8

i have simple test.php page: 

<pre><?php system("ls -la /tmp"); ?></pre>

which always shows just: . and .. folders and nothing else in browser.

in the command line:

1) ls -la /tmp
2) sudo -u http ls -la /tmp
3) php test.php
4) sudo -u http php test.php

all this commands returns full list of directory files/subdirs.

What is the reason for this???

And problem is "/tmp" folder related because ls -lah /usr works OK.

i tested this on 4 comps (one of them was debian with php 5.0.6 and there php shows all files OK like i expected, other 3 comps has php7 and shows empty /tmp).

update:

even after adding http to sudoers file and running 'sudo ls /tmp', problem is the same on php versions >7.

but runing 'system("echo aaa > /tmp/aaa.txt; ls -la /tmp") shows . , .. , and aaa.txt file owned by http:http. So is this some new php restriction and how it is posible to interfere on /tmp files only.

update2:

but aaa.txt is not inside /tmp, and by running find /tmp -name aaa.txt, i see that it is inside /tmp/systemd-private-2cf1853410ad4ade980ec17e883771c3-httpd.service-lZ22gS/tmp/aaa.txt .

so finaly it is related to something called "systemd /tmp isolation"... that i need to learn about.

Changing true to false inside: /etc/systemd/system/multi-user.target.wants/httpd.service:

[Service]
PrivateTmp=false
...

solves my problem, but i am wondering is it possible to avoid this without changing service file.

Improve this question
6
  • try to use exec() and shell_exec() Commented Feb 15, 2017 at 6:34
  • @Ravi, i did, all have same results (i use php 'system' for question because it simplifies output) Commented Feb 15, 2017 at 6:37
  • Have you tried with sudo ? it's work on my system ! Commented Feb 15, 2017 at 6:38
  • @Ravi, tested now, same problem with sudo too (added to sudoers user http, sudo ls -la /tmp ... empty) ... maybe it is php version related. some bug or new restriction/config Commented Feb 15, 2017 at 6:47
  • Could you run stat /tmp in both cases and edit that into the question too? Commented Feb 15, 2017 at 7:15

2 Answers 2

Reset to default
5

I am running Ubuntu 18.04 and /usr/lib/systemd did not contain any services for http or apache2. However, I executed the following command:

sudo find / -mount -type f -exec grep -e "PrivateTmp" '{}' ';' -print

and found in /lib/systemd/apache2.service the PrivateTmp=true. Changing true to false and executing

systemctl daemon-restart
systemctl restart apache2

fixed the problem.

Improve this answer
3
  • 2
    I don't think you should change the one in /lib, as that is managed by the package; instead, copy it to /etc and make your modifications there. Commented Dec 18, 2018 at 11:43
  • Thanks for the tip! I didn't realize there was a pecking order to how the systemd daemon processed files and that /lib shouldn't be touched. I'll make the change you suggested and retest. Commented Dec 18, 2018 at 11:49
  • Sure thing; check out freedesktop.org/software/systemd/man/systemd.unit.html where it says "Example 2. Overriding vendor settings" Commented Dec 18, 2018 at 11:52
1

<pre><?php system("ls -la /tmp"); ?></pre>
..
always shows just: . and .. folders and nothing else in browser. ..
What is the reason for this???

Thats all the system() function is designed to do - it only returns the last line of output from the shell command.
So then why does a command exist that only gives you one useless line of output? possibly because system() allows you to capture the exit code of the shell process (if you pass $return_var as a second argument) whereas shell_exec - which does give you all the shell output, doesn't give the exit code!

So if you want all the output AND the exit code you can use exec(), but exec is a hassle because the full output is only available through the reference array $output which you then have to loop through to see your output.

Also, seeing as you are playing around in /tmp, you should be aware newer versions of PHP-FPM using systemd to manage the php-fpm daemon will pass a setting which blocks execution of php files from running out of tmp.
I have php 7.0.1 running on my laptop, but then I did an install of 7.1.1 and discovered they are now embedding this little directive 

PrivateTmp=true

in the systemd service file. you need to set it to false if you want to run php scripts from /tmp
for more background on that particular issue
https://serverfault.com/questions/614781/php-script-cant-access-tmp-folder

Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.