Discussion:
[PHP] PHP Won't Access Files Outside Web Root (Leopard/MacOS X 10.5)
(too old to reply)
Rahul Sitaram Johari
2007-11-01 13:06:41 UTC
Permalink
Ave,

Somehow my PHP won't access, won't even acknowledge the existence of a file
that is outside the /Library/WebServer/Documents folder. This was never a a
problem before in any Mac version - it just started with Leopard.

I don't know what has changed where, in httpd.conf or php.ini or somewhere
else, but something changed that's crippling access to files outside of the
webserver.

This Works in Mac OS X 10.3.9 (i.e., prints File Exists) but the same exact
script does not work in Mac OS X 10.5, and yes, the file is available in
Leopard in the mentioned location - path is exact same - permissions are all
set:

$filename = "/Users/username/Documents/Transfers/test.txt";
if (file_exists($filename)) {
echo "The file $filename exists<br><br>";
} else {
echo "The file $filename does not exist<br><br>";
}

I¹ve already checked safe_mode which is Off and open_basedir which is not
set ­ same settings as php.ini from before.
Any ideas what might be causing this?

Thanks!

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Rahul Sitaram Johari
CEO, Twenty Four Seventy Nine Inc.

W: http://www.rahulsjohari.com
E: ***@rahulsjohari.com

³I morti non sono piu soli ... The dead are no longer lonely²
Robert Cummings
2007-11-01 13:46:46 UTC
Permalink
Post by Rahul Sitaram Johari
Ave,
Somehow my PHP won't access, won't even acknowledge the existence of a file
that is outside the /Library/WebServer/Documents folder. This was never a a
problem before in any Mac version - it just started with Leopard.
I don't know what has changed where, in httpd.conf or php.ini or somewhere
else, but something changed that's crippling access to files outside of the
webserver.
This Works in Mac OS X 10.3.9 (i.e., prints File Exists) but the same exact
script does not work in Mac OS X 10.5, and yes, the file is available in
Leopard in the mentioned location - path is exact same - permissions are all
$filename = "/Users/username/Documents/Transfers/test.txt";
if (file_exists($filename)) {
echo "The file $filename exists<br><br>";
} else {
echo "The file $filename does not exist<br><br>";
}
I¹ve already checked safe_mode which is Off and open_basedir which is not
set ­ same settings as php.ini from before.
Any ideas what might be causing this?
Have you checked phpinfo() to check that the php.ini being loaded is the
one you think is being loaded? Also, are you get any warnings or
notices?

Cheers,
Rob.
--
...........................................................
SwarmBuy.com - http://www.swarmbuy.com

Leveraging the buying power of the masses!
...........................................................
Daniel Brown
2007-11-01 14:22:24 UTC
Permalink
Post by Robert Cummings
Post by Rahul Sitaram Johari
Ave,
Somehow my PHP won't access, won't even acknowledge the existence of a file
that is outside the /Library/WebServer/Documents folder. This was never a a
problem before in any Mac version - it just started with Leopard.
I don't know what has changed where, in httpd.conf or php.ini or somewhere
else, but something changed that's crippling access to files outside of the
webserver.
This Works in Mac OS X 10.3.9 (i.e., prints File Exists) but the same exact
script does not work in Mac OS X 10.5, and yes, the file is available in
Leopard in the mentioned location - path is exact same - permissions are all
$filename = "/Users/username/Documents/Transfers/test.txt";
if (file_exists($filename)) {
echo "The file $filename exists<br><br>";
} else {
echo "The file $filename does not exist<br><br>";
}
I¹ve already checked safe_mode which is Off and open_basedir which is not
set ­ same settings as php.ini from before.
Any ideas what might be causing this?
Have you checked phpinfo() to check that the php.ini being loaded is the
one you think is being loaded? Also, are you get any warnings or
notices?
Cheers,
Rob.
--
...........................................................
SwarmBuy.com - http://www.swarmbuy.com
Leveraging the buying power of the masses!
...........................................................
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Also make sure that it's not something simple that you may have
accidentally overlooked as well:

1.) Did you restart Apache after making any changes to php.ini or
httpd.conf?
2.) The path is cAsE-sEnSiTiVe. Did you make sure that it's
EXACTLY the same?
3.) Is any part of that symlinked, and if so, does Apache allow
FollowSymLinks?
4.) Is the account jailed or chroot'ed?
--
Daniel P. Brown
[office] (570-) 587-7080 Ext. 272
[mobile] (570-) 766-8107

Give a man a fish, he'll eat for a day. Then you'll find out he was
allergic and is hospitalized. See? No good deed goes unpunished....
Rahul Sitaram Johari
2007-11-01 14:32:10 UTC
Permalink
Post by Daniel Brown
Post by Rahul Sitaram Johari
Ave,
Somehow my PHP won't access, won't even acknowledge the existence of a file
that is outside the /Library/WebServer/Documents folder. This was never a a
problem before in any Mac version - it just started with Leopard.
I don't know what has changed where, in httpd.conf or php.ini or somewhere
else, but something changed that's crippling access to files outside of the
webserver.
This Works in Mac OS X 10.3.9 (i.e., prints File Exists) but the same exact
script does not work in Mac OS X 10.5, and yes, the file is available in
Leopard in the mentioned location - path is exact same - permissions are all
$filename = "/Users/username/Documents/Transfers/test.txt";
if (file_exists($filename)) {
echo "The file $filename exists<br><br>";
} else {
echo "The file $filename does not exist<br><br>";
}
I¹ve already checked safe_mode which is Off and open_basedir which is not
set ­ same settings as php.ini from before.
Any ideas what might be causing this?
Also make sure that it's not something simple that you may have
1.) Did you restart Apache after making any changes to php.ini or
httpd.conf?
2.) The path is cAsE-sEnSiTiVe. Did you make sure that it's
EXACTLY the same?
3.) Is any part of that symlinked, and if so, does Apache allow
FollowSymLinks?
4.) Is the account jailed or chroot'ed?
1) Checked!
2) Checked!
3) It is symlinked indeed!! Where in httpd.conf do I need to specify
FollowSymLinks? I'm running Apache 2.2.6 with PHP 5.2.4 on Mac OS X 10.5
4) chroot'ed? Basically I'm mounting a windows network share on a share
point and during mount I'm giving it full read/write permissions.
(mount_smbfs -f 777 -d 777 //user:***@ip/share sharePoint)


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Rahul Sitaram Johari
CEO, Twenty Four Seventy Nine Inc.

W: http://www.rahulsjohari.com
E: ***@rahulsjohari.com

³I morti non sono piu soli ... The dead are no longer lonely²
Daniel Brown
2007-11-01 14:41:37 UTC
Permalink
Post by Rahul Sitaram Johari
Post by Daniel Brown
1.) Did you restart Apache after making any changes to php.ini or
httpd.conf?
2.) The path is cAsE-sEnSiTiVe. Did you make sure that it's
EXACTLY the same?
3.) Is any part of that symlinked, and if so, does Apache allow
FollowSymLinks?
4.) Is the account jailed or chroot'ed?
1) Checked!
2) Checked!
3) It is symlinked indeed!! Where in httpd.conf do I need to specify
FollowSymLinks? I'm running Apache 2.2.6 with PHP 5.2.4 on Mac OS X 10.5
Bah! Sorry to give you false hope on that, Rahul. I re-read the
post and my responses, and Apache would actually have nothing to do
with this particular problem. In any case, in your httpd.conf file,
you can enable FollowSymLinks near your AllowOverride directives. It
won't help in this case, but that's where it resides, nonetheless.

If you `su -` to the user as which the PHP script is running, does
that user have permission to access the Windows share? Are you
running this from the CLI or the web (I just noticed in the email you
just sent to Rob that it's a web error message).

Try this:

Take *just* that part of the script and run it from the CLI as
yourself to see if you can "see" the file. If not, try it as root.
If you can, then `su -` to the account under which Apache is
daemonized. You may need to update /etc/passwd to allow a shell to be
opened for that account.

When running the simple script from the CLI as the web server
account, can you see the file? Can you change to that directory?

It may very well be that the account under which Apache runs is
jailed/chroot'ed.
--
Daniel P. Brown
[office] (570-) 587-7080 Ext. 272
[mobile] (570-) 766-8107

Give a man a fish, he'll eat for a day. Then you'll find out he was
allergic and is hospitalized. See? No good deed goes unpunished....
Rahul Sitaram Johari
2007-11-01 16:09:30 UTC
Permalink
Post by Daniel Brown
Post by Rahul Sitaram Johari
Post by Daniel Brown
1.) Did you restart Apache after making any changes to php.ini or
httpd.conf?
2.) The path is cAsE-sEnSiTiVe. Did you make sure that it's
EXACTLY the same?
3.) Is any part of that symlinked, and if so, does Apache allow
FollowSymLinks?
4.) Is the account jailed or chroot'ed?
1) Checked!
2) Checked!
3) It is symlinked indeed!! Where in httpd.conf do I need to specify
FollowSymLinks? I'm running Apache 2.2.6 with PHP 5.2.4 on Mac OS X 10.5
Bah! Sorry to give you false hope on that, Rahul. I re-read the
post and my responses, and Apache would actually have nothing to do
with this particular problem. In any case, in your httpd.conf file,
you can enable FollowSymLinks near your AllowOverride directives. It
won't help in this case, but that's where it resides, nonetheless.
If you `su -` to the user as which the PHP script is running, does
that user have permission to access the Windows share? Are you
running this from the CLI or the web (I just noticed in the email you
just sent to Rob that it's a web error message).
Take *just* that part of the script and run it from the CLI as
yourself to see if you can "see" the file. If not, try it as root.
If you can, then `su -` to the account under which Apache is
daemonized. You may need to update /etc/passwd to allow a shell to be
opened for that account.
When running the simple script from the CLI as the web server
account, can you see the file? Can you change to that directory?
It may very well be that the account under which Apache runs is
jailed/chroot'ed.
Well FollowSymLinks was present in my httpd.conf, and it's definitely not
the problem. I think the problem is the fact that on in Panther, I was able
to specify Apache Web Server to be the User/Group for the share being
mounted with -u 70 -g 70 during mount_smbfs.

In Leopard I'm not able to do that because they eliminated the -u -g
arguments for mount_smbfs - in fact they even eliminated NetInfo Manager so
I don't even know Apache's UID & GID.

So after mounting the share on the share point, this is what happens:
Loading Image... (It's a screenshot of difference
between Panther & Leopard on the same folder showing different User/Group).

As you can see files within the mounted share had "www" (Apache) as the user
& group and PHP didn't have any problems accessing the files. But in
Leopard, "www" (Apache) is not the user/group.

I don't know what you have to do in Leopard to mount a share giving it a
User/Group of your choice.



~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Rahul Sitaram Johari
CEO, Twenty Four Seventy Nine Inc.

W: http://www.rahulsjohari.com
E: ***@rahulsjohari.com

³I morti non sono piu soli ... The dead are no longer lonely²
Daniel Brown
2007-11-01 16:17:56 UTC
Permalink
Post by Rahul Sitaram Johari
Post by Daniel Brown
Post by Rahul Sitaram Johari
Post by Daniel Brown
1.) Did you restart Apache after making any changes to php.ini or
httpd.conf?
2.) The path is cAsE-sEnSiTiVe. Did you make sure that it's
EXACTLY the same?
3.) Is any part of that symlinked, and if so, does Apache allow
FollowSymLinks?
4.) Is the account jailed or chroot'ed?
1) Checked!
2) Checked!
3) It is symlinked indeed!! Where in httpd.conf do I need to specify
FollowSymLinks? I'm running Apache 2.2.6 with PHP 5.2.4 on Mac OS X 10.5
Bah! Sorry to give you false hope on that, Rahul. I re-read the
post and my responses, and Apache would actually have nothing to do
with this particular problem. In any case, in your httpd.conf file,
you can enable FollowSymLinks near your AllowOverride directives. It
won't help in this case, but that's where it resides, nonetheless.
If you `su -` to the user as which the PHP script is running, does
that user have permission to access the Windows share? Are you
running this from the CLI or the web (I just noticed in the email you
just sent to Rob that it's a web error message).
Take *just* that part of the script and run it from the CLI as
yourself to see if you can "see" the file. If not, try it as root.
If you can, then `su -` to the account under which Apache is
daemonized. You may need to update /etc/passwd to allow a shell to be
opened for that account.
When running the simple script from the CLI as the web server
account, can you see the file? Can you change to that directory?
It may very well be that the account under which Apache runs is
jailed/chroot'ed.
Well FollowSymLinks was present in my httpd.conf, and it's definitely not
the problem. I think the problem is the fact that on in Panther, I was able
to specify Apache Web Server to be the User/Group for the share being
mounted with -u 70 -g 70 during mount_smbfs.
In Leopard I'm not able to do that because they eliminated the -u -g
arguments for mount_smbfs - in fact they even eliminated NetInfo Manager so
I don't even know Apache's UID & GID.
http://www.troyjobs.com/media/smb.gif (It's a screenshot of difference
between Panther & Leopard on the same folder showing different User/Group).
As you can see files within the mounted share had "www" (Apache) as the user
& group and PHP didn't have any problems accessing the files. But in
Leopard, "www" (Apache) is not the user/group.
I don't know what you have to do in Leopard to mount a share giving it a
User/Group of your choice.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Rahul Sitaram Johari
CEO, Twenty Four Seventy Nine Inc.
W: http://www.rahulsjohari.com
³I morti non sono piu soli ... The dead are no longer lonely²
Rahul,

The image you showed indicates that there is no user account
associated with UID 501 on Leopard. That particular UID is, on most
*nix-based systems, the second-lowest-available default UID for a
user-created account (starting at 500, unless you specify otherwise).

Try creating an account on Leopard (you may have to do two, unless
you want to edit /etc/passwd) and then `ls -l` the Leopard view of the
share again. You'll see 501 disappear and be replaced by the name
associated with UID 501. Then just see what the GID associated with
the group 'admin' is and update that, if need be.

The fix for this could be as simple as `su -`'ing to root and
chown'ing the directory to the UID/GID of the web server, but I don't
know how much conflict that will cause for the rest of your system, so
that's entirely up to you.
--
Daniel P. Brown
[office] (570-) 587-7080 Ext. 272
[mobile] (570-) 766-8107

Give a man a fish, he'll eat for a day. Then you'll find out he was
allergic and is hospitalized. See? No good deed goes unpunished....
Rahul Sitaram Johari
2007-11-01 16:38:52 UTC
Permalink
Post by Daniel Brown
Post by Rahul Sitaram Johari
Well FollowSymLinks was present in my httpd.conf, and it's definitely not
the problem. I think the problem is the fact that on in Panther, I was able
to specify Apache Web Server to be the User/Group for the share being
mounted with -u 70 -g 70 during mount_smbfs.
In Leopard I'm not able to do that because they eliminated the -u -g
arguments for mount_smbfs - in fact they even eliminated NetInfo Manager so
I don't even know Apache's UID & GID.
http://www.troyjobs.com/media/smb.gif (It's a screenshot of difference
between Panther & Leopard on the same folder showing different User/Group).
As you can see files within the mounted share had "www" (Apache) as the user
& group and PHP didn't have any problems accessing the files. But in
Leopard, "www" (Apache) is not the user/group.
I don't know what you have to do in Leopard to mount a share giving it a
User/Group of your choice.
Rahul,
The image you showed indicates that there is no user account
associated with UID 501 on Leopard. That particular UID is, on most
*nix-based systems, the second-lowest-available default UID for a
user-created account (starting at 500, unless you specify otherwise).
Try creating an account on Leopard (you may have to do two, unless
you want to edit /etc/passwd) and then `ls -l` the Leopard view of the
share again. You'll see 501 disappear and be replaced by the name
associated with UID 501. Then just see what the GID associated with
the group 'admin' is and update that, if need be.
The fix for this could be as simple as `su -`'ing to root and
chown'ing the directory to the UID/GID of the web server, but I don't
know how much conflict that will cause for the rest of your system, so
that's entirely up to you.
Daniel,

You're on the right track. I do realize the UID 501 and how to change that,
I think my biggest two problems right now are:

A) I don't know what's the UID/GID of Apache in Leopard. It used to be 70 in
Panther and I don't know if it's changed or not. They eliminated NetInfo
Manager so I don't even know how to find out.

B) Even if I did find out, I don't know how to apply Apache's UID/GID to
mounted share while mounting. I could possibly go in and manually give the
folder the UID/GID using terminal.

Is there a Terminal way of figuring out the UID/GID of something like admin,
apache etcetera?

PS: I know it's going OT!
Daniel Brown
2007-11-01 16:43:21 UTC
Permalink
Post by Rahul Sitaram Johari
Is there a Terminal way of figuring out the UID/GID of something like admin,
apache etcetera?
PS: I know it's going OT!
Yes, you'll find those UIDs in /etc/passwd. For example:
apache:x:48:48:Apache:/var/www:/sbin/nologin

That means my Apache server runs with UID 48 and GID 48, with
/var/www as the home directory and /sbin/nologin as the shell.
--
Daniel P. Brown
[office] (570-) 587-7080 Ext. 272
[mobile] (570-) 766-8107

Give a man a fish, he'll eat for a day. Then you'll find out he was
allergic and is hospitalized. See? No good deed goes unpunished....
Rahul Sitaram Johari
2007-11-01 18:12:04 UTC
Permalink
Post by Daniel Brown
Post by Rahul Sitaram Johari
Is there a Terminal way of figuring out the UID/GID of something like admin,
apache etcetera?
PS: I know it's going OT!
apache:x:48:48:Apache:/var/www:/sbin/nologin
That means my Apache server runs with UID 48 and GID 48, with
/var/www as the home directory and /sbin/nologin as the shell.
Well, chown is not able to change the User/Group for the mounted files at
all. It simply doesn't change anything at all. I guess the only way to
define a User/Group for a share being mounted is "while" mounting the share,
which was a piece of cake in earlier mac's with mount_smbfs -u UID -g GID
... Of course this was eliminated in Leopard - now I don't know what to do !
Rahul Sitaram Johari
2007-11-01 14:29:10 UTC
Permalink
Post by Robert Cummings
Post by Rahul Sitaram Johari
Ave,
Somehow my PHP won't access, won't even acknowledge the existence of a file
that is outside the /Library/WebServer/Documents folder. This was never a a
problem before in any Mac version - it just started with Leopard.
I don't know what has changed where, in httpd.conf or php.ini or somewhere
else, but something changed that's crippling access to files outside of the
webserver.
This Works in Mac OS X 10.3.9 (i.e., prints File Exists) but the same exact
script does not work in Mac OS X 10.5, and yes, the file is available in
Leopard in the mentioned location - path is exact same - permissions are all
$filename = "/Users/username/Documents/Transfers/test.txt";
if (file_exists($filename)) {
echo "The file $filename exists<br><br>";
} else {
echo "The file $filename does not exist<br><br>";
}
I¹ve already checked safe_mode which is Off and open_basedir which is not
set ­ same settings as php.ini from before.
Any ideas what might be causing this?
Have you checked phpinfo() to check that the php.ini being loaded is the
one you think is being loaded? Also, are you get any warnings or
notices?
Yes. Checked phpinfo() ... Correct php.ini loaded.

On fopen(), I get the following warning:

Warning: fopen(/Library/WebServer/Documents/Misc/osm/ox.txt)
[function.fopen]: failed to open stream: Permission denied in
/Library/WebServer/Documents/Misc/test.php on line 5

I was using if/else before with file_exists() or is_readable() and it didn't
give me any warnings or notices. Now I tried with fopen() and it does indeed
give me a warning.

One thing I must point out is that "osm" is a Share Point which has a
windows network share mounted on it (via SMB).

I'm not sure where the problems are in permissions, because while mounting,
I'm allowing full read/write permissions to share:
Mount_smbfs -f 777 -d 777 //user:***@ip/share sharePoint


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Rahul Sitaram Johari
CEO, Twenty Four Seventy Nine Inc.

W: http://www.rahulsjohari.com
E: ***@rahulsjohari.com

³I morti non sono piu soli ... The dead are no longer lonely²
Jim Lucas
2007-11-01 21:54:17 UTC
Permalink
Post by Rahul Sitaram Johari
Ave,
Somehow my PHP won't access, won't even acknowledge the existence of a file
that is outside the /Library/WebServer/Documents folder. This was never a a
problem before in any Mac version - it just started with Leopard.
I don't know what has changed where, in httpd.conf or php.ini or somewhere
else, but something changed that's crippling access to files outside of the
webserver.
This Works in Mac OS X 10.3.9 (i.e., prints File Exists) but the same exact
script does not work in Mac OS X 10.5, and yes, the file is available in
Leopard in the mentioned location - path is exact same - permissions are all
$filename = "/Users/username/Documents/Transfers/test.txt";
if (file_exists($filename)) {
echo "The file $filename exists<br><br>";
} else {
echo "The file $filename does not exist<br><br>";
}
I¹ve already checked safe_mode which is Off and open_basedir which is not
set ­ same settings as php.ini from before.
Any ideas what might be causing this?
Thanks!
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Rahul Sitaram Johari
CEO, Twenty Four Seventy Nine Inc.
W: http://www.rahulsjohari.com
³I morti non sono piu soli ... The dead are no longer lonely²
Sounds like a clear case of Apache being chroot'ed.

This is based off the BSD style setup I believe. Which I believe Mac uses, So, I would check your
startup line for Apache. I did some googling, but I could not find anything to confirm my thinking
that the Mac Apache configuration is anything like the default OpenBSD setup.

I know you can manually start httpd with the -u flag to disable chrooting

Again, I can't find any examples of the Mac setup, but my money would be on chrooting as the problem.
--
Jim Lucas

"Some men are born to greatness, some achieve greatness,
and some have greatness thrust upon them."

Twelfth Night, Act II, Scene V
by William Shakespeare
Jason Pruim
2007-11-02 12:26:44 UTC
Permalink
Post by Jim Lucas
Post by Rahul Sitaram Johari
Ave,
Somehow my PHP won't access, won't even acknowledge the existence of a file
that is outside the /Library/WebServer/Documents folder. This was never a a
problem before in any Mac version - it just started with Leopard.
I don't know what has changed where, in httpd.conf or php.ini or somewhere
else, but something changed that's crippling access to files
outside of the
webserver.
This Works in Mac OS X 10.3.9 (i.e., prints File Exists) but the same exact
script does not work in Mac OS X 10.5, and yes, the file is
available in
Leopard in the mentioned location - path is exact same -
permissions are all
$filename = "/Users/username/Documents/Transfers/test.txt";
if (file_exists($filename)) {
echo "The file $filename exists<br><br>";
} else {
echo "The file $filename does not exist<br><br>";
}
I¹ve already checked safe_mode which is Off and open_basedir which is not
set same settings as php.ini from before.
Any ideas what might be causing this?
Thanks!
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Rahul Sitaram Johari
CEO, Twenty Four Seventy Nine Inc.
W: http://www.rahulsjohari.com
³I morti non sono piu soli ... The dead are no longer lonely²
Sounds like a clear case of Apache being chroot'ed.
This is based off the BSD style setup I believe. Which I believe
Mac uses, So, I would check your startup line for Apache. I did
some googling, but I could not find anything to confirm my thinking
that the Mac Apache configuration is anything like the default
OpenBSD setup.
I know you can manually start httpd with the -u flag to disable chrooting
Again, I can't find any examples of the Mac setup, but my money
would be on chrooting as the problem.
I have been a Mac user for my entire computing life, and although I
can't tell you the difference between Apple's setup and OpenBSD's set
up.. I can point you to a list that would definitely be able to help.
which is: http://lists.apple.com/mailman/listinfo/macos-x-server

That list as some of the most knowledgeable mac Heads I have ever
dealt with, and they have helped me through all kinds of stuff.

If anyone can tell you, they can.


--

Jason Pruim
Raoset Inc.
Technology Manager
MQC Specialist
3251 132nd ave
Holland, MI, 49424
www.raoset.com
***@raoset.com
Daniel Brown
2007-11-02 13:57:50 UTC
Permalink
I have been a Mac user for my entire computing life....
Well, then way to chime in 14 hours late there, Pruim! ;-P
--
Daniel P. Brown
[office] (570-) 587-7080 Ext. 272
[mobile] (570-) 766-8107

Give a man a fish, he'll eat for a day. Then you'll find out he was
allergic and is hospitalized. See? No good deed goes unpunished....
Jason Pruim
2007-11-02 14:13:54 UTC
Permalink
Post by Daniel Brown
I have been a Mac user for my entire computing life....
Well, then way to chime in 14 hours late there, Pruim! ;-P
What can I say? :) Better late then never :P


--

Jason Pruim
Raoset Inc.
Technology Manager
MQC Specialist
3251 132nd ave
Holland, MI, 49424
www.raoset.com
***@raoset.com
Jason Pruim
2007-11-02 14:19:09 UTC
Permalink
Post by Jason Pruim
Post by Daniel Brown
I have been a Mac user for my entire computing life....
Well, then way to chime in 14 hours late there, Pruim! ;-P
What can I say? :) Better late then never :P
Keep telling yourself that.... ;-P
Oh, definitely will :) Along with how I am the best php programmer out
there and how I'm better then everyone else :P

Have I mentioned I'm also humble? Or delusional... at least if you
look at the archives and see the questions I've asked :P

That reminds me... I need to get some more RAID... I ran out of my
last can awhile back and now I have rants covering my desktop :P


--

Jason Pruim
Raoset Inc.
Technology Manager
MQC Specialist
3251 132nd ave
Holland, MI, 49424
www.raoset.com
***@raoset.com
Daniel Brown
2007-11-02 14:18:59 UTC
Permalink
Post by Jason Pruim
Post by Daniel Brown
I have been a Mac user for my entire computing life....
Well, then way to chime in 14 hours late there, Pruim! ;-P
What can I say? :) Better late then never :P
Keep telling yourself that.... ;-P
--
Daniel P. Brown
[office] (570-) 587-7080 Ext. 272
[mobile] (570-) 766-8107

Give a man a fish, he'll eat for a day. Then you'll find out he was
allergic and is hospitalized. See? No good deed goes unpunished....
Rahul Sitaram Johari
2007-11-02 14:55:26 UTC
Permalink
Post by Jason Pruim
Post by Jim Lucas
Sounds like a clear case of Apache being chroot'ed.
This is based off the BSD style setup I believe. Which I believe
Mac uses, So, I would check your startup line for Apache. I did
some googling, but I could not find anything to confirm my thinking
that the Mac Apache configuration is anything like the default
OpenBSD setup.
I know you can manually start httpd with the -u flag to disable chrooting
Again, I can't find any examples of the Mac setup, but my money
would be on chrooting as the problem.
I have been a Mac user for my entire computing life, and although I
can't tell you the difference between Apple's setup and OpenBSD's set
up.. I can point you to a list that would definitely be able to help.
which is: http://lists.apple.com/mailman/listinfo/macos-x-server
That list as some of the most knowledgeable mac Heads I have ever
dealt with, and they have helped me through all kinds of stuff.
If anyone can tell you, they can.
That sounds like a good place to look.

I actually did figure out a way to make this work. It appears that Apache
Web Server did not have enough permissions to read files on a mounted share,
simply because Leopard eliminated the -u -g arguments for mount_smbfs - so
basically my guess was right on target.

I was able to figure out the workaround to mounting a share giving it
specific user/group:

Sudo -u www mount_smbfs -f 0777 -d 0777 //usr:***@ip/share node

That works!
It mounts the share as "www" - which is Apache Web Server - and my PHP
scripts had no problem reading files of the share on my Website.

Now I need to figure out how to write an AppleScript (or use the Automator)
to automate the process on every boot up. I had an AppleScript before to do
this - but it's changed now.

Thanks guys.

PS: You guys are funny! And brilliant!!



~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Rahul Sitaram Johari
CEO, Twenty Four Seventy Nine Inc.

W: http://www.rahulsjohari.com
E: ***@rahulsjohari.com

³I morti non sono piu soli ... The dead are no longer lonely²
Daniel Brown
2007-11-02 15:12:18 UTC
Permalink
Post by Rahul Sitaram Johari
Post by Jason Pruim
Post by Jim Lucas
Sounds like a clear case of Apache being chroot'ed.
This is based off the BSD style setup I believe. Which I believe
Mac uses, So, I would check your startup line for Apache. I did
some googling, but I could not find anything to confirm my thinking
that the Mac Apache configuration is anything like the default
OpenBSD setup.
I know you can manually start httpd with the -u flag to disable chrooting
Again, I can't find any examples of the Mac setup, but my money
would be on chrooting as the problem.
I have been a Mac user for my entire computing life, and although I
can't tell you the difference between Apple's setup and OpenBSD's set
up.. I can point you to a list that would definitely be able to help.
which is: http://lists.apple.com/mailman/listinfo/macos-x-server
That list as some of the most knowledgeable mac Heads I have ever
dealt with, and they have helped me through all kinds of stuff.
If anyone can tell you, they can.
That sounds like a good place to look.
I actually did figure out a way to make this work. It appears that Apache
Web Server did not have enough permissions to read files on a mounted share,
simply because Leopard eliminated the -u -g arguments for mount_smbfs - so
basically my guess was right on target.
I was able to figure out the workaround to mounting a share giving it
That works!
It mounts the share as "www" - which is Apache Web Server - and my PHP
scripts had no problem reading files of the share on my Website.
Now I need to figure out how to write an AppleScript (or use the Automator)
to automate the process on every boot up. I had an AppleScript before to do
this - but it's changed now.
Thanks guys.
PS: You guys are funny! And brilliant!!
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Rahul Sitaram Johari
CEO, Twenty Four Seventy Nine Inc.
W: http://www.rahulsjohari.com
³I morti non sono piu soli ... The dead are no longer lonely²
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Rahul,

I believe all of the modern MacOS variants still use the
*nix-style (due to being based on BSD) rc.d startups, right? If so:

sudo echo "sudo -u www mount_smbfs -f 0777 -d 0777
//usr:***@ip/share node" > /etc/rc.d/init.d/winsharemount
sudo chmod 755 /etc/rc.d/init.d/windsharemount
sudo ln -s /etc/rc.d/init.d/winsharemount /etc/rc.d/rc3.d/S74winsharemount
sudo ln -s /etc/rc.d/init.d/winsharemount /etc/rc.d/rc5.d/S74winsharemount

That should help automate it on startup in single-user and
multi-user mode (rc3 and rc5, respectively).
--
Daniel P. Brown
[office] (570-) 587-7080 Ext. 272
[mobile] (570-) 766-8107

Give a man a fish, he'll eat for a day. Then you'll find out he was
allergic and is hospitalized. See? No good deed goes unpunished....
Rahul Sitaram Johari
2007-11-02 16:11:35 UTC
Permalink
Post by Daniel Brown
Post by Rahul Sitaram Johari
That sounds like a good place to look.
I actually did figure out a way to make this work. It appears that Apache
Web Server did not have enough permissions to read files on a mounted share,
simply because Leopard eliminated the -u -g arguments for mount_smbfs - so
basically my guess was right on target.
I was able to figure out the workaround to mounting a share giving it
That works!
It mounts the share as "www" - which is Apache Web Server - and my PHP
scripts had no problem reading files of the share on my Website.
Now I need to figure out how to write an AppleScript (or use the Automator)
to automate the process on every boot up. I had an AppleScript before to do
this - but it's changed now.
Thanks guys.
PS: You guys are funny! And brilliant!!
Rahul,
I believe all of the modern MacOS variants still use the
sudo echo "sudo -u www mount_smbfs -f 0777 -d 0777
sudo chmod 755 /etc/rc.d/init.d/windsharemount
sudo ln -s /etc/rc.d/init.d/winsharemount /etc/rc.d/rc3.d/S74winsharemount
sudo ln -s /etc/rc.d/init.d/winsharemount /etc/rc.d/rc5.d/S74winsharemount
That should help automate it on startup in single-user and
multi-user mode (rc3 and rc5, respectively).
WOW! You are a Rock Star!
I haven't tried it out on my machine but looks promising - and yes - I do
agree that Mac's being based on the BSD are after all *nix at the core, I'm
pretty positive that should work.

Thanks! I'll post back.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Rahul Sitaram Johari
CEO, Twenty Four Seventy Nine Inc.

W: http://www.rahulsjohari.com
E: ***@rahulsjohari.com

³I morti non sono piu soli ... The dead are no longer lonely²
Rahul S. Johari
2007-11-06 15:16:34 UTC
Permalink
Post by Daniel Brown
Rahul,
I believe all of the modern MacOS variants still use the
sudo echo "sudo -u www mount_smbfs -f 0777 -d 0777
sudo chmod 755 /etc/rc.d/init.d/windsharemount
sudo ln -s /etc/rc.d/init.d/winsharemount /etc/rc.d/rc3.d/S74winsharemount
sudo ln -s /etc/rc.d/init.d/winsharemount /etc/rc.d/rc5.d/S74winsharemount
That should help automate it on startup in single-user and
multi-user mode (rc3 and rc5, respectively).
Daniel,

I couldn't find an /etc/rd.d or rc3.d on my system at all. I've been
manually mounting after each boot, so still looking for an automated
mounting solution. Thought I'd let you know.
Thanks!
Nathan Nobbe
2007-11-06 17:03:32 UTC
Permalink
Post by Rahul S. Johari
I couldn't find an /etc/rd.d or rc3.d on my system at all. I've been
manually mounting after each boot, so still looking for an automated
mounting solution.
look for /etc/fstab

-nathan
Rahul S. Johari
2007-11-06 17:32:45 UTC
Permalink
Post by Nathan Nobbe
Post by Rahul S. Johari
I couldn't find an /etc/rd.d or rc3.d on my system at all. I've been
manually mounting after each boot, so still looking for an automated
mounting solution.
look for /etc/fstab
-nathan
Nathan,

Found /etc/fstab.hd ... But it's contents are conspicuous:

IGNORE THIS FILE.
This file does nothing, contains no useful data, and might go away in
future releases. Do not depend on this file or its contents.

!!!
Nathan Nobbe
2007-11-06 17:57:48 UTC
Permalink
Post by Rahul S. Johari
Post by Nathan Nobbe
Post by Rahul S. Johari
I couldn't find an /etc/rd.d or rc3.d on my system at all. I've been
manually mounting after each boot, so still looking for an automated
mounting solution.
look for /etc/fstab
-nathan
Nathan,
IGNORE THIS FILE.
This file does nothing, contains no useful data, and might go away in
future releases. Do not depend on this file or its contents.
!!!
perhaps if you google around on something like mac os x /etc/fstab
something useful will turn up. im sure there is an alternative mechanism
to mount things at boot time on that system.

-nathan
Rahul S. Johari
2007-11-06 18:47:37 UTC
Permalink
Post by Nathan Nobbe
Post by Rahul S. Johari
Post by Nathan Nobbe
Post by Rahul S. Johari
I couldn't find an /etc/rd.d or rc3.d on my system at all. I've been
manually mounting after each boot, so still looking for an automated
mounting solution.
look for /etc/fstab
-nathan
Nathan,
IGNORE THIS FILE.
This file does nothing, contains no useful data, and might go away in
future releases. Do not depend on this file or its contents.
!!!
perhaps if you google around on something like mac os x /etc/fstab
something useful will turn up. im sure there is an alternative mechanism
to mount things at boot time on that system.
-nathan
Oh I've been living off of Google since I upgraded to Leopard ;)
The problem is, Leopard is so new, there's not so much information out there
yet about various services & issues coming up with Leopard. Back when I had
Panther (10.3.9), it was a quick jump on Google that would rid me of all
Worldly Problems. Information is very slowly trickling out about things in
Leopard - they just changed SO MANY things in Leopard, it's not even funny.
Rahul S. Johari
2007-11-06 19:23:34 UTC
Permalink
Post by Nathan Nobbe
perhaps if you google around on something like mac os x /etc/fstab
something useful will turn up. im sure there is an alternative mechanism
to mount things at boot time on that system.
-nathan
For whatever reason, when I first attempted this following AppleScript, it
didn't work - for whatever reason - coming back to it and trying it again,
it simply just Worked!

I've set it to run on Login and it's actually working fine. Rebooted my
system a couple of times and it automatically mounted the shares with
designated permissions each time upon boot up.

~~~
do shell script "sudo -u www mount_smbfs -f 0777 -d 0777
//usr:***@ip/Transfer /Library/WebServer/Documents/mysite/mounts/osm"
password "pwd" with administrator privileges
do shell script "sudo -u www mount_smbfs -f 0777 -d 0777 //usr2:***@ip/VOX
/Library/WebServer/Documents/mysite/mounts/vox" password "pwd" with
administrator privileges

activate
display dialog "Connections to Server Established.
-SHARE1 Mounted!
-SHARE2 Mounted!"
~~~

I guess I can officially consider this case closed with all problems solved!

Thanks All!


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Rahul Sitaram Johari
CEO, Twenty Four Seventy Nine Inc.

W: http://www.rahulsjohari.com
E: ***@rahulsjohari.com
Daniel Brown
2007-11-06 21:07:19 UTC
Permalink
Post by Rahul S. Johari
I guess I can officially consider this case closed with all problems solved!
Thanks All!
We are the geniuses that are the core PHP community. Hear us roar!
--
Daniel P. Brown
[office] (570-) 587-7080 Ext. 272
[mobile] (570-) 766-8107

If at first you don't succeed, stick to what you know best so that you
can make enough money to pay someone else to do it for you.
Rahul S. Johari
2007-11-06 21:42:07 UTC
Permalink
Post by Daniel Brown
We are the geniuses that are the core PHP community. Hear us roar!
:D

You know the funniest thing? As my discussion progressed, and the
contributions back & forth, the problem became evidently little to do with
PHP and a whole lot to do with Mac OS X! And yet, on a PHP mailing list - we
Solved it!

Diversity in Unity!

Of course, I've heard longer, endless, pointless rants in this same very
mailing list over the course of last 6 years or so that I've been here.


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Rahul Sitaram Johari
CEO, Twenty Four Seventy Nine Inc.

W: http://www.rahulsjohari.com
E: ***@rahulsjohari.com

Continue reading on narkive:
Search results for '[PHP] PHP Won't Access Files Outside Web Root (Leopard/MacOS X 10.5)' (Questions and Answers)
733
replies
How do you protect yourself against computer viruses?
started 2010-02-07 19:54:16 UTC
computers & internet
Loading...