Search code examples
phplinuxcakephppermissionsrhel

CakePHP permissions error

This may seem like a duplicate but I have read the similar questions and tried what they suggested and it didn't work.

When I navigate to my CakePHP site I get the following errors

Warning (2): mkdir(): Permission denied [CORE/src/Cache/Engine/FileEngine.php, line 417]

Warning: file_put_contents(/var/www/html/my-application/logs/error.log) [function.file-put-contents]: failed to open stream: Permission denied in /var/www/html/my-application/vendor/cakephp/cakephp/src/Log/Engine/FileLog.php on line 134

Warning (512): /var/www/html/my-application/tmp/cache/persistent/ is not writable [CORE/src/Cache/Engine/FileEngine.php, line 425]

Warning (2): file_put_contents(/var/www/html/my-application/logs/error.log) [function.file-put-contents]: failed to open stream: Permission denied [CORE/src/Log/Engine/FileLog.php, line 134]

Warning: file_put_contents(/var/www/html/my-application/logs/error.log) [function.file-put-contents]: failed to open stream: Permission denied in /var/www/html/my-application/vendor/cakephp/cakephp/src/Log/Engine/FileLog.php on line 134

The thing is I am sure that PHP has access to all the necessary files.

PHP runs as user apache, in group apache. Evidence:

[ec2-user@cv-stg01 my-application]$ ps -efl | grep apache
5 S apache   21863 21861  0  80   0 - 124037 SYSC_s 03:06 ?       00:00:00 /usr/sbin/httpd -DFOREGROUND
5 S apache   21864 21861  0  80   0 - 123971 SYSC_s 03:06 ?       00:00:00 /usr/sbin/httpd -DFOREGROUND
5 S apache   21865 21861  0  80   0 - 123485 SYSC_s 03:06 ?       00:00:00 /usr/sbin/httpd -DFOREGROUND
5 S apache   21867 21861  0  80   0 - 124037 SYSC_s 03:06 ?       00:00:00 /usr/sbin/httpd -DFOREGROUND
5 S apache   21868 21861  0  80   0 - 123485 SYSC_s 03:06 ?       00:00:00 /usr/sbin/httpd -DFOREGROUND
5 S apache   21869 21861  0  80   0 - 123485 SYSC_s 03:06 ?       00:00:00 /usr/sbin/httpd -DFOREGROUND
5 S apache   21870 21861  0  80   0 - 124037 SYSC_s 03:06 ?       00:00:00 /usr/sbin/httpd -DFOREGROUND
5 S apache   21881 21861  0  80   0 - 123485 SYSC_s 03:09 ?       00:00:00 /usr/sbin/httpd -DFOREGROUND
5 S apache   21882 21861  0  80   0 - 123485 SYSC_s 03:09 ?       00:00:00 /usr/sbin/httpd -DFOREGROUND
5 S apache   21883 21861  0  80   0 - 125444 ep_pol 03:09 ?       00:00:00 /usr/sbin/httpd -DFOREGROUND
0 S ec2-user 21934 21785  0  80   0 - 28161 pipe_w 03:20 pts/0    00:00:00 grep --color=auto apache

Relevant directories are owned by apache:apache and have permissions set to 777 anyway:

[ec2-user@cv-stg01 my-application]$ ls -l
total 132
drwxrwxr-x.  2 apache apache    47 May 12 21:16 bin
-rw-rw-r--.  1 apache apache  1128 May 12 21:16 composer.json
-rw-rw-r--.  1 apache apache 93002 May 12 21:16 composer.lock
drwxrwxr-x.  3 apache apache  4096 May 12 21:19 config
-rw-rw-r--.  1 apache apache   648 May 12 21:16 index.php
drwxrwxrwx.  2 apache apache    34 May 13 03:10 logs
-rw-rw-r--.  1 apache apache  1139 May 12 21:16 phpunit.xml.dist
drwxrwxr-x.  2 apache apache    18 May 12 21:16 plugins
-rw-rw-r--.  1 apache apache   980 May 12 21:16 README.md
drwxrwxr-x.  9 apache apache  4096 May 12 21:16 src
drwxrwxrwx.  4 apache apache    55 May 12 21:16 tests
drwxrwxrwx.  2 apache apache     6 May 13 03:17 tmp
drwxrwxr-x. 28 apache apache  4096 May 12 21:16 vendor
drwxrwxr-x.  9 apache apache  4096 May 12 21:16 webroot

Sub-directories in tmp/ have correct permissions too:

[ec2-user@cv-stg01 tmp]$ ls -l
total 0
drwxrwxrwx. 5 apache apache 48 May 12 21:16 cache
drwxrwxrwx. 2 apache apache 18 May 12 21:16 sessions
drwxrwxrwx. 2 apache apache 18 May 12 21:16 tests

I have also tried re-applying the permissions, just in case, using

sudo chown -R apache:apache /var/www/html/my-application
sudo chmod -R 777 /var/www/html/my-application/tmp
sudo chmod -R 777 /var/www/html/my-application/logs
sudo chmod -R 777 /var/www/html/my-application/tests

And I have even logged in as apache and edited the files myself, with no issues

sudo su -s /bin/bash apache
vi /var/www/html/my-applciation/logs/error.log

I'm really struggling to work out what the issue could be now.

We have SELinux installed/enabled, so maybe that's causing issues?

Help would be greatly appreciated.

Thanks,

YM

Solution

  • The issue was SELinux. It was resolved using the following commands:

    chcon -R system_u:object_r:var_lib_t:s0 tmp
chcon -R  system_u:object_r:var_lib_t:s0 logs
chcon system_u:object_r:httpd_var_lib_t:s0 logs/*
chcon system_u:object_r:httpd_var_lib_t:s0 tmp/debug_kit.sqlite
chcon  system_u:object_r:var_lib_t:s0 tests

chmod -R o-w tmp logs tests