[vox-tech] Apache and group permissions

Rod Roark rod at sunsetsystems.com
Fri Oct 6 13:35:22 PDT 2006


I have a very puzzling (to me) problem.  I'm working with a Mandriva
box running Apache 2.0.54.  It runs as user nobody with its group ID
set to -1 -- i.e. httpd.conf includes:

    User nobody
    Group #-1

I have a PHP web application that wants to read some HylaFAX files
like these:

    # ls -l /var/spool/fax/doneq/
    -rw-rw----  1 uucp faxgroup 827 Oct  6 01:54 q157
    -rw-rw----  1 uucp faxgroup 826 Oct  6 02:26 q158
    etc.

The faxgroup entry which I added to /etc/groups looks like this:

    faxgroup:x:60002:nobody

So my expectation is that my PHP script, which runs as user nobody
along with the rest of Apache, should be able to read these files.
And indeed, if I do this:

    # su - nobody
    $ cat /var/spool/fax/doneq/q157

the viewing is successful.

However, as you have probably guessed, the PHP script cannot read them.
If I "chmod o+r /var/spool/fax/doneq/q157" then it can.  If I exec the
"whoami" command within the script it reports "nobody", as expected.
I did restart Apache after updating /etc/group.

What am I missing?

Rod


More information about the vox-tech mailing list