Php 删除文件时,是什么导致权限被拒绝错误?
我正在尝试使用php删除/var/www/main/user_resources/documents/NewFolder1/NewFolder1/noname3.php。如下图所示,文件的所有者和组是phped,它是组可写的,Michael属于phped组。我正在将Centos与Apache一起使用Php 删除文件时,是什么导致权限被拒绝错误?,php,linux,file,permissions,permission-denied,Php,Linux,File,Permissions,Permission Denied,我正在尝试使用php删除/var/www/main/user_resources/documents/NewFolder1/NewFolder1/noname3.php。如下图所示,文件的所有者和组是phped,它是组可写的,Michael属于phped组。我正在将Centos与Apache一起使用 [Michael@devserver NewFolder1]$ pwd /var/www/main/user_resources/documents/NewFolder1/NewFolder1 [M
[Michael@devserver NewFolder1]$ pwd
/var/www/main/user_resources/documents/NewFolder1/NewFolder1
[Michael@devserver NewFolder1]$ ls -l
total 4
-rwxrwxr-x. 1 phped phped 15 Jan 5 07:02 noname3.php
[Michael@devserver NewFolder1]$ groups Michael
Michael : Michael www phped
[Michael@devserver NewFolder1]$
我的PHP脚本是:
echo 'Current script owner: ' . get_current_user().'<br>';
echo($dirname.'</br>');
unlink($dirname);
为什么Michael不能删除该文件?被阻止删除该文件的不是Michael,而是Apache。 您应该将apache设置为此文件的所有者,并且您的脚本可以工作:
chmod 755 -R NewFolder1/
chown -R apache:apache NewFolder1/
现在的问题是,用户Michael将不具有此文件夹的任何ftp权限。
如果您还需要ftp权限,请尝试:
chmod 775 -R /var/www/main/user_resources/documents/NewFolder1/NewFolder1/
chown -R Michael:apache /var/www/main/user_resources/documents/NewFolder1/NewFolder1/
R代表递归,这意味着NewFolder1的所有文件和子文件夹都将继承相同的权限。然而,这并不是真正的建议-特别是如果你在一个共享主机服务器上
要检查文件权限,请使用
ls -la /var/www/main/user_resources/documents/NewFolder1/NewFolder1/
解决方案2:
首先以root用户身份登录!!!
如果您以其他用户身份登录,请键入:
su -
然后提供根密码
然后,导航到本地目录ie:/usr/local/sbin,创建一个名为delete file的脚本,并在其中放入以下行:
#!/bin/sh
[ $# -ne 1 ] && {
echo "usage: $0 <filename>"
exit 1
}
file=`echo $1`
rm -f $file
[ $? -eq 0 ] && echo "File has been deleted from system!" || echo "Failed to delete the file!"
然后编辑/etc/sudoers以添加apache:
...
# Disable "ssh hostname sudo <cmd>", because it will show the password in clear.
# You have to run "ssh -t hostname sudo <cmd>".
#
Defaults requiretty
Defaults:apache !requiretty ###ADD THIS LINE!
#
# Refuse to run if unable to disable echo on the tty. This setting should also be
# changed in order to be able to use sudo without a tty. See requiretty above.
#
...
修改php脚本,使其如下所示:
<?php
...
$filename = "/var/www/main/user_resources/documents/NewFolder1/NewFolder1/file-to-delete.php";
shell_exec('sudo -S /usr/local/sbin/delete-file '.$filename);
...
?>
现在,无论文件的所有者是谁,都应该能够删除文件 根据您显示的信息,您应该能够删除该文件。如果您不能,您可能肯定没有将用于PHP的Linux用户注销,然后将其重新登录。无论您使用哪个用户启动PHP进程,PHP脚本都会使用用户www数据运行,因此让文件所有者Michael也帮不上忙,因为PHP不是使用Michael获得的权限运行,而是使用www数据。试试execchown Michael$dirname@MichaelBerkowski是的,但在允许模式下。@Steini请解释。我没有显示它,但是,apache也属于phped。正如我所展示的,处理不是由Michael而不是apache运行吗?[Michael@devserver新文件夹1]$groups apache:apache www phped这里的重点不是谁拥有或运行脚本:/var/www/main/application/classes/library.php,而是谁拥有要解除链接的文件ie:/var/www/main/user_resources/documents/NewFolder1/NewFolder1/noname3.php只需执行以下操作:ls-la/var/www/main/user_resources/documents/NewFolder1/NewFolder1/to查看要取消链接的文件的权限,并可能在此处发布结果…我确实在原始帖子的顶部显示了权限。我没有使用-a标志,但它只显示隐藏的文件。我遗漏了什么吗?你是对的,我忽略了。。。我看到您对该文件有775个权限。包含文件夹的权限和所有者是否相同?如果没有,请解决这个问题。如果是,请尝试将组从phped更改为apache:chown-R phped:apache/var/www/main/user\u resources/documents/NewFolder1/NewFolder1/并让我知道发生了什么。父文件夹要么相同,要么具有相同权限的Michael:www,一直到root拥有的/var/www。如图所示,apache和Michael都属于www,所以我看不到任何明显的问题,问题存在,我只是看不到它们!
...
# Disable "ssh hostname sudo <cmd>", because it will show the password in clear.
# You have to run "ssh -t hostname sudo <cmd>".
#
Defaults requiretty
Defaults:apache !requiretty ###ADD THIS LINE!
#
# Refuse to run if unable to disable echo on the tty. This setting should also be
# changed in order to be able to use sudo without a tty. See requiretty above.
#
...
...
## Allows members of the users group to shutdown this system
# %users localhost=/sbin/shutdown -h now
## Read drop-in files from /etc/sudoers.d (the # here does not mean a comment)
#includedir /etc/sudoers.d
### ADD THIS NEXT LINE:
apache ALL=(ALL) NOPASSWD: /usr/local/sbin/delete-file
<?php
...
$filename = "/var/www/main/user_resources/documents/NewFolder1/NewFolder1/file-to-delete.php";
shell_exec('sudo -S /usr/local/sbin/delete-file '.$filename);
...
?>