Getting PHP upload error 6 because of $HOMEDIR/$user/tmp permissions


I am getting UPLOAD_ERR_NO_TMP_DIR when I upload files. I think this issue occurs because when adding a user, $HOMEDIR/$user/tmp folder is given a permission of 700 which prevents php to access it.

I can successfully upload the file if I change the permission to 777 but I don’t want to do that, it will be overridden when rebuilding which, gives it a permission of 771. 771 also, does not work and gives same error, maybe because of user group.

What could be a proper solution to fix this issue?

Installation Information
Operating system: Ubuntu 20.04 (x86_64)
Install options: --nginx yes --apache yes --phpfpm no --multiphp no --vsftpd yes --proftpd no --named no --mysql no --postgresql no --exim no --dovecot no --clamav no --spamassassin no --iptables yes --fail2ban yes --quota no --api no
Hestia Control Panel: v1.3.4


hey mee.feed,

in scenarios where you do not use multi-php apache runs php as mod/prefork. with that there is a need to tell apache to switch users for the php processes it spawns.

this should be done via mod-ruid2 or alternatively via mpm-itk. I just checked should be available in ubuntu 20.04 - maybe you can verify that at least one of these is installed (dpkg -l).

which apache2-template do you use? something custom? make sure the according directives for either ruid2 or itk are in there. essentially every php process should not run as www-data but instead as the correct user.

that said, you want to make sure that your (php) files truly belong to the correct owner! with I mean, check if you unpacked stuff fro a zip or tgz via shell console as admin/root/whatever, that these files have their owner changed to the proper user they are under. otherwise a working ruid/itk would switch to the wrong user as well, becvause of the wrong owner.

TL;DR; if the file owners are correct and apache has a module to switch to that owner as user, there is no need to adjut permissions on the tmp folder. it will work out of the box.

1 Like

I have the same issue. Hestia should do it automatically?

Hello @falzo

Installing mod-ruid2 with apt install libapache2-mod-ruid2 fixed the issue. Previously apache was opening php files with www-data user.

which apache2-template do you use? something custom?

For testing purpose, I was using the default template but I will be using a custom one and as you said, will make sure that proper directives are placed.

that said, you want to make sure that your (php) files truly belong to the correct owner!

Yes, the files belong to the correct user.

I have another question. I was hesitating to install with --multiphp because I wanted to install/enable only the most required software so that everything is most optimized. Also, I avoid using php-fpm with apache. That’s just my preference.

Thanks for the detailed response.

Hello @schiwe

Just install libapache2-mod-ruid2 it should fix the problem.

apt install libapache2-mod-ruid2


1 Like

thanks for reporting back @mee.feed - I guess we need to check, why it wasn’t there in the first place, because it should be part of the regular installation.

however I also remember that it wasn’t available in one distro anymore, deb10/buster probably? we looked into that a while ago at least and made sure itk would still be working instead… I will check the installer, to see if it is still there or where it might be missing.

@schiwe yes it should work automatically with Hestia, but seems it did not get installed on ubuntu 20.04

@mee.feed Thanks.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.