Hi,

I have a php page that is attempting to open/create a file with fopen($fn, 'a').

When the file doesn't already exist it fails giving a "failed to open stream: Permission denied" message but if create an empty file first (touch as owner nginx) the script is able to write without problems to the file.

The directory is owner webc:webc and the permissions are 775, php is running as nginx which is in the webc group.

If i put the permissions on the directory to 777 it all works but I want to avoid this.

I've also tried this: set the directory to 777 let the script create the file (it is created with owner nginx as expected) then put the directory back to 775 - the script can still write to the file.....

why is it that create is failing but write works??

(selinux and php safe mode are disabled)

Anyone seen this before? Thanks

Hmm... when you chmod 777 it and let fopen() create the file, what user/group is applied to it?

The reason for the different behavior for create vs. write is that creating a file requires writing to the directory (which is itself just a "file"); once it's created, the directory doesn't need to be written to and life goes on.

_________________

/* TODO: need to add signature to posts */

Your explanation makes sense, and that's kind of how I expected the file system to work. When I leave the directory as 777 and let fopen create the file it's created as nginx:nginx

I specifically put nginx in my webc group so I was expecting a directory with ownership of webc:webc set to 775 would let nginx create files in it

Solved the problem. My php-cgi processes had not been restarted since making the group modifications to my nginx user. From the shell everything seemed ok but these processes (several days later) were still with the 'old' environment.

I found out by running a exec('id' $out); echo $out[0]; to 'see' the truth.

doh!