I'm a bit confused here in Symfony functionality terms. I have a website which is supposed to write sessions in /var/lib/php/sessions/. I'm confused right there, because in /var/www/html/myproject/ everything is recursively property of www-data:www-data (yes, I'm using Apache). However the owner of /var/lib/php/sessions/ is root, so when Apache tries to write there, I get a 500 server error regarding writing permissions in that directory.
I have divided opinions here. Some people advice me to modify config.yml to manage sessions inside the project directory, while other people say that is a really bad practice. But, how do I get everything targeting /var/lib/php/sessions/ without that file permission error?
Here's what I get via Apache URL:
Oops! An Error Occurred
The server returned a "500 Internal Server Error".
Something is broken. Please let us know what you were doing when this error occurred. We will fix it as soon as possible. Sorry for any inconvenience caused.
Here's what I get via php development webserver:
Warning: SessionHandler::read(): open(/var/lib/php/sessions/sess_u3eg1842nlpkbm0rvddrq37dc2, O_RDWR) failed: Permission denied (13)
500 Internal Server Error - ContextErrorException
I really hope you can help me.
In order to create a file the user must have write and execute permission on the directory.
mkdir /tmp/foo
chmod 300 /tmp/foo
touch /tmp/foo/bar
test -e /tmp/foo/barIn your case setting the 'other' permissions to 3 would allow www-data to write to it. chmod o+wx /var/lib/php/sessions/
In order to remove a file the user must also have write and execute permission on the directory.
In order to list the file names in a directory the user must have read permission on the directory. Note that if you know the filename it's not required to have permissions for listing the directory.
In order to list the properties of a file the user must have execute permission on the directory.
On my computer the permission for /var/lib/php/sessions is drwx-wx-wt. The t indicates execute & sticky bit. Sticky bit for directories means only the owner can delete it.
See Unix File and Directory Permissions and Modes by Wayne Pollock for more info.