Need some help with permissions/ownership on my testing web server..???

I've got a dedicated virtual server that I use for a testing environment.  It comes with Plesk so I can handle most everything I need to do from there...I'm admittedly lame and don't know much about linux itself, but I do everything in PHP so I'm trying to get it all figured out.

When I first launched this new server I was  having a problem where all of my open source apps (wordpress, opencart, etc) weren't working well because of all sorts of permissions issues.  I learned that I needed to switch my server from Mod to FastCGI in order to allow the FTP users ownership of directories and fix this problem...which it did.

Now, though, I'm having an issue with a fresh install of OpenCart where I'm getting the following error...

Warning: session_start(): open(/var/lib/php/session/sess_2m8fs22c7rgvj3fdmpokqvfpc3, O_RDWR) failed: Permission denied (13) in /var/www/vhosts/ on line 11

So now I'm guessing that the problem is my /var/lib/php/session directory is still owned by the 'apache' user instead of allowing FTP users access to it..??  Am I on the right track?  

Whether I am or not I'm unsure how to fix this.  I'd like to make sure I can fix it so that any site created on this server doesn't have this problem.  

Any information on this would be greatly appreciated.  thanks!
LVL 11
Andrew AngellCo-Owner / DeveloperAsked:
Who is Participating?
No, this makes perfect sense.  If the directory ownership was root, it meant that everyone else was probably "others".  This is why I had requested to see the permissions

Glad it resolved
You can use ACL to allow ftp user any kind of access on this folder

First show:
getfacl /var/lib/php/session

You can allow ftp user as follows

setfacl -m u:ftp:rwx /var/lib/php/session
Andrew AngellCo-Owner / DeveloperAuthor Commented:
I tried that and got an error that the command doesn't exist...

[root@sandbox ~]# getfacl /var/lib/php/session
-bash: getfacl: command not found
Cloud Class® Course: Amazon Web Services - Basic

Are you thinking about creating an Amazon Web Services account for your business? Not sure where to start? In this course you’ll get an overview of the history of AWS and take a tour of their user interface.

Ok, so you don't have acls.

You can make them share through the same group

So you want this file

Access to the following folder


Please do this
ls -l /var/www/vhosts/

ls -ld /var/lib/php/session
The point it, if you give the same group

If the file's group is changed to apache

chgrp apache /var/www/vhosts/

And assuming /var/lib/php/session already belongs to group apache then
allow group apache to do anything in this file

chmod g+rwx /var/lib/php/sessions
Andrew AngellCo-Owner / DeveloperAuthor Commented:
I want to ensure that all my other sites won't run into this problem on this server, too, though, without having to do this every single time.  This seems like something I'd have to do on a per-site basis..??  or even a per file basis..??
These are two commands, you can reverse them easily.  It would help you know if it is really a permission issue. Once you determine that, a strategy can be mode.
Andrew AngellCo-Owner / DeveloperAuthor Commented:
What's a little more confusing to me is that the line causing the error is a simple session_start().  When I create my own test page, though, and start a session, create a session var, and then display it, it works fine.  I did that here and then also dumped phpinfo...

The "test" at the top of the screen is a session var that I loaded and displayed.  I don't get any error on session_start here, but at, I do.
Andrew AngellCo-Owner / DeveloperAuthor Commented:
I'm not sure if this is correct, but it seems to have worked.

I took a look at the current ownership/group settings for all my web sites and they all seem to be using a specific owner/group.  My /var/lib/php/session directory was set to root:apache.  I simply changed the ownership of this directory to use the same thing as all my web sites are using and that seems to have done the trick.

Does this sound correct or did I do something that would be considered a bad thing?
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.