that database in that location. I then did the exact same procedure used for my imagery data (which worked) with this database.

The process was:

In my site root:

ln -sf /path/to/db/ db
chmod 777 /path/to/db/data.db

The file is then read by a simple PHP program for querying: 

<?php

$lat = floatval($_GET['lat']);
$lon = floatval($_GET['lon']);

$db = new SQLite3('db/sst.db'); # line 6
$results = $db->query("SELECT sst FROM current ORDER BY (($lat-lat)*($lat-lat) + ($lon-lon)*($lon-lon)) ASC LIMIT 1");
while ($row = $results->fetchArray()) {
        echo $row['sst'];
}
?>

Unfortunately, now I am getting this error in the browser console:

Failed to load resource: the server responded with a status of 500 (Internal Server Error)

Inspecting /var/log/apache2/error.log file I get the following error:

PHP Fatal error:  Uncaught exception 'Exception' with message 'Unable to open database:
unable to open database file' in /var/www/Mapea/sst.php:6\nStack trace:\n#0
/var/www/Mapea/sst.php(6): SQLite3->__construct('db/sst.db')\n#1 {main}\n  thrown in
/var/www/Mapea/sst.php on line 6
jhc
  • 1,739
  • 3
  • 21
  • 46
  • 1
    What are the permissions on the `/path`, `/path/to`, and `/path/to/db` directories? – CL. Apr 22 '14 at 14:12
  • great comment. /path didn't have complete permissions. Changed it, and it's working. For some reason I thought only the last path's permissions mattered (and the file as well). Both had correct permissions. – jhc Apr 22 '14 at 14:27
  • Please write an answer. – CL. Apr 22 '14 at 16:04
  • What have you tried to resolve the problem? Where are you stuck? – Nico Haase May 19 '21 at 09:51

2 Answers2

1

Following CL's query on what permissions I had on /path, /path/to, and /path/to/db, I discovered that /path permissions were not correct.

After using the following command:

chmod 755 /path

My application is now working 100%.

jhc
  • 1,739
  • 3
  • 21
  • 46
0

In addition to the obvious rights on the full path to the file, one additional thing that may be an issue is SELinux.

If you still have permissions issues after double checking the file rights, this is the most likely culprit. For example, on RHEL 8, the default security policy doesn't let Apache accessing a file on an NFS volume, and you'll need to pass the command

setsebool -P httpd_use_nfs 1

to (permanently with -P) authorize it.

Bruno Rohée
  • 3,436
  • 27
  • 32