Laravel 日志文件权限问题

Question

If there is an error when running php artisan command the log file will be created like this:

 -rw-rw-r-- 1 user www-data 2,2K Jul 28 18:08 laravel-2019-07-28.log

If there is an error when using app through web browser the log file will be created like this:

-rw-r--r-- 1 www-data www-data 2,2K Jul 28 16:10 laravel-2019-07-28.log

After www-data has created the original file and if there is an error with php artisan command, it will throw an error Permission denied because it can't write to the log

Is there a way to set default chmod for NEW created files, so that they always have rw for group Or you guys have some other solution for this

To reproduce this problem:

1. delete all storage/logs/*.log files
2. call some non existing php artisan command for example: php artisan make:xy -> this will make an error and create a .log file
3. call route in browser /logout -> this will try to write in that same log file and will throw an error that it can't write into log 'Permission denied'

Answer 1

Was struggling with this for a long time, and wondered the same thing as the OP, who asked:

Is there a way to set default chmod for NEW created files, so that they always have rw for group

The answer is YES .

In config/logging.php I added permission => 0666 , which I found in the Laravel docs , so the config for my daily log now looks like this:

'daily' => [
   'driver' => 'daily',
   'path' => storage_path('logs/laravel.log'),
   'level' => 'debug',
   'days' => 14,
   'permission' => 0666,
],

Just to be clear, 0664 would already be enough to set group permission to rw , but that still resulted in permission errors.

0666 has resolved the permission conflicts for me. Hope this helps someone!

Answer 2

In my projects I solve this problem defining a custom logger that create a log file fo reach username.

1. Create the custom logger on app/Logging/UserNamedLogger.php :

    <?php namespace App\\Logging; use Monolog\\Handler\\RotatingFileHandler; use Monolog\\Handler\\SyslogHandler; use Monolog\\Logger; class UserNamedLogger { /** * Create a custom Monolog instance. * * @param array $config * @return \\Monolog\\Logger */ public function __invoke(array $config) { $logger = new Logger('UserNamedLogger'); // Configure Monolog to log on user named log files $filename = storage_path('logs/laravel-'. posix_getpwuid(posix_geteuid())['name'] .'.log'); $rotatingHandler = new RotatingFileHandler($filename); $logger->pushHandler($rotatingHandler); return $logger; } }

2. Edit the config/logging.php config file:

Inside 'channels' key, add your custom logger:

    'named' => [
        'driver' => 'custom',
        'via' => App\Logging\UserNamedLogger::class,
    ],

And change the default logger to the named channel:

    'default' => env('LOG_CHANNEL', 'named'),

Now everytime that your artisan (or a scheduled job) runs, it will log on a different file that your www server do. This solves the permission issues.

Imo, this should be the default behavior for Laravel logging.

Answer 3

Change owner of the /var/www folder:

sudo chown www-data:www-data /var/www ( If your project is under /var/www folder )

You may replace www-data with the respective user level if you need to do for a different users like root .

Answer 4

For those who don't want any additional code just go into laravel storage folder through command line/terminal and run these 3 commands:

set default group www-data

find logs -type d -exec chgrp www-data {} +

set all new files and subfolders created within the current directory inherit the group of the directory

find logs -type d -exec chmod g+s {} +

if user creates a file it will be with rw-rw-r permissions

sudo setfacl -R -d -m u::rw logs