RHEL + PHP : writing files outside /var/www/html?
Question
I'm trying to open a file for read/write. I've been developing on Ubuntu, and have had no problems whatsoever. Now it's time to deploy to the RHEL server, and I discover there seems to be some kind of restriction on the location of a file to be written.
On RHEL, I can't open the file unless it's under /var/www/html. I can't figure out how to allow other locations. I need to manipulate files on a different volume, for disk space management reasons.
The following is the bit of code that works fine on Ubuntu no matter what, but breaks on RHEL if the file is outside the web root:
$repometa = fopen( "/path/to/file/it/does/exist/and/has/good/perms", "r+b");
The actual error is as follows, which is weird, because the permissions are just fine (owned by the "apache" user, with 0644 perms on file, 755 on dirs).
fopen(<thefile>): failed to open stream: Permission denied
Can someone point me to the documents that describe how to un-break RHEL's Apache/PHP config to allow writing to alternate locations on the file system?
Thanks, ~ Paul
3 answers
solution1
3 2013-01-14 17:07:19
要为接受的答案添加一些细节,我也有这个确切的问题,这个命令为我修复了它。
chcon -R -t httpd_sys_content_t /path/to/file/it/does/exist/and/has/good/perms
solution2
3 ACCPTED 2012-01-25 06:39:24
As written in the httpd_selinux(8) man page, you must give files and directories specific file contexts if you want to be able to read from or write to them. See the man page for details, keeping in mind that PHP scripts run as the daemon unless you have specifically set up PHP to run as CGI.
solution3
1 2012-01-25 06:35:48
Sounds like a user and/or group permission issue. The file itself may be writeable... (as you mentioned in your nice path name,) but maybe the apache user (or however it is titled,) is not allowed to make any file changes outside of the default /var/www/html directory?
Any way to make a change to a file inside /var/www/html and then have another shell script (and/or user,) take it from there and move it to your desired directory?
Interesting that it would work on Ubuntu and not RHEL; maybe RHEL is more strict as far as users and groups go?
As an aside: in general, it might be safer not to have PHP write to files outside of the www directories... :)
EDIT
On @Ignacio's hint(1), maybe something like this might work: http://us2.php.net/manual/en/function.fopen.php#56551
If it's something you will need all the time, you might want to try typing this on the command line:
/usr/sbin/setsebool -P httpd_can_network_connect=1
I still would be careful about PHP file manipulation outside of the www folder... but, hope that helps...!
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.