Patrick Kerrigan

PHP temporary files not visible in /tmp on RHEL 7

by Patrick Kerrigan, . Tags: Linux Php

If you're working on or debugging a PHP application that creates files in the /tmp directory then you may find yourself needing to check for the existence of or the content of these files. On RHEL/CentOS 6 and below this would be as straightforward as listing the contents of /tmp or opening the file in your preferred text editor. On RHEL/CentOS 7 however you may be surprised to see that while your application can see its files fine, you can't.

As the /tmp directory is generally readable and writeable by all users and processes on the system, the switch to systemd has introduced the "PrivateTmp" feature in order to allow administrators to isolate different processes' views of the /tmp directory from each other. If you installed PHP using yum then this is probably what's stopping you from viewing files it creates in the /tmp directory.

Disabling PrivateTmp for PHP

Disabling PrivateTmp for PHP is generally fairly simple, but does depend on how you have PHP running. If you're running PHP-FPM then you'll want to edit

/lib/systemd/system/php-fpm.service

If you're using Apache, you'll want to edit

/lib/systemd/system/httpd.service

and change the line

PrivateTmp=true

to

PrivateTmp=false

Next, you'll need to tell systemd to reload so that your changes to the service file are noticed

systemctl daemon-reload

then finally, restart your PHP service

systemctl restart php-fpm

or

systemctl restart httpd

any files that PHP creates in /tmp should now be visible to you!

A word of warning

This feature was added with the security of your system in mind. While useful for development environments, it is not recommended to disable PrivateTmp in production if it doesn't break your app (and arguably if it does, you're doing something wrong).