php script can't access /tmp folder
I found off why, well, someone gave me the global hint.
It's neither the fault of php or tmpfs. The culprit was systemd and his security system PrivateTmp
.
For those who get in the same issue that I did, the service php (and probably some others) have the PrivateTmp
option to true
in the systemd script (/usr/lib/systemd/system
).
In that case, a new /tmp
is created and isolated from the other one. All the data save inside are deleted once the service is stopped.
It's a security measure since /tmp
can contain a lot a sensitive informations and php script are not always secure.
To deactivate this, simply copy the script inside /etc/systemd/system
(to avoid overwriting of your changes after an update) and set PrivateTmp
to false
.
You can also set two or more services to share the same /tmp using JoinsNamespaceOf
.
For more information > man systemd.exec
Related videos on Youtube
eephyne
Updated on September 18, 2022Comments
-
eephyne over 1 year
I have no open_basedir, php can access /etc /usr /proc /home etc… but not /tmp.
tmpfs is mount on /tmp (/tmp type tmpfs (rw)) That's also the reason I want to use the /tmp folder.
My files are owned by http (user for nginx and php) and readable by everyone.
sudo -u http cat /tmp/file
is working but anything inside a php script does not (like file_exist() or file()).edit : the error show in log :
PHP Warning: file(/tmp/ydlw/pid): failed to open stream: No such file or directory in /srv/http/ydlw/status.php on line 267
edit2: I tested the issue the other way. I made
touch("/tmp/boo"); file_exist("/tmp/boo");
and file_exist return true so the file is created. Then I watched inside /tmp and no "boo" file can be found there. That's what I was afraid, php do not «see» the mount point. Why is that and how can I fix that ?
-
Tero Kilkanen almost 10 yearsWhat is the error returned by those PHP functions? What does PHP error log show?
-
eephyne almost 10 yearsI added the error log
-
Tero Kilkanen almost 10 yearsDoes this file
/tmp/ydlw/pid
exist in/tmp
? If not, then that is the reason for the error message. -
eephyne almost 10 years-rw-r--r-- 1 http http 343 23 juil. 10:12 /tmp/ydlw/pid
-
Michael Hampton almost 10 yearsWhat is your Linux distribution and PHP version and where did you get PHP from?
-
eephyne almost 10 yearsarch linux and PHP 5.5.11 (cli) (built: Apr 2 2014 06:08:28) (from the official arch repo)
-
-
Marcelo almost 9 yearsThank you for that! I spent the whole day trying to figure that out. My brain is melting off my nose for trying so hard to figure that out.
-
Dennis almost 4 yearsI got confused on how exactly to do the steps but this has helped me: maxoberberger.net/blog/2017/10/debian-9-private-tmp.html