Answer the question
In order to leave comments, you need to log in
G
G
gto61202017-02-26 20:09:09
gto6120, 2017-02-26 20:09:09
What is the problem with selinux?
Error:
The directory is not writable by the Web process: /var/www/t.dev/frontend/web/assets
when setenforce 0 works.
from log:
type=AVC msg=audit(1488127518.956:585): avc: denied { write } for pid=2329 comm="php-fpm" name="assets" dev="dm-0" ino=17052579 scontext=system_u :system_r:httpd_t:s0 tcontext=unconfined_u:object_r:httpd_sys_content_t:s0 tclass=dirtype
t
As I understand it, there are some problems with the difference in contexts, like the user and role are different. How to fix?
For info:
[[email protected] t.dev]# ps axZ | grep php-fpm
system_u:system_r:httpd_t:s0 942 ? Ss 0:01 php-fpm: master process (/etc/php-fpm.conf)
system_u:system_r:httpd_t:s0 2264 ? S 0:00 php-fpm: pool www
system_u:system_r:httpd_t:s0 2265 ? S 0:01 php-fpm: pool www
system_u:system_r:httpd_t:s0 2266 ? S 0:00 php-fpm: pool www
system_u:system_r:httpd_t:s0 2267 ? S 0:00 php-fpm: pool www
system_u:system_r:httpd_t:s0 2329 ? S 0:00 php-fpm: pool www
system_u:system_r:httpd_t:s0 2521 ? S 0:00 php-fpm: pool www
[[email protected] t.dev]# ls -Z /var/www/t.dev/frontend/web
drwxrwxr-x. nikolay www-data unconfined_u:object_r:httpd_sys_content_t:s0 assets (!!!)
drwxrwxr-x. www-data unconfined_u:object_r:httpd_sys_content_t:s0 css
-rwxrwxr-x. nikolay www-data unconfined_u:object_r:httpd_sys_content_t:s0 favicon.ico
-rwxrwxr-x. nikolay www-data unconfined_u:object_r:httpd_sys_content_t:s0 index.php
-rwxrwxr-x. nikolay www-data unconfined_u:object_r:httpd_sys_content_t:s0 index-test.php
-rwxrwxr-x. nikolay www-data unconfined_u:object_r:httpd_sys_content_t:s0 robots.txt
The php-fpm user is a member of the www-data group
Similar questions
S
O
Oleg Voitenko2015-11-10 14:36:54
Why are not all images displayed on sites when CSF is enabled?
1Reply
F
C
A
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question