Torquil Beavis
asked on
Changing directory CHMOD using PHP
Here's my AWS linux apache directory structure:
In order to increase security I want to chmod 'other' using PHP to r-x.
The script is in the cr-app directory:
Any ideas?
/var
/var/www rwx rws r-x 2775
/var/www/html rwx rws r-x 2775
/var/www/html/AWS_s rwx rws r-x 2775
/var/www/html/AWS_s/nm-app rwx rws r-x 2775
/var/www/html/AWS_s/cr-app rwx rwx r-x 0775
/var/www/html/AWS_s/cr-app/media rwx rwx -wx 0773
I had to make the media directory 'other' -wx in order to be able to copy a file to it, which succeeded.In order to increase security I want to chmod 'other' using PHP to r-x.
The script is in the cr-app directory:
if(chmod('/media/', 0775))
{
echo "Successful chmod";
}
else
{
echo "An error occurred during chmod'ing";
}
However, it fails to change permissions.Any ideas?
I believe if you put your script in the cr-app/ directory, you can use chmod('media', 0755);
ASKER
It still fails
You might want to contact AWS. Here is the exercise that I did.
1. My web directory is public_html
2. Inside public_html there is a directory named demo
3. I used FTP to create a directory inside demo named odd_storage, and gave it 0777 perms ("Rights")4. I ran this script and got the Success! message
I found it was necessary to refresh the view in my FTP program in order to see the new permissions. The permissions change did not automatically update the view.
1. My web directory is public_html
2. Inside public_html there is a directory named demo
3. I used FTP to create a directory inside demo named odd_storage, and gave it 0777 perms ("Rights")4. I ran this script and got the Success! message
<?php // demo/chmod.php
/**
* https://www.experts-exchange.com/questions/29019519/Changing-directory-CHMOD-using-PHP.html
* http://php.net/manual/en/function.chmod.php
*/
if (chmod('odd_storage', 0644)) echo 'Success!';
5. I looked at odd_storage again, and found the new permissionsI found it was necessary to refresh the view in my FTP program in order to see the new permissions. The permissions change did not automatically update the view.
ASKER
I'm checking directory owner and groups ..
ASKER
FTP program shows all changes ok. I checked with SUDO and it confirms it as unchanged.
It's not the owner nor group. They are the same.
I moved the script to another 'same owner group' directory .. I can copy a file to the directory, but still not chmod 0755 afterwards.
Can anyone replace my intelligence here?
It's not the owner nor group. They are the same.
I moved the script to another 'same owner group' directory .. I can copy a file to the directory, but still not chmod 0755 afterwards.
Can anyone replace my intelligence here?
ASKER
Using error_reporting(E_ALL) it gives 22527 - can't find out its meaning 8)
Any chance that SUDO has cached its response?
Maybe try something like this... and check the outputs to see what PHP sees.
Maybe try something like this... and check the outputs to see what PHP sees.
<?php // demo/chmod.php
/**
* https://www.experts-exchange.com/questions/29019519/Changing-directory-CHMOD-using-PHP.html
* http://php.net/manual/en/function.chmod.php
*/
error_reporting(E_ALL);
echo '<pre>';
// MAKE A NEW DIRECTORY
mkdir('odd_storage');
// COPY A FILE
$src = 'storage/pickle.png';
$dst = 'odd_storage/pickle.png';
copy($src, $dst);
// GET THE FILE INFORMATION
$stat = stat($dst);
$user = posix_getpwuid($stat['uid']);
var_dump($stat, $user);
// MAKE A CHANGE
chmod($dst, 0777);
clearstatcache();
// GET THE FILE INFORMATION
$stat = stat($dst);
$user = posix_getpwuid($stat['uid']);
var_dump($stat, $user);
... it gives 22527What is "it" in this context?
ASKER
Here's the output:
bool(false)
array(7) {
["name"]=>
string(4) "root"
["passwd"]=>
string(1) "x"
["uid"]=>
int(0)
["gid"]=>
int(0)
["gecos"]=>
string(4) "root"
["dir"]=>
string(5) "/root"
["shell"]=>
string(9) "/bin/bash"
}
bool(false)
array(7) {
["name"]=>
string(4) "root"
["passwd"]=>
string(1) "x"
["uid"]=>
int(0)
["gid"]=>
int(0)
["gecos"]=>
string(4) "root"
["dir"]=>
string(5) "/root"
["shell"]=>
string(9) "/bin/bash"
}
ASKER
The error code output from my
echo error_reporting(E_ALL); on failure ..
The closest I get to a meaning is:
22527 = 16384 + 4096 + 2048
.. E_USER_DEPRECATED + E_RECOVERABLE_ERROR + E_STRICT
echo error_reporting(E_ALL); on failure ..
if(chmod('media', 0755))
{
echo "Successful chmod";
}
else
{
echo "An error occurred during chmod'ing";
echo error_reporting(E_ALL);
}
The closest I get to a meaning is:
22527 = 16384 + 4096 + 2048
.. E_USER_DEPRECATED + E_RECOVERABLE_ERROR + E_STRICT
ASKER
mkdir fails with the odd_storage parent directory permissions at drwx r-x r-x and drwx rwx r-x. mkdir succeeds when parent is drwx rwx rwx.
However, the output as above remains identical even with the successful mkdir.
The default permissions for odd_storage are 0755 - no change to 0777
However, the output as above remains identical even with the successful mkdir.
The default permissions for odd_storage are 0755 - no change to 0777
PHP error_reporting() is a function that sets the error reporting level. It's not meaningful to echo that value in this context.
Are you on a Windows instance of AWS? It seems odd that stat() would return FALSE.
Are you on a Windows instance of AWS? It seems odd that stat() would return FALSE.
ASKER
Linux apache
ASKER
Oohh! My error! Sorry Ray. I had /storage/pickle.png instead of storage/pickle.png .. mkdir & copy work with permissions 0777.
However, chmod still failing.
Here's the output:
However, chmod still failing.
Here's the output:
array(26) {
[0]=>
int(51713)
[1]=>
int(399383)
[2]=>
int(33188)
[3]=>
int(1)
[4]=>
int(48)
[5]=>
int(48)
[6]=>
int(0)
[7]=>
int(27494)
[8]=>
int(1493591282)
[9]=>
int(1493591282)
[10]=>
int(1493591282)
[11]=>
int(4096)
[12]=>
int(56)
["dev"]=>
int(51713)
["ino"]=>
int(399383)
["mode"]=>
int(33188)
["nlink"]=>
int(1)
["uid"]=>
int(48)
["gid"]=>
int(48)
["rdev"]=>
int(0)
["size"]=>
int(27494)
["atime"]=>
int(1493591282)
["mtime"]=>
int(1493591282)
["ctime"]=>
int(1493591282)
["blksize"]=>
int(4096)
["blocks"]=>
int(56)
}
array(7) {
["name"]=>
string(6) "apache"
["passwd"]=>
string(1) "x"
["uid"]=>
int(48)
["gid"]=>
int(48)
["gecos"]=>
string(6) "Apache"
["dir"]=>
string(8) "/var/www"
["shell"]=>
string(13) "/sbin/nologin"
}
array(26) {
[0]=>
int(51713)
[1]=>
int(399383)
[2]=>
int(33279)
[3]=>
int(1)
[4]=>
int(48)
[5]=>
int(48)
[6]=>
int(0)
[7]=>
int(27494)
[8]=>
int(1493591282)
[9]=>
int(1493591282)
[10]=>
int(1493591282)
[11]=>
int(4096)
[12]=>
int(56)
["dev"]=>
int(51713)
["ino"]=>
int(399383)
["mode"]=>
int(33279)
["nlink"]=>
int(1)
["uid"]=>
int(48)
["gid"]=>
int(48)
["rdev"]=>
int(0)
["size"]=>
int(27494)
["atime"]=>
int(1493591282)
["mtime"]=>
int(1493591282)
["ctime"]=>
int(1493591282)
["blksize"]=>
int(4096)
["blocks"]=>
int(56)
}
array(7) {
["name"]=>
string(6) "apache"
["passwd"]=>
string(1) "x"
["uid"]=>
int(48)
["gid"]=>
int(48)
["gecos"]=>
string(6) "Apache"
["dir"]=>
string(8) "/var/www"
["shell"]=>
string(13) "/sbin/nologin"
}
ASKER
SUDO shows the owner of both the directory odd_storage and file pickle.png are both apache instead of ec2-user. Also, their groups are apache instead of www. All my other directories and files are ec2-user www.
Where mkdir permissions default is 0777, the directory made is 0755.
SUDO mkdir creates directories with owner ec2-user but group as ec2-user also, instead of www. FTP likewise.
Of course, if setgid was used in the parent then their group would be www.
Where mkdir permissions default is 0777, the directory made is 0755.
SUDO mkdir creates directories with owner ec2-user but group as ec2-user also, instead of www. FTP likewise.
Of course, if setgid was used in the parent then their group would be www.
This question needs an answer!
Become an EE member today
7 DAY FREE TRIALMembers can start a 7-Day Free trial then enjoy unlimited access to the platform.
View membership options
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.