move_uploaded_file gives “failed to open stream: Permission denied” error

153
votes

I keep getting this error when trying to configure the upload directory with Apache 2.2 and PHP 5.3 on CentOS.

In php.ini:

upload_tmp_dir = /var/www/html/mysite/tmp_file_upload/

In httpd.conf:

Directory /var/www/html/mysite/tmp_file_upload/>
    Options  -Indexes
    AllowOverride None
    Order allow,deny
    Allow from all
</Directory>
<Directory /var/www/html/mysite/images/>
                Options -Indexes
</Directory>

CentOS directory permissions:

drwxrwxr-x 2 root root 4096 Nov 11 10:01 images
drwxr-xr-x 2 root root 4096 Nov 12 04:54 tmp_file_upload

No matter what I do, I keep getting this error from PHP when I upload the file:

Warning: move_uploaded_file(images/robot.jpg): failed to open stream: Permission denied in /var/www/html/mysite/process.php on line 78

Warning: move_uploaded_file(): Unable to move '/tmp/phpsKD2Qm' to 'images/robot.jpg' in /var/www/html/mysite/process.php on line 78

As you can see, it never did take the configuration from the php.ini file regarding the upload file.

What am I doing wrong here?

14
phpuploadfile-permissions
775? Maybe your server is running as nobody. Only root can write in this case (your "images" permissions)...Konrad Borowski
what does it means ? how can i change it ?user63898
Remember that ALL parent directories also need to have the right permissions.Sridhar Sarnobat

14 Answers

195
votes

This is because images and tmp_file_upload are only writable by root user. For upload to work we need to make the owner of those folders same as httpd process owner OR make them globally writable (bad practice).

  1. Check apache process owner: $ps aux | grep httpd. The first column will be the owner typically it will be nobody

  2. Change the owner of images and tmp_file_upload to be become nobody or whatever the owner you found in step 1.

    $sudo chown nobody /var/www/html/mysite/images/

$sudo chown nobody /var/www/html/mysite/tmp_file_upload/

  3. Chmod images and tmp_file_upload now to be writable by the owner, if needed [Seems you already have this in place]. Mentioned in @Dmitry Teplyakov answer.

    $ sudo chmod -R 0755 /var/www/html/mysite/images/

$ sudo chmod -R 0755 /var/www/html/mysite/tmp_file_upload/

  4. For more details why this behavior happend, check the manual http://php.net/manual/en/ini.core.php#ini.upload-tmp-dir , note that it also talking about open_basedir directive.

83
votes

You can also run this script to find out the Apache process owner:

<?php echo exec('whoami'); ?>

And then change the owner of the destination directory to what you've got. Use the command:

chown user destination_dir

And then use the command

chmod 755 destination_dir

to change the destination directory permission.

24
votes

This worked for me.

sudo adduser <username> www-data
sudo chown -R www-data:www-data /var/www
sudo chmod -R g+rwX /var/www

Then logout or reboot.

If SELinux complains, try the following

sudo semanage fcontext -a -t httpd_sys_rw_content_t '/var/www(/.*)?'
sudo restorecon -Rv '/var/www(/.*)?'
21
votes

If you have Mac OS X, go to the file root or the folder of your website.

Then right-hand click on it, go to get information, go to the very bottom (Sharing & Permissions), open that, change all read-only to read and write. Make sure to open padlock, go to setting icon, and choose Apply to the enclosed items...

14
votes

I wanted to add this to the previous suggestions. If you are using a version of Linux that has SELinux enabled then you should also execute this in a shell:

chcon -R --type httpd_sys_rw_content_t /path/to/your/directory

Along with giving your web server user permissions either through group or changing of the owner of the directory.

12
votes

Change permissions for this folder

# chmod -R 0755 /var/www/html/mysite/images/

8
votes

Try this:

  1. open /etc/apache2/envvars

    sudo gedit /etc/apache2/envvars

  2. replace www-data with your your_username

    "export APACHE_RUN_USER=www-data"

    replace with

    export APACHE_RUN_USER='your_username'
7
votes

I ran into this related issue even after having already successfully run composer. I updated composer, and when running composer install or php composer.phar install I got:

...failed to open stream: Permission denied...

It turns out after much research that the previous answers regarding changing permissions for the folder worked. They are just slightly different directories now.

In my install, on OS X, the cache file is in /Users/[USER]/.composer/cache, and I was having trouble because the cache file was owned by root. Changing ownership of '.composer' recursively to my user solved the issue.

This is what I did: 

sudo chown -R [USER] cache

Then I ran the composer install again and voila!

5
votes

This problem happens when the apache user (www-data) does not have permission to write in the folder. To solver this problem you need to put the user inside the group www-data.

I just made this:

Execute this php code <?php echo exec('whoami'); ?> to discover the user used by apache. After, execute the commands in the terminal:

user@machine:/# cd /var/www/html

user@machine:/var/www/html# ls -l

It will return something like this:

total of files

drwxr-xr-x 7 user group size date folder

I kept the user but changed the group to www-data

chown -R user:www-data yourprojectfoldername

chmod 775 yourprojectfoldername
5
votes

The solution is so easy. Only right click the IMAGE (destination) folder, go to properties, click the permission tab, and change others access to Create and delete files.

3
votes

Just change the permission of tmp_file_upload to 755 Following is the command chmod -R 755 tmp_file_upload

2
votes

Try this

find /var/www/html/mysite/images/ -type f -print0 | xargs -0 chmod -v 664

1
votes

It happens if SELinux is enabled. Disable that in /etc/selinux/config by setting SELINUX=disabled and restart the server.

0
votes

I have tried all the solutions above, but the following solved my problem

chcon -R -t httpd_sys_rw_content_t your_file_directory