Php

httpd (WordPress) 被 avc 拒絕寫入 (SELinux)

  • June 13, 2014

我收到以下消息/var/log/audit/audit.log

type=AVC msg=audit(1402615093.053:68): avc:  denied  { write } for  pid=799 comm="httpd" name="php" dev="xvda1" ino=8667365 scontext=system_u:system_r:httpd_t:s0 tcontext=unconfined_u:object_r:httpd_sys_content_t:s0 tclass=dir
type=SYSCALL msg=audit(1402615093.053:68): arch=c000003e syscall=2 success=no exit=-13 a0=7f7a5ca697a8 a1=241 a2=1b6 a3=1 items=0 ppid=662 pid=799 auid=4294967295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) ses=4294967295 comm="httpd" exe="/usr/sbin/httpd" subj=system_u:system_r:httpd_t:s0 key=(null)

管道audit2allow輸出:

#============= httpd_t ==============

#!!!! This avc can be allowed using the boolean 'httpd_unified'
allow httpd_t httpd_sys_content_t:dir write;

每@Michael我試過了,但仍然有問題 wordpress 寫到.htaccess, wp-config.php,wp-content.

# ls -Z .htaccess wp-config.php 
-rw-rw-rw-. apache apache unconfined_u:object_r:httpd_sys_content_t:s0 .htaccess
-rw-rw-rw-. apache apache unconfined_u:object_r:httpd_sys_content_t:s0 wp-config.php
# chcon -t httpd_sys_rw_content_t .htaccess wp-config.php 
# ls -Z .htaccess wp-config.php 
-rw-rw-rw-. apache apache unconfined_u:object_r:httpd_sys_rw_content_t:s0 .htaccess
-rw-rw-rw-. apache apache unconfined_u:object_r:httpd_sys_rw_content_t:s0 wp-config.php
# 

有任何想法嗎?

你有兩個選擇:

  1. 您可以設置要寫入的httpd_sys_rw_content_t文件的類型。httpd
  2. 您可以設置httpd_unified建議的布爾值。但這可能有其他副作用。

引用自:https://serverfault.com/questions/604793