科技改变生活-雨落星辰 - 所有的伟大,都源于一个勇敢的开始

    最新消息:雨落星辰是一个专注网站SEO优化、网站SEO诊断、搜索引擎研究、网络营销推广、网站策划运营及站长类的自媒体原创博客
    你的位置: 首页>programmer>php - touch() gives permission denied - Stack Overflow

    php - touch() gives permission denied - Stack Overflow

    programmeradmin3浏览0评论

    I have a RHEL 9.4 server with NGINX.

    The web root is /www/html and I have a test.php in the path. The folder structure is:

    775 myuser nginx job/
755 myuser nginx test.php

    The whole path is under user = myuser and group = nginx

    The test.php is simple:

    <?php
ini_set('display_errors', '1');
touch('job/test.txt');
?>

    When I run the PHP in the browser, it said:

    Warning: touch(): Unable to create file /www/html/job/test.txt because Permission denied in /www/html/test.php on line 3

    Suppose I have enough permission to write the file.

    The PHP-FPM config is here:

    upstream php-fpm {
        server unix:/run/php-fpm/www.sock;
}

    The NGINX site config is here:

    server {
    listen 443 ssl;
    server_name example;

    ssl_certificate /path/to/ssl/fullchain.crt;
    ssl_certificate_key /path/to/ssl/server.key;

    location / {
        proxy_pass http://localhost:3001;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }

    location ^~ /script {
            alias /www/html;
            index index.php;

            if (!-e $request_filename) { rewrite ^ /script/index.php last; }

            location ~ \.php$ {
                    if (!-f $request_filename) { return 404; }
                    fastcgi_pass 127.0.0.1:9000;

                    include fastcgi_params;
                    fastcgi_param SCRIPT_FILENAME $request_filename;
                    fastcgi_param SCRIPT_NAME $fastcgi_script_name;
            }
    }
}

server {
    listen 80;
    server_name example;

    # Redirect HTTP to HTTPS
    return 301 https://$host$request_uri;
}

    I access the PHP script via .php

    How can I fix the permission issue?

    I have a RHEL 9.4 server with NGINX.

    The web root is /www/html and I have a test.php in the path. The folder structure is:

    775 myuser nginx job/
755 myuser nginx test.php

    The whole path is under user = myuser and group = nginx

    The test.php is simple:

    <?php
ini_set('display_errors', '1');
touch('job/test.txt');
?>

    When I run the PHP in the browser, it said:

    Warning: touch(): Unable to create file /www/html/job/test.txt because Permission denied in /www/html/test.php on line 3

    Suppose I have enough permission to write the file.

    The PHP-FPM config is here:

    upstream php-fpm {
        server unix:/run/php-fpm/www.sock;
}

    The NGINX site config is here:

    server {
    listen 443 ssl;
    server_name example.com;

    ssl_certificate /path/to/ssl/fullchain.crt;
    ssl_certificate_key /path/to/ssl/server.key;

    location / {
        proxy_pass http://localhost:3001;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }

    location ^~ /script {
            alias /www/html;
            index index.php;

            if (!-e $request_filename) { rewrite ^ /script/index.php last; }

            location ~ \.php$ {
                    if (!-f $request_filename) { return 404; }
                    fastcgi_pass 127.0.0.1:9000;

                    include fastcgi_params;
                    fastcgi_param SCRIPT_FILENAME $request_filename;
                    fastcgi_param SCRIPT_NAME $fastcgi_script_name;
            }
    }
}

server {
    listen 80;
    server_name example.com;

    # Redirect HTTP to HTTPS
    return 301 https://$host$request_uri;
}

    I access the PHP script via https://example.com/script/test.php

    How can I fix the permission issue?

    • php
    • nginx
    • rhel9
    Share Improve this question edited Jan 20 at 5:55 DarkBee 15.7k8 gold badges70 silver badges114 bronze badges asked Jan 20 at 3:39 RaptorRaptor 54.2k47 gold badges245 silver badges398 bronze badges 5
    • on top of /etc/nginx/nginx.conf set user to myuser then restart nginx service. – Jakkapong Rattananen Commented Jan 20 at 3:46
    • Same result after setting the user (originally it is "nginx") and restarted the server. – Raptor Commented Jan 20 at 3:51
    • Alternatively, I change the user & group of PHP-FPM and NGINX to "nginx" and change the owner & group of the whole folder path to nginx:nginx, the permission denied problem still persists, even with the job folder set to 777 – Raptor Commented Jan 20 at 4:02
    • Have you tried to give 777 to all the parent folders? – shingo Commented Jan 20 at 5:06
    • Yes, I tried. I set 777 to /www, /www/html and /www/html/job (I know it's inappropriate for security concern), but still Permission Denied is shown for writing files. – Raptor Commented Jan 20 at 5:49
    Add a comment  | 

    1 Answer 1

    Reset to default 1

    The root cause of the issue is SELinux protection. I issue this command to the folder where I put the test.php script:

    chcon -Rt httpd_sys_content_rw_t .

    which changes the SELinux context for files. httpd_sys_content_rw_t is to give NGINX (or Apache) read & write access. By default, the setting is unconfined_u:object_r:httpd_sys_content_t:s0, which does not allow file write. Such settings can be checked via:

    ls -alZ .

    Hope this helps someone one day.

    与本文相关的文章

    发布评论

    评论列表(0)

    1. 暂无评论