php script can't access /tmp folder

Question

I have no open_basedir, php can access /etc /usr /proc /home etc… but not /tmp.

tmpfs is mount on /tmp (/tmp type tmpfs (rw)) That's also the reason I want to use the /tmp folder.

My files are owned by http (user for nginx and php) and readable by everyone.

sudo -u http cat /tmp/file is working but anything inside a php script does not (like file_exist() or file()).

edit : the error show in log :

PHP Warning:  file(/tmp/ydlw/pid): failed to open stream: No such file or directory in /srv/http/ydlw/status.php on line 267

edit2: I tested the issue the other way. I made

touch("/tmp/boo");
file_exist("/tmp/boo");

and file_exist return true so the file is created. Then I watched inside /tmp and no "boo" file can be found there. That's what I was afraid, php do not «see» the mount point. Why is that and how can I fix that ?

What is the error returned by those PHP functions? What does PHP error log show? — Tero Kilkanen, Jul 23 '14 at 09:52
Does this file `/tmp/ydlw/pid` exist in `/tmp`? If not, then that is the reason for the error message. — Tero Kilkanen, Jul 23 '14 at 10:01
What is your Linux distribution and PHP version and where did you get PHP from? — Michael Hampton, Jul 23 '14 at 14:50
arch linux and PHP 5.5.11 (cli) (built: Apr 2 2014 06:08:28) (from the official arch repo) — eephyne, Jul 23 '14 at 15:13

eephyne · Accepted Answer · 2014-07-24T07:06:49.260

I found off why, well, someone gave me the global hint.

It's neither the fault of php or tmpfs. The culprit was systemd and his security system PrivateTmp.

For those who get in the same issue that I did, the service php (and probably some others) have the PrivateTmp option to true in the systemd script (/usr/lib/systemd/system).

In that case, a new /tmp is created and isolated from the other one. All the data save inside are deleted once the service is stopped.

It's a security measure since /tmp can contain a lot a sensitive informations and php script are not always secure.

To deactivate this, simply copy the script inside /etc/systemd/system (to avoid overwriting of your changes after an update) and set PrivateTmp to false.

You can also set two or more services to share the same /tmp using JoinsNamespaceOf.

For more information > man systemd.exec

Thank you for that! I spent the whole day trying to figure that out. My brain is melting off my nose for trying so hard to figure that out. — Marcelo, Jul 28 '15 at 13:09
I got confused on how exactly to do the steps but this has helped me: https://www.maxoberberger.net/blog/2017/10/debian-9-private-tmp.html — Dennis, Jun 02 '20 at 17:11

php script can't access /tmp folder

1 Answers1