0

I am using PHP file_put_contents to generate PDF files inside a directory named invoices.

This was working fine for a long time but stopped working with no changes to the code generating the invoices (I have asked the hosting providers about any changes to the installation but they are no help).

The error I get is "Warning: file_put_contents(test-generate-file/999999.pdf): failed to open stream: Permission denied"

However, this seems to be a file ownership issue rather than a permissions issue because after some testing I have found that:

  1. The error occurs when the invoices folder has ownership cpanelusername:cpanelusername (this is the correct ownership needed for folders and files on the server to be viewed by visitors etc).

  2. Files are successfully generated when the ownership is changed to PHP which has the ownership name nobody (so ownership nobody:cpanelusername works)

  3. But the files that are generated successfully with ownership nobody can't be viewed by visitors.

As a workaround after they are generated I am manually changing their ownership to cpanelusername:cpanelusername so they can be viewed. But this is a pain.

So the question is what is preventing files being generated by PHP when the folder has the correct ownership is in place and how can I fix it?

I have viewed multiple similar questions but they mainly refer to file permissions as opposed to file ownership and have not helped. Also setting permissions of the invoices folder to 777 is not an option due to security being important.

Ryan
  • 152
  • 1
  • 13
  • it appears as if your webserver's user:group is cpanelusername:cpanelusername and whatever runs the pdf generation is nobody:nobody (or whatever). This could be for a number of reasons, but unless your script does some user/group-changing stuff, it's not php related really. if it stopped working and this is a hosted cronjob running or something, you should send a friendly request to your hoster to check if this is setup correctly, as I cannot imagine a case, where a user's cronjob should not run as the user. – Jakumi Jan 28 '23 at 11:56
  • What are the permissions of that folder and files? – shingo Jan 28 '23 at 12:03
  • @Jakumi The script doesn't do any user/group changing stuff and it's not a cronjob, an invoice is generated when a visitor completes a purchase. I don't know what runs the pdf generation (it is PHP `file_put_contents` that calls it) but that is something I would like to know if anyone has any ideas as this may lead to the solution. – Ryan Jan 28 '23 at 12:42
  • @shingo permissions are 755 on the folder and 644 on files but these are not the issue. Permissions are these in both working and non-working situations when the file ownership changes. – Ryan Jan 28 '23 at 12:44
  • That is definitely weird. If the webserver that writes the file cannot read the file ... there's something broken I'd say. Possibly some misconfiguration of php-fpm. If you don't know what that is, send a description of your problem to the webhoster, that php isn't able to read the file it wrote, add information about user:group and permissions – Jakumi Jan 28 '23 at 12:50
  • This is the issue indeed. Only the owner has the permission to write in the folder. If you want both nobody and cpanelusername are able to write, you need add nobody to cpanelusername group and change the permission to 775. – shingo Jan 28 '23 at 13:03
  • @Jakumi I have been in contact with the web host and they have been no help so far. I agree that it's likely a misconfiguration but it looks like I am won't get their help in finding out how to fix it. – Ryan Jan 28 '23 at 13:44
  • @shingo thanks for this information - how do I add 'nobody' to the 'cpanelusername' group? Also the permissions of the folder are 755 already. – Ryan Jan 28 '23 at 13:45
  • @shingo thinking further in this - I think what I want is 'cpanelusername' to do the writing when `file_put_contents` is called but at the minute a misconfiguration means that 'nobody' is doing the writing. Not sure on this though so any help appreciated. – Ryan Jan 28 '23 at 14:03
  • 1
    Add to group: `usermod -g cpanelusername nobody`. Change permission: `chmod 775 folder-name`. – shingo Jan 28 '23 at 14:04
  • 1
    Because the script was run by "nobody", and that's the user who runs your PHP work processes I think. If you want to run the script by "cpanelusername", it could be a misconfiguration, but the changing may also cause other permission problems. – shingo Jan 28 '23 at 14:06

0 Answers0