PJStalls Posted May 14, 2020 Posted May 14, 2020 Hi all, Working on a vBulletin conversion and was wondering if anyone had any experience with some potential file permission issues. Essentially, the forum is able to write files and folders as intended (everything from when i upload a new avatar/cover, writing templates to filesystem, a new skin I'm working on is able to create the folders and files for css_built_X, etc etc), but some functions typically related to read access aren't able to run. For instance: * Since this is on a test server I've disabled email functionality via SELinux to prevent accidentally sending out mails. Have done some actions (i.e reporting a post) and now the mail error log reports multiple lines with i.e filesize(): stat failed for /home/sitename/jail/public_html/forum/datastore/acpNotifications.xxxxxxxxx.php. Obviously I did expect errors since emails are disabled, but this indicates the forum doesn't have read access for the file in question (actually there are multiple from the same folder. failedMailCount.php, email_plaintext, etc). Uploading a file with the code below in the forum folder (having the same group/owner/permissions as the rest of the forum files and also double checked it's the same path as in the error) and opening it in the browser reports the correct file size without any issues. <?php echo filesize('/home/sitename/jail/public_html/forum/datastore/acpNotifications.xxxxxxxxx.php'); ?> * Trying to enable cronjobs gives the following error: In order to enable this setting you must make the /home/sitename/jail/public_html/forum/applications/core/interface/task/task.php file executable (i.e. chmod 0777). Looking in the code it seems to fail returning the status of is_executable() on the file. Once again uploading a file to the forum trying the same function on the same file, everything works as expected. Other notes: * nginx 1.17.10, php 7.4.6 (php-fpm) * Have double checked all files and folder has the correct owner and group * Everything in Support -> System Check reports as working * Misc log files on server does not report anything regarding the errors (audit.log, messages, nginx, etc) Leaving some notes below regarding SELinux and php-fpm. If anyone has any ideas on what to try, feel free to let me know! In advance, thanks ___ SELinux was set up as follows Quote sudo chcon -Rt httpd_sys_rw_content_t /home/sitename/jail/public_html/forum/applications sudo chcon -Rt httpd_sys_rw_content_t /home/sitename/jail/public_html/forum/datastore sudo chcon -Rt httpd_sys_rw_content_t /home/sitename/jail/public_html/forum/plugins sudo chcon -Rt httpd_sys_rw_content_t /home/sitename/jail/public_html/forum/uploads sudo chcon -t httpd_sys_rw_content_t /home/sitename/jail/public_html/forum/conf_global.php php-fpm has Quote [sitename] user = sitename group = sitename listen = /var/run/php7-fpm-sitename.sock listen.owner = nginx listen.group = nginx listen.mode = 0750 php_admin_value[disable_functions] = escapeshellarg,escapeshellcmd,exec,ini_alter,parse_ini_file,passthru,pcntl_exec,popen,proc_close,proc_get_status,proc_nice,proc_open,proc_terminate,show_source,shell_exec,symlink,system php_admin_flag[allow_url_fopen] = off pm = dynamic pm.max_children = 750 pm.start_servers = 3 pm.min_spare_servers = 2 pm.max_spare_servers = 4 pm.status_path = /sitename-status chdir = / catch_workers_output = no
Recommended Posts