mkdir() problems

boynatural

I put together code that creates a folder with two more folders within it, once a user inputs certain info. I found that I couldn't delete them using either Ws_FTP or my host's control panel utility. The only way I could delete them was by implementing the rmdir() function through a php page. The folders that I generated using PHP resist almost any manipulation. Any idea why this would be??

My specs:

Operating system Linux
Apache version 1.3.27 (Unix)
PHP version 4.2.3

My code to create the directories:

chdir ("artists");
	mkdir($newName,0755);
	chdir("$newName");
	mkdir('thumbs',0755);
	mkdir('pics',0755);

-- it changes the current directory to "artists" then creates a folder based on the variable $newName; then it changes to the new directory and creates two folders within it.

spirp

It's the way it's supposed to be actually. Or, if the system is setup the way I think it is, it is 🙂

When you call a PHP-script which creates a directory, the script is run as the same user as the webserver, and the owner of the new directory will be the webservers user (typically nobody, www or daemon). When you try to remove it with FTP, the user you log in as is most likely not the same user as the webserver runs as, and you wont have permissions to remove the directory. The 0755 argument to mkdir is actually the filepermissions value, same as used with chmod, which gives the owner full perms, the owners group perms to read and execute, and for all other users perms to read and execute (execute is needed to change into that dir with cd).

// Olle

boynatural

If I follow your explanation correctly, I would have to change the owner on the folders before I could manipulate them with anything other than PHP. Is that right?

spirp

That's true, unless you have superuser access to the system (root). On the other hand, the webserver must run as root to be able to set the owner of the file to someone else, and most likely, the webserver isn't, and it's not a good idea to make it run as root either.

// Olle

boynatural

So what's the solution if I want to create folders, via PHP, that can be easily manipulated by an FTP client??

btw

thanks for the help

spirp

Unfortunately there is no way to do this perfect. The way I would do this is to make the users and the webserver members of the same group (create a new group especially for this purpose). Then set the group-owner of the newly created dir to that group, and the permissions to 775, like this:

$path = "/home/foo";
mkdir("$path/artist");
chgrp("$path/artist", $groupname);
chmod("$path/artist", "0775");

This will allow the group to modify the directory (remove it, move and so on). Something that you'll have to do if you do this is to make the FTP server perform a chroot() so when user [FONT=courier new]foo[/FONT] ftp's in and his start directory is is home ([FONT=courier new]/home/foo[/FONT], that is made his root. This prevents the user from leaving the home-directory. I'll try to show you what I mean with this "log":

[FONT=courier new]
C:>ftp ftp.foo.net
Connected to nic.foo.net.
220 ftp.foo.net FTP Server (bogus software inc.) ready.
User (nic.foo.net🙁none)): bar
331 User bar okay, need password.
Password:
230-
230 Restricted user logged in.
ftp> pwd
257 "/" is cwd.
ftp> cd ..
250 "/" is new cwd.
ftp>
[/FONT]

When the user bar is logged in, his home is the topmost directory (as seen in the bolded line above). This prevents the user from entering other users homes, and thus from tampering with other users files in the artist-dir.

Another important aspect is that you shouldn't give out shell-access to this machine, as users logging in via telnet or ssh will be able to enter other users artist-directories.

Good luck,
Olle