Jump to content

Potential file permissions issue


Recommended Posts

Hi all, 

Working on a vBulletin conversion and was wondering if anyone had any experience with some potential file permission issues.

Essentially, the forum is able to write files and folders as intended (everything from when i upload a new avatar/cover, writing templates to filesystem, a new skin I'm working on is able to create the folders and files for css_built_X, etc etc), but some functions typically related to read access aren't able to run.

For instance:
* Since this is on a test server I've disabled email functionality via SELinux to prevent accidentally sending out mails. Have done some actions (i.e reporting a post) and now the mail error log reports multiple lines with i.e filesize(): stat failed for /home/sitename/jail/public_html/forum/datastore/acpNotifications.xxxxxxxxx.php. Obviously I did expect errors since emails are disabled, but this indicates the forum doesn't have read access for the file in question (actually there are multiple from the same folder. failedMailCount.php, email_plaintext, etc).

Uploading a file with the code below in the forum folder (having the same group/owner/permissions as the rest of the forum files and also double checked it's the same path as in the error) and opening it in the browser reports the correct file size without any issues.

<?php
echo filesize('/home/sitename/jail/public_html/forum/datastore/acpNotifications.xxxxxxxxx.php');
?>


* Trying to enable cronjobs gives the following error:
 In order to enable this setting you must make the /home/sitename/jail/public_html/forum/applications/core/interface/task/task.php file executable (i.e. chmod 0777).

Looking in the code it seems to fail returning the status of is_executable() on the file. Once again uploading a file to the forum trying the same function on the same file, everything works as expected.

 

Other notes:
* nginx 1.17.10, php 7.4.6 (php-fpm)
* Have double checked all files and folder has the correct owner and group
* Everything in Support -> System Check reports as working
* Misc log files on server does not report anything regarding the errors (audit.log, messages, nginx, etc)

 

Leaving some notes below regarding SELinux and php-fpm. If anyone has any ideas on what to try, feel free to let me know!
In advance, thanks :smile:

 

___
SELinux was set up as follows

Quote

sudo chcon -Rt httpd_sys_rw_content_t /home/sitename/jail/public_html/forum/applications
sudo chcon -Rt httpd_sys_rw_content_t /home/sitename/jail/public_html/forum/datastore
sudo chcon -Rt httpd_sys_rw_content_t /home/sitename/jail/public_html/forum/plugins
sudo chcon -Rt httpd_sys_rw_content_t /home/sitename/jail/public_html/forum/uploads
sudo chcon -t httpd_sys_rw_content_t /home/sitename/jail/public_html/forum/conf_global.php

php-fpm has

Quote

[sitename]
user = sitename
group = sitename
listen = /var/run/php7-fpm-sitename.sock
listen.owner = nginx
listen.group = nginx
listen.mode = 0750
php_admin_value[disable_functions] = escapeshellarg,escapeshellcmd,exec,ini_alter,parse_ini_file,passthru,pcntl_exec,popen,proc_close,proc_get_status,proc_nice,proc_open,proc_terminate,show_source,shell_exec,symlink,system
php_admin_flag[allow_url_fopen] = off
pm = dynamic
pm.max_children = 750
pm.start_servers = 3
pm.min_spare_servers = 2
pm.max_spare_servers = 4
pm.status_path = /sitename-status
chdir = /
catch_workers_output = no

 

Link to comment
Share on other sites

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...