I face the problem with extracting the .zip archive located under different user web/ directory. Let me explain: I have 2 websites both written on pure php. First website i use to manage Second. Every client on Second website has his own folder located in root with similar code but different configs. It looks like this: Second website Code: ... /var/www/clients/client0/web2/web/client1/... /var/www/clients/client0/web2/web/client2/... ... Like you understand owner of this files is user: web2 and group: client0 And First website location: Code: ... /var/www/clients/client0/web1/web/... ... Owner of this files is user: web1 and group: client0 What I'm trying to do is to extract zip archive at Second webroot directory while working on my backend on First website when create a new client. Here is the code i tried(this works perfect on my localhost when user: www-data and group: www-data): Code: ... if (!file_exists('/var/www/clients/client0/web2/web/' . $_POST['storeid'])) { $zip = new ZipArchive; $dir = '/var/www/clients/client0/web2/web/'; $install_dir = $dir . 'backup/'; $res = $zip->open($install_dir . 'client_install.zip'); if ($res === TRUE) { //Try to execute $zip->extractTo($dir . $_POST['storeid'] . '/'); //var/www/clients/client0/web2/web/client2 $zip->close(); //Set permissions on new store folder chmod_r($dir . $_POST['storeid'], 0755, 0644); echo "\nExtracted successfully to " . $dir; die(); } else { echo "Failed to open zip: " . $dir . "client_install.zip" . " \n"; die(); } } ... At the time when i run this code i get message: I know it may be related to user permissions. How can solve this considering keeping same ISPConfig environment and user permissions. Update: Also i checked if i can retrieve the permissions on web2/web folder with fileperms("/var/www/clients/client0/web2/web"); and this returned 0
The basic idea of different users is that they can not read nor write the data from other users. To make this possible would weaken security on your server. Only do this if you are the only user on that server. In my opinion, what you are trying to do is not a good idea. However: Since both users (web1/web2) share the same group, it would be enough to give the group read/write access to the needed files and folders. But that would allow ALL members of that group (client0) to read/write there. You can change permissions with "chmod" command. https://help.ubuntu.com/community/FilePermissions
http://ecapy.com/comprimir-y-descomprimir-tgz-tar-gz-y-zip-por-linea-de-comandos-en-linux/index.html With the root, I move it to a vhost with maximum rights, I don't leave it in the user's folder. With root you can do everything, but be careful to which folders you give permissions.
In addition to setting group permissions correctly, you would have to modify php's open_basedir to allow that to work, and not use anything that would run chroot in the first site's jail environment. An alternative approach would be to bind mount the appropriate directory from the second site into a location the first site can access. (You can remap user id's with the mount to address the permissions.)
I realized that the problem was in open_basedir(). How do you think? if I write down the path I need in the Option tab, it will not lead to a server failure? I have test sites located on a production server.