Permission denied error when reading cached config
tmcnicholls opened this issue · 5 comments
- I was not able to find an open or closed issue matching what I'm seeing.
- This is not a question. (Questions should be asked on chat (Signup here) or our forums.)
After updating zend-modulemanager to from 2.8.2 to 2.8.3, we are seeing permission denied errors in our application when it is trying to read the cached module config. We have various projects using this release and the only one which is affected has a large module.config.php of approx 11k lines.
Code to reproduce the issue
Update zend-modulemanager to from 2.8.2 to 2.8.3
Expected results
Application is able to cache its module config.
Actual results
On deploying our application to AWS, we see the following errors in Cloudwatch and the deployment fails. I've been unable to replicate this in my local environment and this issue has only started to occur after the update to version 2.8.3.
I believe this must be related to the changes merged here:
I am trying to debug this further to find the root cause.
Got error 'PHP message: PHP Warning: include(/var/www/httpdocs/data/cache/module-config-cache.application.config.cache.php): failed to open stream: Permission denied in /var/www/httpdocs/vendor/zendframework/zend-modulemanager/src/Listener/ConfigListener.php on line 389\nPHP message: PHP Warning: include(): Failed opening 'data/cache/module-config-cache.application.config.cache.php' for inclusion (include_path='.:/usr/share/pear:/usr/share/php') in /var/www/httpdocs/vendor/zendframework/zend-modulemanager/src/Listener/ConfigListener.php on line 389\nPHP message: PHP Fatal error: Uncaught TypeError: Argument 1 passed to Zend\ModuleManager\Listener\ConfigListener::setMergedConfig() must be of the type array, boolean given, called in /var/www/httpdocs/vendor/zendframework/zend-modulemanager/src/Listener/ConfigListener.php on line 68 and defined in /var/www/httpdocs/vendor/zendframework/zend-modulemanager/src/Listener/ConfigListener.php:205\nStack trace:\n#0 /var/www/httpdocs/vendor/zendframework/zend-modulemanager/src/Listener/ConfigListener.php(68): Zend\ModuleManager\Listener\ConfigListener->setMergedConfig(false)\n#1 /var/www/httpdocs/vendor/zendframework/zend-modulemanager/src/Listener/DefaultListenerAggregate.php(110): Zend\ModuleManager\Listener\ConfigListener->__construct(Object(Zend\ModuleManager\Listener\ListenerOptions))\n#2 /var/www/httpdocs/vendor/zendframework/zend-modulemanager/src/Listener/DefaultListenerAggregate.php(40): Zend\ModuleManager\Listener\DefaultListenerAggregate->getConfigLi...\n'
Possibly tempnam() generating a file that has /tmp flags?
Hmm...
Creates a file with a unique filename, with access permission set to 0600
https://www.php.net/manual/en/function.tempnam.php
@Ocramius Do you think it should be changed to 0644 after rename?
Yes it looks like this could be the issue, with our deploy user not being the same as the apache user. I'm looking into it more now, thanks.
Yeah, a chmod() after tempnam() could work. See https://github.com/Ocramius/ProxyManager/blob/9cdc09aefa20656429f1f1b6a4c0284275cb38cd/src/ProxyManager/GeneratorStrategy/FileWriterGeneratorStrategy.php#L72-L80 for an example of this thing done again (this kind of code is becoming nauseatingly repetitive BTW - repeated in dozens of projects: time for a new library?)
@tmcnicholls @Ocramius created PR #91 to fix this issue.
repeated in dozens of projects: time for a new library?
I've heard it already somewhere :P Will do "later" ;-)