Allow Apache/PHP a read/write access to a mounted directory

Question

We have websites running on a linux server with apache httpd and php. On that server a certain directory from a windows server is mounted as let's say /mnt/some_directory/. I can browse this directory with both WinSCP or SSH, using my own user account.

I can also perform the following in SSH:

php -r "print_r(file_get_contents('/mnt/some_directory/file_name.txt'));"

and see contents of that file.

We need to read a file and parse from that directory in order to import it in the database that is used by the website. But when an fopen or a file_get_contents on the website we get a permission denied error.

I have limited access to the web server (and limited knowledge of *nix and apache configuration), but the administrator that is supposed to resolve this apparently is also lacking this knowledge and I need to have this task resolved,that's why I am asking here.

What the admin did was to set the group and ownership of the mounted directory to"apache", which is the user the httpd process is running as. But that didn't help.

As far as I know access to files outside of the webroot is disallowed by default. Would it be sufficient to set a DIRECTORY directive in httpd.conf for /mnt/some_directory/? Or is there anything else that has to be done?

Answer 1

our team had the same issue, my team-mate was able to resolve this by adding context to mount options.

we are using the following format for mounting windows shared folder to linux that apache will be able to access:

mount -v -t cifs <//$hostname/$(windows shared dir)> <mount directory> -o username="<username>",password=<password>,domain=<domain name>,iocharset=utf8,file_mode=0777,dir_mode=0777,context="system_u:object_r:httpd_sys_content_t:s0"

For example:

mount -v -t cifs //192.168.1.19/sample_dir /mnt/mount_dir -o username="admin",password=adminpwd,domain=MIINTER,iocharset=utf8,file_mode=0777,dir_mode=0777,context="system_u:object_r:httpd_sys_content_t:s0"