I've installed a LAMP stack over CentOS 7.
If I try to resolve a name via php from command line it works, but if I execute that script thru web server it doesn't resolve the name. If I use ip directly it works, in each case.
For example:
$ip = gethostbyname('www.google.com');
echo "GOOGLE IP = " . $ip; // it shows IP only via php-cli, not thru apache
Any idea?
EDIT: disabling SE enforcing it works. It would be useful to know how configure it to work with SE enforcement enabled.
Set SELinux to permissive
setenforce 0
Make sure selinux-policy, selinux-policy-devel, setroubleshoot-server, setroubleshoot are installed
yum install selinux-policy, selinux-policy-devel, setroubleshoot-server, setroubleshoot -y
then tail the messages file and grep for sealert
tailf /var/log/messages | grep sealert
Your SELinux problem will get spit out in the form of
hostname setroubleshoot: SELinux is preventing httpd (httpd_t) "getattr" to /var/www/html/file1 (samba_share_t). For complete SELinux messages. run sealert -l 84e0b04d-d0ad-4347-8317-22e74f6cd020
so you then just run sealert -l 84e0b04d-d0ad-4347-8317-22e74f6cd020 to view your SELinux issue
Once you think you have fixed the issue, re enable SELinux setenforce 1 and check to see if your problem is fixed. If not then repeat the steps.
More info on sealert can be found at Red Hat's website, just don't disable SELinux.