Nginx Question posted in
The official documentation can be found here.

What permissions can I give my logs for Laravel to be able to read from them? – Nginx

I am trying to display my logs on my website to verified users in Laravel based on my role based access control.

$file = fopen("/var/log/auth.log", "r") or die();
$content = fread($file, filesize("/var/log/auth.log"));
fclose($file);

This hits me with an error:

fopen(/var/log/auth.log): failed to open stream: Permission denied

I can see that Laravel does not have the correct read permissions for this file and I do not what to do a typical chmod -R 777 due to security. I am using nginx but Laravel executes with php-fpm.

What user-group does my site execute in? What permissions should I give that user-group on my log files?

Tags:

2

Answers


  1. 0

    Try:

    chown {your_user}:nginx /var/log/auth.log
chmod ug+rwx /var/log/auth.log
    Login or Signup to reply.
  2. 0

    For this situation it’s strongly not recommended to change permissions like "chmod 0777" (the same 777), "chmod 0755" (the same 755) or something like that for avoiding security vulnerabilities.
    Actually the files which will used by web-server, will attach to your "storage" directory. You can just change owner, as web-server user (Apache or Nginx). Lot of cases it’s "www-data".
    Also don’t forget about bootstrapped cache-files (configurations, services and packages) under "bootstrap/cache" directory.

    sudo chown -R www-data:www-data storage/ bootstrap/cache/

    After this, when you will want to run some artisan-commands, you can do them with "sudo", or just can make the current user as owner:

    sudo chown -R $USER:$USER storage/ bootstrap/cache/

    And after running your command(s) you can revert back the owner to "www-data" user (1-st command).

    The advantage of this method is that this will not be tracked by version control system.

    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search