Grant user mkdir()

Question

I have a php script where I use the function mkdir() but I get

Warning: mkdir() [function.mkdir]: Permission denied

How can I grant a user permission to this function?

Apache/CentOS

Update

Here's the permission for the folder I'm trying to create folders in:

drwxrwxrwx  2 rayhawkpascom pasgroup 4096 Sep 28 15:07 uploads

* both user and group are recursive.

And here's the members of pasgroup

# grep pasgroup /etc/group
pasgroup:x:562:rayhawkpascom,apache,nobody

* I tried www-data but

# /usr/sbin/usermod -G pasgroup www-data
usermod: user www-data does not exist

To my knowledge, I've done everything right, but it still doesn't work... =\

Without knowing what OS/platform/environment you are working we cannot provide any useful responses. — Zoredache, Sep 28 '11 at 22:35
Linux/Apache/CentOS. The folder I'm trying to create dir's in has the correct own/grp and 777 permissions. — Steve Robbins, Sep 28 '11 at 22:45
Try logging into the apache user (run #sudo su apache), cd to the directory then manually making a folder using mkdir — Silverfire, Sep 28 '11 at 23:26

score 2 · Accepted Answer · answered Sep 28 '11 at 22:58

2

Since you are running this under apache, the apache user (usually www-data) needs write access to the directory it is attempting to run mkdir() in. Either add www-data to the group that owns that directory or do chgrp www-data dir to change the group ownership.

answered Sep 28 '11 at 22:58

slillibri

1,633
1
9
8

FWIW, under CentOS, the user is going to either be "apache" or "nobody". "www-data" is usually found on Debian-based distros. – Charles Sep 28 '11 at 23:01
I've tried this but it didn't work, take a look at the update in my question. – Steve Robbins Sep 28 '11 at 23:22

score 1 · Answer 2 · answered Sep 28 '11 at 23:14

To expand on Slilibri's answer there are a few ways to grant mkdir permissions for Apache and the underlying user (most often www-data but can also be Apache depending on the distro)

Will change the owner of the folder to apache granting R/W/E to the folder and its subfolders but may ruin other programs access to the folder. the -R is optional but if the script wants to create subfolders it may be necessary, if apache is the only one using the folder this would be the best setup.

chown -R www-data folder

Will change the group of the folder but not the owner, this may be enough to create folders but depending on the security settings of the folder it may not. if you run the command

#ls -l
drwxrwxr-x  3 root  admin  102 19 May  2009 httpd

The first string of numbers represent the security settings on that file/folder. the d means its a folder, the first r means the owner can read that file/folder, the 2nd r means that the group can read that folder and the 3rd r means everyone can read that folder. the same theory applies to the x, the first x means the owner can execute the file/folder ect....

the w means write, the first and second w allow write access to the owner and group but the 3rd w is replaced with a '-', as the 3rd letter specifies everyone, this means everyone but the owner and group members can write to this file/folder.

to allow everyone to read/write/execute you can use this command.

 chmod -R 777 folder

better settings are 775 though, 775 allows read/write to only members of the group and the owner, its more secure.

Take a look at the update in my question. It looks like I've already done all of this. — Steve Robbins, Sep 28 '11 at 23:21

Grant user mkdir()

Update

2 Answers2