Symlinks and suPHP

Ok, so I have a network of about 20 sites which all share same database and, more important for this topic, images. All websites are on a same server so to avoid duplicating folder with images (and maintaining all those images) I have created symlinks from all websites to point to first domain’s “images” folder, which contains all the images.

The server is WHM-powered one so most of you who have worked on such servers should know at least part of it’s configuration. I will make an example with two domains ( and but settings for (should) apply to all other domains.

So I have images available on (local path /home/user1/public_html/images/)
Then on I have created a symlink in /home/user2/public_html/ named “images” and pointing to /home/user1/public_html/images

Apache is set to follow symlinks so when I open I get a list of images from /home/user1/public_html/images/ - that’s cool, just what I wanted.

Now, the problem I have is suPHP which changes PHP process user ID to the php file owner ID, so the scripts from are executed as user2 and they can not even check if some of the images exist (the image thumbnail creation functions first check if image thumbnail exists, then if not they should create thumbnail).

I have tried various combinations of file/folder ownerships and permissions and none of them worked. As with standard WHM setup user1 belongs to group user1 and user2 to group user2. I have created additional group (“shared”), and added both users to this group, then I’ve set permissions like this:

user1 public_html:

root@server1 [/home/user1/public_html]# ls -l
total 72
drwxr-x---  9 user1 nobody  4096 Jan 12 07:32 ./
drwx--x--x 11 user1 user1 4096 Jan 12 08:35 ../
-rw-r--r--  1 user1 user1  852 Jan 12 07:31 htaccess-example.txt
drwxrwxrwx  5 user1 shared   4096 Jan 12 09:47 images/
-rw-r--r--  1 user1 user1 5924 Jan 12 10:52 index.php
-rw-r--r--  1 user1 user1    5 Jan 12 08:36 license.txt

user1 public_html/images:

root@server1 [/home/user1/public_html/images]# ls -la
total 32
drwxrwxrwx 5 user1 shared  4096 Jan 12 09:47 ./
drwxr-x--- 9 user1 nobody 4096 Jan 12 07:32 ../
-rw-rw-r-- 1 user1 shared   135 Jan 12 09:46 htaccess.old
-rw-rw-r-- 1 user1 shared   114 Jan 12 05:15 index.html
drwxrwxr-x 2 user1 shared  4096 Jan 12 05:15 logos/
-rw-rw-r-- 1 user1 shared  4039 Jan 12 05:15 profile-empty.jpg
drwxrwxr-x 3 user1 shared  4096 Jan 12 11:29 properties/

user2 public_html:

root@server1 [/home/user2/public_html]# ls -la
total 68
drwxr-x---  8 user2 nobody  4096 Jan 12 10:09 ./
drwx--x--x 11 user2 user2 4096 Jun 23  2014 ../
-rw-r--r--  1 user2 user2  852 Jan 12 09:49 htaccess-example.txt
lrwxrwxrwx  1 user2 shared  32 Jan 12 09:51 images -> /home/user1/public_html/images/
-rw-r--r--  1 user2 user2 5917 Jan 12 09:49 index.php
-rw-r--r--  1 user2 user2    6 Jan 12 10:04 license.txt

As you can see, all files and folders in /images/ have group permissions set to read/write so I don’t know why PHP scripts executed as user2 can’t access them :frowning: Maybe because “shared” is not their primary group?

I have tried to trick it and change owner of php files in /home/user2/public_html/ to user1, but I get “internal server error” when trying to access them with my web browser. Damn suPHP! :smiley:

Again, loading images directly works across all domains, but PHP scripts can not access them. Therefore I think the problem is suPHP so my question is can I fix this issue by setting correct permissions (and how) or I’ll have to turn suPHP off (which I wouldn’t really like)?

PHP error:

Warning: readfile(images/profile-empty.jpg) [function.readfile]: failed to open stream: Permission denied in /home/user2/public_html/index.php on line 25

I solved the issue by moving images folder to /home/images and making symlinks into every domains’ public_html to point to that folder. Owner of both folder and symlinks is root, so I have no idea how it works - yet it works :slight_smile:

This topic was automatically closed 91 days after the last reply. New replies are no longer allowed.