php script can't access /tmp folder

php file-permissions centos7 tmp tmpfs

28,117

I found off why, well, someone gave me the global hint.

It's neither the fault of php or tmpfs. The culprit was systemd and his security system PrivateTmp.

For those who get in the same issue that I did, the service php (and probably some others) have the PrivateTmp option to true in the systemd script (/usr/lib/systemd/system).

In that case, a new /tmp is created and isolated from the other one. All the data save inside are deleted once the service is stopped.

It's a security measure since /tmp can contain a lot a sensitive informations and php script are not always secure.

To deactivate this, simply copy the script inside /etc/systemd/system (to avoid overwriting of your changes after an update) and set PrivateTmp to false.

You can also set two or more services to share the same /tmp using JoinsNamespaceOf.

For more information > man systemd.exec

28,117

eephyne

Updated on September 18, 2022

Comments

eephyne over 1 year
I have no open_basedir, php can access /etc /usr /proc /home etc… but not /tmp.

tmpfs is mount on /tmp (/tmp type tmpfs (rw)) That's also the reason I want to use the /tmp folder.

My files are owned by http (user for nginx and php) and readable by everyone.

sudo -u http cat /tmp/file is working but anything inside a php script does not (like file_exist() or file()).

edit : the error show in log :
```
PHP Warning:  file(/tmp/ydlw/pid): failed to open stream: No such file or directory in /srv/http/ydlw/status.php on line 267
```
edit2: I tested the issue the other way. I made
```
touch("/tmp/boo");
file_exist("/tmp/boo");
```
and file_exist return true so the file is created. Then I watched inside /tmp and no "boo" file can be found there. That's what I was afraid, php do not «see» the mount point. Why is that and how can I fix that ?
- Tero Kilkanen almost 10 years
  
  What is the error returned by those PHP functions? What does PHP error log show?
- eephyne almost 10 years
  
  I added the error log
- Tero Kilkanen almost 10 years
  
  Does this file /tmp/ydlw/pid exist in /tmp? If not, then that is the reason for the error message.
- eephyne almost 10 years
  
  -rw-r--r-- 1 http http 343 23 juil. 10:12 /tmp/ydlw/pid
- Michael Hampton almost 10 years
  
  What is your Linux distribution and PHP version and where did you get PHP from?
- eephyne almost 10 years
  
  arch linux and PHP 5.5.11 (cli) (built: Apr 2 2014 06:08:28) (from the official arch repo)
Marcelo almost 9 years

Thank you for that! I spent the whole day trying to figure that out. My brain is melting off my nose for trying so hard to figure that out.
Dennis almost 4 years

I got confused on how exactly to do the steps but this has helped me: maxoberberger.net/blog/2017/10/debian-9-private-tmp.html