clearstatcache

chmod

Last updated: Fri, 06 Nov 2009

chown

(PHP 4, PHP 5)

chown — Changes file owner

Description

bool chown ( string $filename , mixed $user )

Attempts to change the owner of the file filename to user user . Only the superuser may change the owner of a file.

Parameters

filename: Path to the file.
user: A user name or number.

Return Values

Returns TRUE on success or FALSE on failure.

Examples

Example #1 Simple chown() usage


<?php

// File name and username to use
$file_name= "foo.php";
$path = "/home/sites/php.net/public_html/sandbox" . $file_name ;
$user_name = "root";

// Set the user
chown($path, $user_name);

// Check the result
$stat = stat($path);
print_r(posix_getpwuid($stat['uid']));

?>

The above example will output something similar to:

array(7) {
  ["name"]=>
  string(13) "php.net"
  ["passwd"]=>
  string(1) "x"
  ["uid"]=>
  int(148864)
  ["gid"]=>
  int(148910)
  ["gecos"]=>
  string(13) "php.net"
  ["dir"]=>
  string(25) "/home/sites/php.net"
  ["shell"]=>
  string(13) "/sbin/nologin"
}

Notes

Note: This function will not work on remote files as the file to be examined must be accessible via the server's filesystem.

Note: When safe mode is enabled, PHP checks whether the files or directories being operated upon have the same UID (owner) as the script that is being executed.


For most modern Linux systems your apache user should not be run as root, and in order to change the ownership of a file or directory, you need to be root. To get around this problem you can use sudo, but be careful with what permissions you give. Here is an example which is working for me:



www-data        ALL = NOPASSWD: /bin/chown 1[1-9][0-9][0-9]\:1[1-9][0-9][0-9] /home/www/[a-zA-Z0-9]*



This allows the apache server to change ownership of files in /home/www with name containing a-z, A-Z or numbers (note: no subdirectories). The only valid input of userid is a four digit numeric id, between 1100 and 1999. 



Hope this helps.

Mikevac at yahoo dot com
02-Feb-2008 04:42


I've only tested this on Solaris 10 so your mileage may vary.



To allow the apache daemon to change file ownership without being root, add the following line to /etc/system:



set rstchown=0



Reboot the server. 



There are security concerns doing this as this modification allows any user to change ownership of their files to anyone else.

Tayfun Bilsel
12-Jan-2006 01:13


Simple usage of the chown:



<?php



$file_name= "test";

$path = "/var/www/html/test/" . $file_name ;



$user_name = "root";



chown($path, $user_name);



?>

Jens Vieler
23-May-2005 04:38


for some reason i was searching for chown() with an "on this mashine"-unknown userid and found martijn's hint very interesting. the main problem is, that if the numerical uid is used within a variable, it is checked against the /etc/passwd and returns "unknown user". a little note:



use intval(), not inval()! so all in all it is:



   chown($path_to_dir,intval($uidnumber));

greg _at_ rhythmicdesign d.o.t com
24-Feb-2004 09:00


<?php


function recurse_chown_chgrp($mypath, $uid, $gid)


{


    $d = opendir ($mypath) ;


    while(($file = readdir($d)) !== false) {


        if ($file != "." && $file != "..") {





            $typepath = $mypath . "/" . $file ;





            //print $typepath. " : " . filetype ($typepath). "<BR>" ;


            if (filetype ($typepath) == 'dir') {


                recurse_chown_chgrp ($typepath, $uid, $gid);


            }





            chown($typepath, $uid);


            chgrp($typepath, $gid);





        }


    }





 }





recurse_chown_chgrp ("uploads", "unsider", "unsider") ;


?>





for older versions.. unfortunately, it seems I do not have permission to perform these functions.

Richard Esplin
12-Oct-2003 12:49


As far as I can tell, PHP's built in functions will not do a recursive chown or chgrp. But it wouldn't be hard to write a function for this. Here is some starter code based on an example written by John Coggeshall which I found at http://www.coggeshall.org :





<?php


function recurse_chown_chgrp($path2dir, $uid, $gid){


    $dir = new dir($path2dir);


    while(($file = $dir->read()) !== false) {


        if(is_dir($dir->path.$file)) {


            recurse_chown_chgrp($dir->path.$file, $uid, $gid);


        } else {


            chown($file, $uid);


            chgrp($file, $gid);


        }


    }


    $dir->close();


}


?>





I have not tested this code (but I think it will work) because for my current needs, a simple exec("chown -r $user.$group $path"); is sufficient. I would need this code if I were not in control of the contents of these variables because they can be dangerous on the command line.

Klaus Zierer
28-Jun-2003 12:37


If you want to chown a symlink, PHP will follow the symlink and change the target file.



If you want to chown the symlink, you have to use shell_exec("/bin/chown user.group symlink");

martijn at sigterm dot nl
20-Jun-2003 11:28


If chown is filled with a variable (  chown ("myfile", $uid) the uid will be looked up through pwget_uid.



So if you need to set a non existing uid use inval($uid).

njs+php at scifi dot squawk dot com
22-Sep-2000 03:28


If you allow sudo execution for chmod by "nobody" (www, webdaemon, httpd, whatever user php is running under)in this manner, it had better be a system on which the owner is able to be root and no one else can run code, else your whole system is compromised.  Someone could change the mode of /etc/passwd or the shadow password file.





Other system commands (sudo mount) and so forth are similar.

add a note