If chown is filled with a variable ( chown ("myfile", $uid) the uid will be looked up through pwget_uid.
So if you need to set a non existing uid use inval($uid).
PHP - Manual: chown
2024-12-21
(PHP 4, PHP 5, PHP 7, PHP 8)
chown — 改变文件的所有者
尝试将文件 filename
的所有者改成用户
user
(由用户名或用户 ID 指定)。
只有超级用户可以改变文件的所有者。
filename
文件路径。
user
用户名或数字。
成功时返回 true
, 或者在失败时返回 false
。
示例 #1 简单的 chown() 用法
<?php
// File name and username to use
$file_name= "foo.php";
$path = "/home/sites/php.net/public_html/sandbox/" . $file_name ;
$user_name = "root";
// Set the user
chown($path, $user_name);
// Check the result
$stat = stat($path);
print_r(posix_getpwuid($stat['uid']));
?>
以上例程的输出类似于:
Array ( [name] => root [passwd] => x [uid] => 0 [gid] => 0 [gecos] => root [dir] => /root [shell] => /bin/bash )
If chown is filled with a variable ( chown ("myfile", $uid) the uid will be looked up through pwget_uid.
So if you need to set a non existing uid use inval($uid).
I've only tested this on Solaris 10 so your mileage may vary.
To allow the apache daemon to change file ownership without being root, add the following line to /etc/system:
set rstchown=0
Reboot the server.
There are security concerns doing this as this modification allows any user to change ownership of their files to anyone else.
If you want to chown a symlink, PHP will follow the symlink and change the target file.
If you want to chown the symlink, you have to use shell_exec("/bin/chown user.group symlink");
If you allow sudo execution for chmod by "nobody" (www, webdaemon, httpd, whatever user php is running under)in this manner, it had better be a system on which the owner is able to be root and no one else can run code, else your whole system is compromised. Someone could change the mode of /etc/passwd or the shadow password file.
Other system commands (sudo mount) and so forth are similar.
For most modern Linux systems your apache user should not be run as root, and in order to change the ownership of a file or directory, you need to be root. To get around this problem you can use sudo, but be careful with what permissions you give. Here is an example which is working for me:
www-data ALL = NOPASSWD: /bin/chown 1[1-9][0-9][0-9]\:1[1-9][0-9][0-9] /home/www/[a-zA-Z0-9]*
This allows the apache server to change ownership of files in /home/www with name containing a-z, A-Z or numbers (note: no subdirectories). The only valid input of userid is a four digit numeric id, between 1100 and 1999.
Hope this helps.
Simple usage of the chown:
<?php
$file_name= "test";
$path = "/var/www/html/test/" . $file_name ;
$user_name = "root";
chown($path, $user_name);
?>
<?php
function recurse_chown_chgrp($mypath, $uid, $gid)
{
$d = opendir ($mypath) ;
while(($file = readdir($d)) !== false) {
if ($file != "." && $file != "..") {
$typepath = $mypath . "/" . $file ;
//print $typepath. " : " . filetype ($typepath). "<BR>" ;
if (filetype ($typepath) == 'dir') {
recurse_chown_chgrp ($typepath, $uid, $gid);
}
chown($typepath, $uid);
chgrp($typepath, $gid);
}
}
}
recurse_chown_chgrp ("uploads", "unsider", "unsider") ;
?>
for older versions.. unfortunately, it seems I do not have permission to perform these functions.