Bug #401

Permission problems with /tmp/FLOW3

Added by Johannes K over 13 years ago. Updated almost 11 years ago.

Status:
Resolved
Priority:
Must have
Assignee:
Category:
Cache
Target version:
-
Start date:
2008-03-09
Due date:
% Done:

100%

Estimated time:
PHP Version:
Has patch:
Complexity:

Description

I called the index.php from the command line everythings fine:

>php index.php

Welcome to FLOW3!

This is the default view of the FLOW3 MVC component. You see this message because no 
other view is available. Please refer to the Developer's Guide for more information 
how to create and configure one.

Have fun! The FLOW3 Development Team

Then I called the index.php via webserver : http://localhost/hnes/flow3/Distribution/trunk/
and got the exception in the attachment (really nice stacktrace view by the way).

The problem are the permissions of the /tmp/FLOW3/ folder after I called index.php from commandline:

drwxr-xr-x 3 jk       jk          1024 2008-03-09 16:53 FLOW3

Or am I not supposed to use flow3 from commandline, or is there a wrapper, or ...


Files

permission-flow3.txt (4.92 KB) permission-flow3.txt Johannes K, 2008-03-09 17:01
#1

Updated by Tim Eilers over 13 years ago

It is not a problem of FLOW3, it is a problem of your webserver setup.

FLOW3 uses the temp directory, which is set in the server configuration. (check Classes/Utility/T3_FLOW3_Utility_Environment.php line 266 ff.)

The user running PHP (normaly the webserver user like wwwrun) has to be allowed to create files and directories in the temp-directory.

Check your webserver configuration and especially the configuration of php.ini

#2

Updated by Robert Lemke over 13 years ago

  • Status changed from New to Needs Feedback
  • Assignee set to Robert Lemke

Hi Johannes,

one way to solve this would be to use dedicated temporary directories for CLI and for web requests, that would solve your issue at least. But what should we do with other media then which will be placed in the FileCache directory - it will surely happen that these files are written by the webserver's user and then can't be modified by another, or vice versa.

I suggest that we just create a nicer error message.

#3

Updated by Tim Eilers over 13 years ago

argh, i should read texts completely. forget my stupid stuff above.

Robert Lemke
U should really think about dedicated temporary directories. at least for the CLI requests. i think the cli feature will be a often used feature later for scripts or connectors to other software on the same server. perhaps you can divide that into reading and writing requests... or divide into writing requests to FileCache (the webserver requests are working there also on the same dirs/files) and requests to PHP temporary directory (CLI/webserver requests need to work there for themselves and don't have to access the other dirs/files, or not?)

Or:
make a rule that all CLI requests will be called like this:

su - <webserveruser> -c "php index.php <...>" 

I think there will be a big amount of users, who dont have any access to the CLI (so all requests are handled by the webserver user) and a big amount of users, who own a own server with root access (so above trick works). the ones who have limited ssh / shell access to their webspace won't be much i think.

Or i am talking senseless stuff here because of thinking in the wrong direction, then just ignore me :)

#4

Updated by Robert Lemke over 13 years ago

  • Status changed from Needs Feedback to Resolved
  • % Done changed from 0 to 100

Johannes, can you check if your problem is solved in the current version?

#5

Updated by Johannes K over 13 years ago

Close to solved ;-)

the generated directory /tmp/FLOW3 had 755 mode and were owned by the user whoever called index.php first.
So I was still not able to create subdirectories as the other user.

Setting umask to 000 before helped for me

in T3_FLOW3_Utility_Files.php l. 82

/**
 * Creates a directory specified by $path. If the parent directories
 * don't exist yet, they will be created as well.
 *
 * @param string $path: Path to the directory which shall be created
 * @return void
 * @author Robert Lemke &lt;&gt;
 * @todo Make mode configurable
*/
public static function createDirectoryRecursively($path) {
$directoryNames = explode('/', $path);
if (!is_array($directoryNames) || count($directoryNames) == 0) throw new InvalidArgumentException('Invalid path "' . $path . '" specified for creating directory recursively.', 1170251395);
$currentPath = '';
foreach ($directoryNames as $directoryName) {
$currentPath .= $directoryName . '/';
if (!is_dir($currentPath) && T3_PHP6_Functions::strlen($directoryName) > 0) {
// ++ NEW NEW NEW ++ setting umask to zero before
$oldMask = umask(000);
mkdir($currentPath, 0777);
// setting it back
umask($oldMask);
if (!is_dir($currentPath)) throw new T3_FLOW3_Utility_Exception('Could not create directory "' . $path . '"!', 1170251400);
}
}
}
#6

Updated by Robert Lemke over 13 years ago

  • Target version set to 18

Okay, I forgot about the umask ... I just committed your solution but I'll have to make it configurable at a later point ...

#7

Updated by Robert Lemke about 13 years ago

  • Target version deleted (18)

Also available in: Atom PDF