PHP 即使具有 777 权限和正确的文件 + 目录组,也需要权限被拒绝
PHP require Permission Denied even with 777 permissions and correct group on file + directory
我从来没有遇到过 PHP 在组和用户设置正确时能够读取文件的问题。
Apache 运行 在 www-data 用户下,所以我使用 777 chmod 将所有内容(组和用户权限)设置为 www-data,但仍然没有任何效果。
不知道发生了什么。
PHP 未处于安全模式。
代码:
require ('/root/app/class/api.php');
文件系统:
$ pwd
/root/app/class
$ ls -la
total 76
drwxrwxrwx 2 www-data www-data 4096 Oct 8 10:59 .
drwxrwxrwx 9 www-data www-data 4096 Sep 25 21:25 ..
-rw-r--r-- 1 root root 26896 Jan 13 2014 something_else.php
-rw-rw-r-- 1 root root 32807 Mar 11 2015 something.php
-rwxrwxrwx 1 www-data www-data 3439 Mar 3 2015 api.php
错误:
Warning: require(/root/app/class/api.php): failed to open stream: Permission denied in /var/www/website.com/htdocs/app_frontend/include/config.php on line 36
Fatal error: require(): Failed opening required '/root/app/class/api.php' (include_path='.:/usr/share/php:/usr/share/pear') in /var/www/website.com/htdocs/app_frontend/include/config.php on line 36
尝试调试:
error_reporting(E_ALL);
ini_set('display_errors','On');
$file = '/root/app/class/api.php';
echo sprintf ( '%o', fileperms ( $file ) ), PHP_EOL;
echo posix_getpwuid ( fileowner ( $file ) ), PHP_EOL; // Get Owner
echo posix_getpwuid ( posix_getuid () ), PHP_EOL; // Get User
if (is_file ( $file )) {
echo "is_file", PHP_EOL;
;
}
if (is_readable ( $file )) {
echo "is_readable", PHP_EOL;
;
}
if (is_writable ( $file )) {
echo "is_readable", PHP_EOL;
}
fopen ( $file, "w" );
结果:
Warning: fileperms(): stat failed for /root/app/class/api.php in /var/www/website.com/...
Warning: fileowner(): stat failed for /root/app/class/api.php in /var/www/website.com/...
编辑:我的服务器上没有启用 SElinux,这是 apachectl 的输出 DUMP_MODULES
$ /usr/sbin/apachectl -t -D DUMP_MODULES
Loaded Modules:
core_module (static)
so_module (static)
watchdog_module (static)
http_module (static)
log_config_module (static)
logio_module (static)
version_module (static)
unixd_module (static)
access_compat_module (shared)
alias_module (shared)
auth_basic_module (shared)
authn_core_module (shared)
authn_file_module (shared)
authz_core_module (shared)
authz_host_module (shared)
authz_user_module (shared)
autoindex_module (shared)
deflate_module (shared)
dir_module (shared)
env_module (shared)
filter_module (shared)
mime_module (shared)
mpm_prefork_module (shared)
negotiation_module (shared)
php5_module (shared)
rewrite_module (shared)
setenvif_module (shared)
status_module (shared)
该文件的 完整 路径需要可读才能 PHP 打开它。
例如:
# cd /
# ls -al
drwx------ 3 root wheel 102 jan 1 2014 root
# sudo su
Password:
$ cd /root
$ mkdir pub
$ chmod 777 pub
$ vi pub/test.php
<?php
echo "Hi, world!";
:wq
$ chmod 666 pub/test.php
$ php -a
Interactive shell
php > include "/root/pub/test.php";
Hi, world!
php > exit
$ exit
# php -a
Interactive shell
php > include "/root/pub/test.php";
PHP Warning: include(/root/pub/test.php): failed to open stream: Permission denied in php shell code on line 1
...
请注意,在此示例中,/root 是 并且应该始终是 可读、可写和可执行的 仅由 root .
TL;DR:
将您的文件移出 /root。确保文件的完整 路径可读。
禁用 SELinux 并查看结果。如果是这种情况,只需安装并 运行 一个名为 SELinux troubleshooter 的程序。
- 查找相关警报。
- 点击疑难解答
- 检查任何列出的插件并在终端中执行建议的命令。
我从来没有遇到过 PHP 在组和用户设置正确时能够读取文件的问题。
Apache 运行 在 www-data 用户下,所以我使用 777 chmod 将所有内容(组和用户权限)设置为 www-data,但仍然没有任何效果。
不知道发生了什么。
PHP 未处于安全模式。
代码:
require ('/root/app/class/api.php');
文件系统:
$ pwd
/root/app/class
$ ls -la
total 76
drwxrwxrwx 2 www-data www-data 4096 Oct 8 10:59 .
drwxrwxrwx 9 www-data www-data 4096 Sep 25 21:25 ..
-rw-r--r-- 1 root root 26896 Jan 13 2014 something_else.php
-rw-rw-r-- 1 root root 32807 Mar 11 2015 something.php
-rwxrwxrwx 1 www-data www-data 3439 Mar 3 2015 api.php
错误:
Warning: require(/root/app/class/api.php): failed to open stream: Permission denied in /var/www/website.com/htdocs/app_frontend/include/config.php on line 36
Fatal error: require(): Failed opening required '/root/app/class/api.php' (include_path='.:/usr/share/php:/usr/share/pear') in /var/www/website.com/htdocs/app_frontend/include/config.php on line 36
尝试调试:
error_reporting(E_ALL);
ini_set('display_errors','On');
$file = '/root/app/class/api.php';
echo sprintf ( '%o', fileperms ( $file ) ), PHP_EOL;
echo posix_getpwuid ( fileowner ( $file ) ), PHP_EOL; // Get Owner
echo posix_getpwuid ( posix_getuid () ), PHP_EOL; // Get User
if (is_file ( $file )) {
echo "is_file", PHP_EOL;
;
}
if (is_readable ( $file )) {
echo "is_readable", PHP_EOL;
;
}
if (is_writable ( $file )) {
echo "is_readable", PHP_EOL;
}
fopen ( $file, "w" );
结果:
Warning: fileperms(): stat failed for /root/app/class/api.php in /var/www/website.com/...
Warning: fileowner(): stat failed for /root/app/class/api.php in /var/www/website.com/...
编辑:我的服务器上没有启用 SElinux,这是 apachectl 的输出 DUMP_MODULES
$ /usr/sbin/apachectl -t -D DUMP_MODULES
Loaded Modules:
core_module (static)
so_module (static)
watchdog_module (static)
http_module (static)
log_config_module (static)
logio_module (static)
version_module (static)
unixd_module (static)
access_compat_module (shared)
alias_module (shared)
auth_basic_module (shared)
authn_core_module (shared)
authn_file_module (shared)
authz_core_module (shared)
authz_host_module (shared)
authz_user_module (shared)
autoindex_module (shared)
deflate_module (shared)
dir_module (shared)
env_module (shared)
filter_module (shared)
mime_module (shared)
mpm_prefork_module (shared)
negotiation_module (shared)
php5_module (shared)
rewrite_module (shared)
setenvif_module (shared)
status_module (shared)
该文件的 完整 路径需要可读才能 PHP 打开它。
例如:
# cd /
# ls -al
drwx------ 3 root wheel 102 jan 1 2014 root
# sudo su
Password:
$ cd /root
$ mkdir pub
$ chmod 777 pub
$ vi pub/test.php
<?php
echo "Hi, world!";
:wq
$ chmod 666 pub/test.php
$ php -a
Interactive shell
php > include "/root/pub/test.php";
Hi, world!
php > exit
$ exit
# php -a
Interactive shell
php > include "/root/pub/test.php";
PHP Warning: include(/root/pub/test.php): failed to open stream: Permission denied in php shell code on line 1
...
请注意,在此示例中,/root 是 并且应该始终是 可读、可写和可执行的 仅由 root .
TL;DR:
将您的文件移出 /root。确保文件的完整 路径可读。
禁用 SELinux 并查看结果。如果是这种情况,只需安装并 运行 一个名为 SELinux troubleshooter 的程序。
- 查找相关警报。
- 点击疑难解答
- 检查任何列出的插件并在终端中执行建议的命令。