YM_Industries YM_Industries - 6 months ago 27
PHP Question

CakePHP permissions error

This may seem like a duplicate but I have read the similar questions and tried what they suggested and it didn't work.

When I navigate to my CakePHP site I get the following errors


Warning (2): mkdir(): Permission denied
[CORE/src/Cache/Engine/FileEngine.php, line 417]

Warning: file_put_contents(/var/www/html/my-application/logs/error.log)
[function.file-put-contents]: failed to open stream: Permission denied
in
/var/www/html/my-application/vendor/cakephp/cakephp/src/Log/Engine/FileLog.php
on line 134

Warning (512): /var/www/html/my-application/tmp/cache/persistent/ is not
writable [CORE/src/Cache/Engine/FileEngine.php, line 425]

Warning (2):
file_put_contents(/var/www/html/my-application/logs/error.log)
[function.file-put-contents]: failed to open stream: Permission denied
[CORE/src/Log/Engine/FileLog.php, line 134]

Warning: file_put_contents(/var/www/html/my-application/logs/error.log)
[function.file-put-contents]: failed to open stream: Permission denied
in
/var/www/html/my-application/vendor/cakephp/cakephp/src/Log/Engine/FileLog.php
on line 134


The thing is I am sure that PHP has access to all the necessary files.

PHP runs as user apache, in group apache. Evidence:

[ec2-user@cv-stg01 my-application]$ ps -efl | grep apache
5 S apache 21863 21861 0 80 0 - 124037 SYSC_s 03:06 ? 00:00:00 /usr/sbin/httpd -DFOREGROUND
5 S apache 21864 21861 0 80 0 - 123971 SYSC_s 03:06 ? 00:00:00 /usr/sbin/httpd -DFOREGROUND
5 S apache 21865 21861 0 80 0 - 123485 SYSC_s 03:06 ? 00:00:00 /usr/sbin/httpd -DFOREGROUND
5 S apache 21867 21861 0 80 0 - 124037 SYSC_s 03:06 ? 00:00:00 /usr/sbin/httpd -DFOREGROUND
5 S apache 21868 21861 0 80 0 - 123485 SYSC_s 03:06 ? 00:00:00 /usr/sbin/httpd -DFOREGROUND
5 S apache 21869 21861 0 80 0 - 123485 SYSC_s 03:06 ? 00:00:00 /usr/sbin/httpd -DFOREGROUND
5 S apache 21870 21861 0 80 0 - 124037 SYSC_s 03:06 ? 00:00:00 /usr/sbin/httpd -DFOREGROUND
5 S apache 21881 21861 0 80 0 - 123485 SYSC_s 03:09 ? 00:00:00 /usr/sbin/httpd -DFOREGROUND
5 S apache 21882 21861 0 80 0 - 123485 SYSC_s 03:09 ? 00:00:00 /usr/sbin/httpd -DFOREGROUND
5 S apache 21883 21861 0 80 0 - 125444 ep_pol 03:09 ? 00:00:00 /usr/sbin/httpd -DFOREGROUND
0 S ec2-user 21934 21785 0 80 0 - 28161 pipe_w 03:20 pts/0 00:00:00 grep --color=auto apache


Relevant directories are owned by apache:apache and have permissions set to 777 anyway:

[ec2-user@cv-stg01 my-application]$ ls -l
total 132
drwxrwxr-x. 2 apache apache 47 May 12 21:16 bin
-rw-rw-r--. 1 apache apache 1128 May 12 21:16 composer.json
-rw-rw-r--. 1 apache apache 93002 May 12 21:16 composer.lock
drwxrwxr-x. 3 apache apache 4096 May 12 21:19 config
-rw-rw-r--. 1 apache apache 648 May 12 21:16 index.php
drwxrwxrwx. 2 apache apache 34 May 13 03:10 logs
-rw-rw-r--. 1 apache apache 1139 May 12 21:16 phpunit.xml.dist
drwxrwxr-x. 2 apache apache 18 May 12 21:16 plugins
-rw-rw-r--. 1 apache apache 980 May 12 21:16 README.md
drwxrwxr-x. 9 apache apache 4096 May 12 21:16 src
drwxrwxrwx. 4 apache apache 55 May 12 21:16 tests
drwxrwxrwx. 2 apache apache 6 May 13 03:17 tmp
drwxrwxr-x. 28 apache apache 4096 May 12 21:16 vendor
drwxrwxr-x. 9 apache apache 4096 May 12 21:16 webroot


Sub-directories in tmp/ have correct permissions too:

[ec2-user@cv-stg01 tmp]$ ls -l
total 0
drwxrwxrwx. 5 apache apache 48 May 12 21:16 cache
drwxrwxrwx. 2 apache apache 18 May 12 21:16 sessions
drwxrwxrwx. 2 apache apache 18 May 12 21:16 tests


I have also tried re-applying the permissions, just in case, using

sudo chown -R apache:apache /var/www/html/my-application
sudo chmod -R 777 /var/www/html/my-application/tmp
sudo chmod -R 777 /var/www/html/my-application/logs
sudo chmod -R 777 /var/www/html/my-application/tests


And I have even logged in as apache and edited the files myself, with no issues

sudo su -s /bin/bash apache
vi /var/www/html/my-applciation/logs/error.log


I'm really struggling to work out what the issue could be now.

We have SELinux installed/enabled, so maybe that's causing issues?

Help would be greatly appreciated.

Thanks,

YM

Answer

The issue was SELinux. It was resolved using the following commands:

chcon -R system_u:object_r:var_lib_t:s0 tmp
chcon -R  system_u:object_r:var_lib_t:s0 logs
chcon system_u:object_r:httpd_var_lib_t:s0 logs/*
chcon system_u:object_r:httpd_var_lib_t:s0 tmp/debug_kit.sqlite
chcon  system_u:object_r:var_lib_t:s0 tests

chmod -R o-w tmp logs tests 
Comments