Symfony 2.8 can't write in /var/lib/php/sessions/

3
votes

I'm a bit confused here in Symfony functionality terms. I have a website which is supposed to write sessions in /var/lib/php/sessions/. I'm confused right there, because in /var/www/html/myproject/ everything is recursively property of www-data:www-data (yes, I'm using Apache). However the owner of /var/lib/php/sessions/ is root, so when Apache tries to write there, I get a 500 server error regarding writing permissions in that directory.

I have divided opinions here. Some people advice me to modify config.yml to manage sessions inside the project directory, while other people say that is a really bad practice. But, how do I get everything targeting /var/lib/php/sessions/ without that file permission error?

Here's what I get via Apache URL:

Oops! An Error Occurred
The server returned a "500 Internal Server Error".
Something is broken. Please let us know what you were doing when this error occurred. We will fix it as soon as possible. Sorry for any inconvenience caused.

Here's what I get via php development webserver:

Warning: SessionHandler::read(): open(/var/lib/php/sessions/sess_u3eg1842nlpkbm0rvddrq37dc2, O_RDWR) failed: Permission denied (13)
500 Internal Server Error - ContextErrorException

I really hope you can help me.

1
phpapachesessionsymfony-2.8
Have you tried setting your session save path to be somewhere that www-data can write to? NOT in your public folder, but perhaps /var/www/sessions/, for example.Rob W
I've avoided that because devs on the office says that's a bad practice. I'll do it right now and see if that works. Is there a way to achieve that in /var/lib/php/sessions/?Alain Alemany

1 Answers

1
votes

In order to create a file the user must have write and execute permission on the directory.

mkdir /tmp/foo
chmod 300 /tmp/foo
touch /tmp/foo/bar
test -e /tmp/foo/bar

In your case setting the 'other' permissions to 3 would allow www-data to write to it. chmod o+wx /var/lib/php/sessions/

In order to remove a file the user must also have write and execute permission on the directory.

In order to list the file names in a directory the user must have read permission on the directory. Note that if you know the filename it's not required to have permissions for listing the directory.

In order to list the properties of a file the user must have execute permission on the directory.

On my computer the permission for /var/lib/php/sessions is drwx-wx-wt. The t indicates execute & sticky bit. Sticky bit for directories means only the owner can delete it.

See Unix File and Directory Permissions and Modes by Wayne Pollock for more info.