In my first PHP script in many years, I'm trying to log an error:
error_log("my error message", 3, $error_log);
I'm getting an error in the general Apache error log:
PHP Warning: error_log(/var/log/apache2/my_php_errors.log): failed to open stream: Permission denied in /var/www/html/blahblah/my_script.php on line 88
This is what I've checked and tried:
$error_log
with the same ownership (root.adm
) and permissions (640
) as the Apache error log.www-data
, which is the user PHP is running as.log_errors
is On
.open_basedir
is not set.What am I missing?
Edit: It's able to write to the general Apache error log. The mystery is why it can't write to another file in the same directory with the same ownership and permissions.
Edit 2: Another developer told me that this works on his WAMP, so it's something specific to my LAMP stack or config.
TL;DR: check that all the ancestor directories allow reads/lists by the web server.
On my system, my equivalent of /var/log/apache2/my_php_errors.log
was giving this same error. I eventually did an ls -ld
at every level of the path (/
, /var/
, /var/log/
, /var/log/apache2/
, /var/log/apache2/my_php_errors.log
).
Four of those had permissions that made them readable by the web server. One of them, /var/log/apache2/
did not. When I moved my file out of the apache2
directory, everything started working. E.g. /var/log/php/
and set appropriate permissions/ownership (e.g. 750 by www-data.adm) on the new directory.
prompt> ls -ld /var/log/php/
drwxr-x--- 2 www-data adm 4096 Nov 1 13:31 /var/log/php/
You could also change the permissions on /var/log/apache2/
, but that seems like a security/privacy issue. It's safer to make a new directory and leave the existing structure as is.
The reason why the permissions have to change is that it is no longer using some version of syslog
to publish to the log files. The syslog
variants run as root and accept messages from non-root. But in my case, I was specifying the file from the web server, which made the permissions wrong.
There is a fix that uses syslog
so that it could keep the same ownership. I did not try to make that work, as this is for a test server.
This may not have been the problem that you were having, but I'm pretty sure that I was using the default permissions for /var/log/apache2/
. So it's quite possible that it was the problem. And even if it wasn't, this is one of the places I was searching for troubleshooting advice. So next time something like this happens to me, I'll have a reminder of what to check.
I had the same problem. https://serverfault.com/questions/831444/php-error-log-per-vhost/831666#831666
touch /path/to/php_error.log
chown www-data:www-data php_error.log
chmod 755 php_error.log
thanks for leading me to the answer!
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With