First of all, I regret my poor English, I am not a native speaker.
I use PHP with FCGI, so each of my virtual hosts runs its php scripts as different users.
I needed to split the php class between two virtual hosts (user1 and user2), so I decided that adding user2 to the user1 group in / etc / group would be a good idea for this. I did this and then I checked that group permissions work fine with the following command:
su user2 cat /home/user1/shared_class.php
and it worked perfectly (user access to class user1 is just fine).
But PHP did not seem to recognize the same resolution. I saved the following script in the user2 virtual host for testing and ran from the browser:
<?php passthru('whoami'); passthru('cat /home/user1/shared_class.php'); ?>
and this returned the correct username ('user2'), but not the contents of shared_class.php. If I try to require_once ('/home/user1/shared_class.php'), I also get the "Access denied" error. Therefore, it is clear that PHP believes that "user2" does not have permission to access shared_class.php.
Another test I did was run
su user1 chmod o+r /home/user1/shared_class.php
After this last chmod 'user2' PHP script can read the file just fine, so I'm sure that this is not a folder restriction (open_basedir or some other directive), it's just PHP that ignores / etc / group.
Is this expected? Is there any way to do this?
The workaround I'm using now is
su user1 chown user1:user2 /home/user1/shared_class.php
Thus, user2 can only access the file with php, but I would like to be able to exchange files without having to change the chown settings manually, that is, using / etc / group and adding user2 to user1 group.
Thanks.