www-data user cannot open a file to write in php

I have an apache server running as www-data on Ubuntu 20.04.3 LTS (GNU/Linux 5.4.0-97-generic x86_64) In a php file the following line fails with error: Permission denied

$f=fopen("detekst.txt","a+");

Looking at the permissions:

la -al detekst.txt
-rw-rw-r-- 1 L146584 leerlingen 1364 Feb 15 15:12 detekst.txt

and checking groups

groups www-data 
www-data : www-data leerlingen

I also verified using exec('whoami'); that www-data runs php.

Using a text-editor another member of leerlingen can open the file for writing.

So I am realy puzzeled, why can't www-data being a member of leerlingen not open the file?

If I change the permissions of detekst.txt to 0666:

-rw-rw-rw- 1 L146584 leerlingen 1364 Feb 15 15:12 detekst.txt

the php code runs fine!!

Also when going back to 664 file permission and change the group to www-data all works fine.

-rw-rw-r-- 1 L146584 www-data 1478 Feb 15 15:45 detekst.txt

What am I doing wrong here?

Your group ownership of the file in question is not www-data when you first attempt to use the file, as such www-data user and group don't have write permissions when 644 or 664 are the permissions on the file. If www-data doesn't have user or group ownership of thefile, it falls into the "others" category for permissions, which is read-only (4 = read only perms in chmod language)

Fixing this is to change the group ownership as you saw to www-data and then making sure the permissions are 664 at least because that adds the write permission.

Alternatively, www-data gets added to another group, then you reboot your server to make sure the services all get restarted correctly with the new permissions. In Linux, the services are already started and won't inherit a new permissions group membership until the services are fully restarted under a new session of that 'user', whether it's a system daemon user or not. So a reboot will help refresh that data on next startup of the web server.