#49049 [Opn->Fbk]: file_exists() under unprivileged user with set user ID on execution fails
ID: 49049 Updated by: j...@php.net Reported By: rusxakep at gmail dot com -Status: Open +Status: Feedback Bug Type: Filesystem function related Operating System: Linux 2.6.29 PHP Version: 5.2.10 New Comment: PLEASE give proper steps to reproduce this. Preferrably something we can simply cut'n'paste.. Previous Comments: [2009-07-29 16:34:25] rusxakep at gmail dot com You can use any other directory where you are able to do it. You can use the virtual machine (like VirtalBox or VMware) and so forth. Installation "execution bit" on/usr/bin/strace is necessary for situation creation where the error in function file_exist() appears. It is necessary for more exact understanding of an error. In a real situation which is described in my first post, the role strace is fulfilled by the program written on C with "execution bit enable". If still something is not clear, write, I will explain.) [2009-07-28 20:49:00] j...@php.net My /home dir isn't writable by anyone. So how could it work? And what does setting those permissions on strace help to debug this? [2009-07-28 20:12:08] rusxakep at gmail dot com Jani, Is bug reproducing ONLY with using "set execution bit"! Simple way test with strace output: 1. Temprorarly set "chmod 6755" to /usr/bin/strace binary for correct test. 2. Create simple CONSOLE test.php file and place to /home/1/ directory (owner should be root.root): #!/usr/bin/php -q 3. Run this script under any unprivileged user with next cmd: "su - someuser -c "/usr/bin/strace /home/1/test.php" First run test.php create directory /home/1/2 and /home/1/2/3 successfully with "someuser" owner and 0700. Second run test.php script must be finish w/o any messages, because directory already exists, but function file_exists() incorrectly fulfils and produces that the directory does not exist, though it is. Try it! If something else is not clear, I will explain more in detail.) [2009-07-28 19:52:47] j...@php.net Your report is quite confusing. You talk about creating /home/user/2/3 directories (note the missing 1?) but your straces show quite different outputs. Please, come up with _simple_ way to reproduce this. Simple meaning ONE php (and PHP ONLY!) file. [2009-07-27 09:19:12] rusxakep at gmail dot com Added -D__USE_FILE_OFFSET64 to CFLAGS and re-compile all php stuff. Example of compilation (correct?): "/bin/sh /var/tmp/portage/dev-lang/php-5.2.99/work/php5.2-200907241430/libtool --silent --preserve-dup-deps --mode=compile i686-pc-linux-gnu-gcc -IZend/ -I/var/tmp/portage/dev-lang/php-5.2.99/work/php5.2-200907241430/Zend/ -DPHP_ATOM_INC -I/var/tmp/portage/dev-lang/php-5.2.99/work/php5.2-200907241430/include -I/var/tmp/portage/dev-lang/php-5.2.99/work/php5.2-200907241430/main -I/var/tmp/portage/dev-lang/php-5.2.99/work/php5.2-200907241430 -I/var/tmp/portage/dev-lang/php-5.2.99/work/php5.2-200907241430/ext/date/lib -I/usr/include/libxml2 -I/usr/include/freetype2 -I/var/tmp/portage/dev-lang/php-5.2.99/work/php5.2-200907241430/ext/mbstring/oniguruma -I/var/tmp/portage/dev-lang/php-5.2.99/work/php5.2-200907241430/ext/mbstring/libmbfl -I/var/tmp/portage/dev-lang/php-5.2.99/work/php5.2-200907241430/ext/mbstring/libmbfl/mbfl -I/usr/include/mysql -I/var/tmp/portage/dev-lang/php-5.2.99/work/php5.2-200907241430/TSRM -I/var/tmp/portage/dev-lang/php-5.2.99/work/php5.2-200907241430/Zend -I/usr/include -march=pentium4 -O2 -fomit-frame-pointer -pipe -D_GNU_SOURCE -D__USE_FILE_OFFSET64 -prefer-non-pic -c /var/tmp/portage/dev-lang/php-5.2.99/work/php5.2-200907241430/Zend/zend_objects.c -o Zend/zend_objects.lo /bin/sh /var/tmp/portage/dev-lang/php-5.2.99/work/php5.2-200907241430/libtool --silent --preserve-dup-deps --mode=compile i686-pc-linux-gnu-gcc -IZend/ -I/var/tmp/portage/dev-lang/php-5.2.99/work/php5.2-200907241430/Zend/ -DPHP_ATOM_INC -I/var/tmp/portage/dev-lang/php-5.2.99/work/php5.2-200907241430/include -I/var/tmp/portage/dev-lang/php-5.2.99/work/php5.2-200907241430/main -I/var/tmp/portage/dev-lang/php-5.2.99/work/php5.2-200907241430 -I/var/tmp/portage/dev-lang/php-5.2.99/work/php5.2-200907241430/ext/date/lib -I/usr/include/libxml2 -I/usr/include/freetype2 -I/var/tmp/portage/dev-lang/php-5.2.99/work/php5.2-200907241430/ext/mbstring/oniguruma -I/var/tmp/portage/dev-lang/php-5.2.99/work/php5.2-200907241430/ext/mbstring/libmbfl -I/var/tmp/portage/dev-lang/php-5.2.99/work/php5.2-200907241430/ext/mbstring/libmbfl/mbfl -I/usr/include/mysql -I/var/tmp/portage/dev-lang/php-5.2.99/work/php5.2-200907241430/TSRM -I/var/tmp/portage/dev-lang/php-5.2.99/work/php5.2-2009072414
#49049 [Opn->Fbk]: file_exists() under unprivileged user with set user ID on execution fails
ID: 49049 Updated by: j...@php.net Reported By: rusxakep at gmail dot com -Status: Open +Status: Feedback Bug Type: Filesystem function related Operating System: Linux 2.6.29 PHP Version: 5.2.10 New Comment: My /home dir isn't writable by anyone. So how could it work? And what does setting those permissions on strace help to debug this? Previous Comments: [2009-07-28 20:12:08] rusxakep at gmail dot com Jani, Is bug reproducing ONLY with using "set execution bit"! Simple way test with strace output: 1. Temprorarly set "chmod 6755" to /usr/bin/strace binary for correct test. 2. Create simple CONSOLE test.php file and place to /home/1/ directory (owner should be root.root): #!/usr/bin/php -q 3. Run this script under any unprivileged user with next cmd: "su - someuser -c "/usr/bin/strace /home/1/test.php" First run test.php create directory /home/1/2 and /home/1/2/3 successfully with "someuser" owner and 0700. Second run test.php script must be finish w/o any messages, because directory already exists, but function file_exists() incorrectly fulfils and produces that the directory does not exist, though it is. Try it! If something else is not clear, I will explain more in detail.) [2009-07-28 19:52:47] j...@php.net Your report is quite confusing. You talk about creating /home/user/2/3 directories (note the missing 1?) but your straces show quite different outputs. Please, come up with _simple_ way to reproduce this. Simple meaning ONE php (and PHP ONLY!) file. [2009-07-27 09:19:12] rusxakep at gmail dot com Added -D__USE_FILE_OFFSET64 to CFLAGS and re-compile all php stuff. Example of compilation (correct?): "/bin/sh /var/tmp/portage/dev-lang/php-5.2.99/work/php5.2-200907241430/libtool --silent --preserve-dup-deps --mode=compile i686-pc-linux-gnu-gcc -IZend/ -I/var/tmp/portage/dev-lang/php-5.2.99/work/php5.2-200907241430/Zend/ -DPHP_ATOM_INC -I/var/tmp/portage/dev-lang/php-5.2.99/work/php5.2-200907241430/include -I/var/tmp/portage/dev-lang/php-5.2.99/work/php5.2-200907241430/main -I/var/tmp/portage/dev-lang/php-5.2.99/work/php5.2-200907241430 -I/var/tmp/portage/dev-lang/php-5.2.99/work/php5.2-200907241430/ext/date/lib -I/usr/include/libxml2 -I/usr/include/freetype2 -I/var/tmp/portage/dev-lang/php-5.2.99/work/php5.2-200907241430/ext/mbstring/oniguruma -I/var/tmp/portage/dev-lang/php-5.2.99/work/php5.2-200907241430/ext/mbstring/libmbfl -I/var/tmp/portage/dev-lang/php-5.2.99/work/php5.2-200907241430/ext/mbstring/libmbfl/mbfl -I/usr/include/mysql -I/var/tmp/portage/dev-lang/php-5.2.99/work/php5.2-200907241430/TSRM -I/var/tmp/portage/dev-lang/php-5.2.99/work/php5.2-200907241430/Zend -I/usr/include -march=pentium4 -O2 -fomit-frame-pointer -pipe -D_GNU_SOURCE -D__USE_FILE_OFFSET64 -prefer-non-pic -c /var/tmp/portage/dev-lang/php-5.2.99/work/php5.2-200907241430/Zend/zend_objects.c -o Zend/zend_objects.lo /bin/sh /var/tmp/portage/dev-lang/php-5.2.99/work/php5.2-200907241430/libtool --silent --preserve-dup-deps --mode=compile i686-pc-linux-gnu-gcc -IZend/ -I/var/tmp/portage/dev-lang/php-5.2.99/work/php5.2-200907241430/Zend/ -DPHP_ATOM_INC -I/var/tmp/portage/dev-lang/php-5.2.99/work/php5.2-200907241430/include -I/var/tmp/portage/dev-lang/php-5.2.99/work/php5.2-200907241430/main -I/var/tmp/portage/dev-lang/php-5.2.99/work/php5.2-200907241430 -I/var/tmp/portage/dev-lang/php-5.2.99/work/php5.2-200907241430/ext/date/lib -I/usr/include/libxml2 -I/usr/include/freetype2 -I/var/tmp/portage/dev-lang/php-5.2.99/work/php5.2-200907241430/ext/mbstring/oniguruma -I/var/tmp/portage/dev-lang/php-5.2.99/work/php5.2-200907241430/ext/mbstring/libmbfl -I/var/tmp/portage/dev-lang/php-5.2.99/work/php5.2-200907241430/ext/mbstring/libmbfl/mbfl -I/usr/include/mysql -I/var/tmp/portage/dev-lang/php-5.2.99/work/php5.2-200907241430/TSRM -I/var/tmp/portage/dev-lang/php-5.2.99/work/php5.2-200907241430/Zend -I/usr/include -march=pentium4 -O2 -fomit-frame-pointer -pipe -D_GNU_SOURCE -D__USE_FILE_OFFSET64 -prefer-non-pic -c /var/tmp/portage/dev-lang/php-5.2.99/work/php5.2-200907241430/Zend/zend_object_handlers.c -o Zend/zend_object_handlers.lo" My problem not resolved yet :( access("/home/1/2/3", F_OK) = -1 EACCES (Permission denied) stat64("/home/1/2", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 mkdir("/home/1/2/3", 0700) = -1 EEXIST (File exists) write(1, "\nWarning: mkdir(): File exists in"..., 61 Warning: mkdir(): File exists in /home/1/test.php on line 3 ) = 61) [2009-07-26 12:02:56] j...@php.net Did you or did you not compile using the LFS flags? [2009-07
#49049 [Opn->Fbk]: file_exists() under unprivileged user with set user ID on execution fails
ID: 49049 Updated by: j...@php.net Reported By: rusxakep at gmail dot com -Status: Open +Status: Feedback Bug Type: Filesystem function related Operating System: Linux 2.6.29 PHP Version: 5.2.10 New Comment: Your report is quite confusing. You talk about creating /home/user/2/3 directories (note the missing 1?) but your straces show quite different outputs. Please, come up with _simple_ way to reproduce this. Simple meaning ONE php (and PHP ONLY!) file. Previous Comments: [2009-07-27 09:19:12] rusxakep at gmail dot com Added -D__USE_FILE_OFFSET64 to CFLAGS and re-compile all php stuff. Example of compilation (correct?): "/bin/sh /var/tmp/portage/dev-lang/php-5.2.99/work/php5.2-200907241430/libtool --silent --preserve-dup-deps --mode=compile i686-pc-linux-gnu-gcc -IZend/ -I/var/tmp/portage/dev-lang/php-5.2.99/work/php5.2-200907241430/Zend/ -DPHP_ATOM_INC -I/var/tmp/portage/dev-lang/php-5.2.99/work/php5.2-200907241430/include -I/var/tmp/portage/dev-lang/php-5.2.99/work/php5.2-200907241430/main -I/var/tmp/portage/dev-lang/php-5.2.99/work/php5.2-200907241430 -I/var/tmp/portage/dev-lang/php-5.2.99/work/php5.2-200907241430/ext/date/lib -I/usr/include/libxml2 -I/usr/include/freetype2 -I/var/tmp/portage/dev-lang/php-5.2.99/work/php5.2-200907241430/ext/mbstring/oniguruma -I/var/tmp/portage/dev-lang/php-5.2.99/work/php5.2-200907241430/ext/mbstring/libmbfl -I/var/tmp/portage/dev-lang/php-5.2.99/work/php5.2-200907241430/ext/mbstring/libmbfl/mbfl -I/usr/include/mysql -I/var/tmp/portage/dev-lang/php-5.2.99/work/php5.2-200907241430/TSRM -I/var/tmp/portage/dev-lang/php-5.2.99/work/php5.2-200907241430/Zend -I/usr/include -march=pentium4 -O2 -fomit-frame-pointer -pipe -D_GNU_SOURCE -D__USE_FILE_OFFSET64 -prefer-non-pic -c /var/tmp/portage/dev-lang/php-5.2.99/work/php5.2-200907241430/Zend/zend_objects.c -o Zend/zend_objects.lo /bin/sh /var/tmp/portage/dev-lang/php-5.2.99/work/php5.2-200907241430/libtool --silent --preserve-dup-deps --mode=compile i686-pc-linux-gnu-gcc -IZend/ -I/var/tmp/portage/dev-lang/php-5.2.99/work/php5.2-200907241430/Zend/ -DPHP_ATOM_INC -I/var/tmp/portage/dev-lang/php-5.2.99/work/php5.2-200907241430/include -I/var/tmp/portage/dev-lang/php-5.2.99/work/php5.2-200907241430/main -I/var/tmp/portage/dev-lang/php-5.2.99/work/php5.2-200907241430 -I/var/tmp/portage/dev-lang/php-5.2.99/work/php5.2-200907241430/ext/date/lib -I/usr/include/libxml2 -I/usr/include/freetype2 -I/var/tmp/portage/dev-lang/php-5.2.99/work/php5.2-200907241430/ext/mbstring/oniguruma -I/var/tmp/portage/dev-lang/php-5.2.99/work/php5.2-200907241430/ext/mbstring/libmbfl -I/var/tmp/portage/dev-lang/php-5.2.99/work/php5.2-200907241430/ext/mbstring/libmbfl/mbfl -I/usr/include/mysql -I/var/tmp/portage/dev-lang/php-5.2.99/work/php5.2-200907241430/TSRM -I/var/tmp/portage/dev-lang/php-5.2.99/work/php5.2-200907241430/Zend -I/usr/include -march=pentium4 -O2 -fomit-frame-pointer -pipe -D_GNU_SOURCE -D__USE_FILE_OFFSET64 -prefer-non-pic -c /var/tmp/portage/dev-lang/php-5.2.99/work/php5.2-200907241430/Zend/zend_object_handlers.c -o Zend/zend_object_handlers.lo" My problem not resolved yet :( access("/home/1/2/3", F_OK) = -1 EACCES (Permission denied) stat64("/home/1/2", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 mkdir("/home/1/2/3", 0700) = -1 EEXIST (File exists) write(1, "\nWarning: mkdir(): File exists in"..., 61 Warning: mkdir(): File exists in /home/1/test.php on line 3 ) = 61) [2009-07-26 12:02:56] j...@php.net Did you or did you not compile using the LFS flags? [2009-07-25 20:20:52] rusxakep at gmail dot com No, isn't LFS bug. I'm run test php from LFS bug notes. mkdir working fine. Directory has been created successfully.) [2009-07-24 17:10:09] j...@php.net Would you please just do what I asked and try compile with LFS flags..? I'm quite sure this is same issue as in that other bug. [2009-07-24 16:39:57] rusxakep at gmail dot com I'm not guru in php development, but access("/home/1/2/3", F_OK) = -1 EACCES (Permission denied) stat64("/home/1/2", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 why stat64("/home/1/2"), but no stat64("/home/1/2/3")? why "permission denied" placed here with using set execution bit feature?) The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/49049 -- Edit this bug report at http://bugs.php.net/?id=49049&edit=1
#49049 [Opn->Fbk]: file_exists() under unprivileged user with set user ID on execution fails
ID: 49049 Updated by: j...@php.net Reported By: rusxakep at gmail dot com -Status: Open +Status: Feedback Bug Type: Filesystem function related Operating System: Linux 2.6.29 PHP Version: 5.2.10 New Comment: Did you or did you not compile using the LFS flags? Previous Comments: [2009-07-25 20:20:52] rusxakep at gmail dot com No, isn't LFS bug. I'm run test php from LFS bug notes. mkdir working fine. Directory has been created successfully.) [2009-07-24 17:10:09] j...@php.net Would you please just do what I asked and try compile with LFS flags..? I'm quite sure this is same issue as in that other bug. [2009-07-24 16:39:57] rusxakep at gmail dot com I'm not guru in php development, but access("/home/1/2/3", F_OK) = -1 EACCES (Permission denied) stat64("/home/1/2", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 why stat64("/home/1/2"), but no stat64("/home/1/2/3")? why "permission denied" placed here with using set execution bit feature?) [2009-07-24 16:34:47] rusxakep at gmail dot com and first run with strace: access("/home/1/2/3", F_OK) = -1 ENOENT (No such file or directory) stat64("/home/1/2", 0xbf9bd910) = -1 ENOENT (No such file or directory) stat64("/home/1", {st_mode=S_IFDIR|S_ISVTX|0777, st_size=4096, ...}) = 0 mkdir("/home/1/2", 0700)= 0 mkdir("/home/1/2/3", 0700) = 0) [2009-07-24 16:10:34] rusxakep at gmail dot com Sorry, previous strace has been invalid. Correct: munmap(0xb7ef5000, 4096)= 0 access("/home/1/2/3", F_OK) = -1 EACCES (Permission denied) stat64("/home/1/2", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 mkdir("/home/1/2/3", 0700) = -1 EEXIST (File exists) write(1, "\nWarning: mkdir(): File exists in"..., 61 Warning: mkdir(): File exists in /home/1/test.php on line 3 ) = 61 close(2)= 0 close(1)) The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/49049 -- Edit this bug report at http://bugs.php.net/?id=49049&edit=1
#49049 [Opn->Fbk]: file_exists under unprivileged user with set user ID on execution fails
ID: 49049 Updated by: j...@php.net Reported By: rusxakep at gmail dot com -Status: Open +Status: Feedback Bug Type: Filesystem function related Operating System: Linux 2.6.29 PHP Version: 5.2.10 Assigned To: fb-req-jani New Comment: Would you please just do what I asked and try compile with LFS flags..? I'm quite sure this is same issue as in that other bug. Previous Comments: [2009-07-24 16:39:57] rusxakep at gmail dot com I'm not guru in php development, but access("/home/1/2/3", F_OK) = -1 EACCES (Permission denied) stat64("/home/1/2", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 why stat64("/home/1/2"), but no stat64("/home/1/2/3")? why "permission denied" placed here with using set execution bit feature?) [2009-07-24 16:34:47] rusxakep at gmail dot com and first run with strace: access("/home/1/2/3", F_OK) = -1 ENOENT (No such file or directory) stat64("/home/1/2", 0xbf9bd910) = -1 ENOENT (No such file or directory) stat64("/home/1", {st_mode=S_IFDIR|S_ISVTX|0777, st_size=4096, ...}) = 0 mkdir("/home/1/2", 0700)= 0 mkdir("/home/1/2/3", 0700) = 0) [2009-07-24 16:10:34] rusxakep at gmail dot com Sorry, previous strace has been invalid. Correct: munmap(0xb7ef5000, 4096)= 0 access("/home/1/2/3", F_OK) = -1 EACCES (Permission denied) stat64("/home/1/2", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 mkdir("/home/1/2/3", 0700) = -1 EEXIST (File exists) write(1, "\nWarning: mkdir(): File exists in"..., 61 Warning: mkdir(): File exists in /home/1/test.php on line 3 ) = 61 close(2)= 0 close(1)) [2009-07-24 15:59:59] rusxakep at gmail dot com Strace output: lstat64("/home", {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0 lstat64("/home/1", {st_mode=S_IFDIR|S_ISVTX|0777, st_size=4096, ...}) = 0 lstat64("/home/1/test.php", {st_mode=S_IFREG|0755, st_size=92, ...}) = 0 ioctl(3, SNDCTL_TMR_TIMEBASE or TCGETS, 0xbf9f2638) = -1 ENOTTY (Inappropriate ioctl for device) read(3, ""..., 4096)= 0 read(3, ""..., 8192)= 0 close(3)= 0 munmap(0xb7fd6000, 4096)= 0 access("/home/1/2/3", F_OK) = -1 EACCES (Permission denied) stat64("/home/1/2", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 mkdir("/home/1/2/3", 0700) = -1 EACCES (Permission denied) write(1, "\nWarning: mkdir(): Permission den"..., 67 Warning: mkdir(): Permission denied in /home/1/test.php on line 3 ) = 67 close(2)= 0 close(1)) [2009-07-24 15:55:14] rusxakep at gmail dot com Now replace 0700 flags to 0777 for testing ... Strange it. Working I'm using "set execution bit" feature, why 0700 doesn't work?) The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/49049 -- Edit this bug report at http://bugs.php.net/?id=49049&edit=1
#49049 [Opn->Fbk]: file_exists under unprivileged user with set user ID on execution fails
ID: 49049 Updated by: j...@php.net Reported By: rusxakep at gmail dot com -Status: Open +Status: Feedback Bug Type: Filesystem function related Operating System: Linux 2.6.29 PHP Version: 5.2.10 New Comment: Isn't this just same bug as bug #45040 is? Try compile using the LFS flags. Previous Comments: [2009-07-24 15:32:29] rusxakep at gmail dot com Last snapshot tested. Same problem With "/home/1/2" working, but "/home/1/2/3" doesn't worked. :( PHP 5.2.11-pl0-gentoo (cli) (built: Jul 24 2009 19:26:18) Copyright (c) 1997-2009 The PHP Group Zend Engine v2.2.0, Copyright (c) 1998-2009 Zend Technologies Linux mail 2.6.29-gentoo-r5 #1 SMP Tue Jul 14 13:16:20 MSD 2009 i686 Intel(R) Xeon(R) CPU E5310 @ 1.60GHz GenuineIntel GNU/Linux) [2009-07-24 15:00:45] rusxakep at gmail dot com If you reduce path to "/home/user/2", then working fine.) [2009-07-24 14:57:41] rusxakep at gmail dot com Description: 1. Create and save to /home/user this next short program: #define REAL_PATH "/home/user/test.php" main(ac, av) char **av; { execv(REAL_PATH, av); } 2. Compile cc -o test test.c 3. chown root.root test and chmod 6755 test 5. Create test.php #!/usr/bin/php-cgi -q 6. chown root.root test.php and chmod 0755 test.php 7. chmod 1777 /home/user 7. run with any unprivileged user: su - user -c "/home/user/test" First run ok, creating directory with root access Second run failed with next error message: Warning: mkdir(): File exists in /home/user/test.php on line 3 Reproduce code: --- no safe mode, default php.ini Expected result: Empty exit w/o warning Actual result: -- Warning: mkdir(): File exists in /home/user/test.php on line 3 -- Edit this bug report at http://bugs.php.net/?id=49049&edit=1