Bug 586570

Summary: php updates change permissions on /var/lib/php/session
Product: Red Hat Enterprise Linux 5 Reporter: Elliott Forney <elliott.forney>
Component: phpAssignee: Joe Orton <jorton>
Status: CLOSED NOTABUG QA Contact: BaseOS QE - Apps <qe-baseos-apps>
Severity: medium Docs Contact:
Priority: low    
Version: 5.5   
Target Milestone: rc   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2011-06-24 08:56:36 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Elliott Forney 2010-04-27 21:47:20 UTC 
Description of problem:

Each time we install a php update it changes the permissions on /var/lib/php/session to 755

Version-Release number of selected component (if applicable):

php-5.1.6-27.el5

How reproducible:

Always.

Steps to Reproduce:
1.  change permissions for /var/lib/php/session to say 1733
2.  install php update
3.  permissions are changed back to 755
  
Actual results:

Permissions are changed to 755 on update.

Expected results:

Permissions should be left alone.

Additional info:

We run suPHP on a shared platform.  This requires users other than apache to be able to write session files in /var/lib/php/session  Everyone's sessions break when we install a php update and we have to fix the permissions on this directory.
Comment 1 Joe Orton 2010-07-07 13:52:54 UTC 
The behaviour described is expected: the directory is under package management control so any changes to permissions, owernship, etc, should not be expected to be preserved across package upgrades.

If you want to use a directory with different permissions you'll have to create one and change the session.save_path setting in php.ini.   I'm not sure I see any other solution here.
Comment 2 Elliott Forney 2010-08-30 20:29:43 UTC 
Looks like you are correct:  there is really no way to prevent this from happening with rpm.  I wish I could modify permissions on files/directories under package management without having my toes stepped on but I suppose that is a bit of a philosophical argument and could bring up a number of other issues.  Thanks anyhow!
Comment 3 Joe Orton 2011-06-24 08:56:36 UTC 
I think you can use ACLs to do this (setfacl), which RPM may not overwrite, but using a different directory is probably better.