一些 PHP 文件可以正常工作,而其他文件具有相同的权限却无法工作。

huangapple go评论74阅读模式
英文:

some php file work and not others with the same permissions

问题

我已经安装了Oracle Linux 8/PHP/Apache。一切都正常工作,只有一个问题。只有一些我的PHP脚本文件可以运行,其他的会显示"权限被拒绝"的错误。我已经设置了文件的正确权限

例如,在文档根目录www/html中,我可以运行phpinfo.php,没有问题,但如果我添加一个test.php,与phpinfo.php相同的文件权限,放在相同的位置www/html,并在其中放入(phpinfo(); ),我会收到"权限被拒绝"的错误。如果我更改phpinfo.php的内容并添加一个查询,例如,它可以正常工作。

就像文件名允许某些文件名,但不允许其他文件名一样。再次强调,文件权限都是正确的。实际上,我为了测试将它们设置为777,但结果是一样的。

我最好的猜测是与Nginx和PHP-FPM有关,但我无法找出原因。我对PHP-FPM或Nginx没有任何经验,只有今天学到的知识。我在PHP-FPM和Nginx配置文件中寻找任何可能与此有关的内容。此外,我整天都在搜索相关信息 :/

sudo grep -i denied /var/log/audit/audit.log

结果:

type=AVC msg=audit(1689293825.039:334): avc: denied { read } for pid=5111 comm="php-fpm" name="test.php" dev="dm-0" ino=18674742 scontext=system_u:system_r:httpd_t:s0 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=0

httpd错误日志

[proxy_fcgi:error] [pid 5153:tid 140323287488256] [client 10.x.x.x:53042] AH01071: Got error 'Unable to open primary script: /var/www/html/test.php (Permission denied)'

php-fpm www-error.log

UTC] PHP Warning: Unknown: failed to open stream: Permission denied in Unknown on line 0

有什么想法吗?

谢谢。

英文:

I have installed Oracle Linux 8 /PHP /Apache. All is working okay with one problem. Only some of my php scrip files will run others give permission denied. I have set the correct permissions on the files.

Example: In doc root www/html I can run phpinfo.php no problem but if I add a test.php same file permissions same location www/html and put ( phpinfo(); ) in it, I get permissions denied. If I change the contents of phpinfo.php and add a query for example, it works.

Its like the file name is allowed for certain file names but not allowing other file names. Again, file permissions are all correct. In fact I set them to 777 just for testing but got the same results.

Best I can tell is its something to do with nginx and php-fpm but I can't find out why its doing this. I don't have any experience with php-fpm or nginx only what I learned today. I looked for anything in php-fpm and nginx config files that would be related to this. Also, googled all day :/

sudo grep -i denied /var/log/audit/audit.log

Results

type=AVC msg=audit(1689293825.039:334): avc:  denied  { read } for  pid=5111 comm="php-fpm" name="test.php" dev="dm-0" ino=18674742 scontext=system_u:system_r:httpd_t:s0 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=0

httpd error log

 [proxy_fcgi:error] [pid 5153:tid 140323287488256] [client 10.x.x.x:53042] AH01071: Got error 'Unable to open primary script: /var/www/html/test.php (Permission denied)'

php-fpm www-error.log

UTC] PHP Warning:  Unknown: failed to open stream: Permission denied in Unknown on line 0

Any ideas?

Thank you

答案1

得分: 1

我找到了问题!看起来即使我在/etc/selinux配置中禁用了SELinux([SELINUX=disabled]),它仍然影响了文件。
我从另一个网站学到,权限结果的末尾的点(-rw-r--r--.)表示文件受SELinux控制。
我运行了[ restorecon -r /var/www/html/test.php ],它起作用了!现在我会查看为什么禁用SELinux没有起作用。

感谢大家的帮助。

英文:

I found the issue! It seems that even though I disabled SELinux in /etc/selinux config with [SELINUX=disabled] it was still effecting the files.
I learned from another site the dot on the end of the permissions results (-rw-r--r--.) denotes the file is controlled but selinux.
I ran [ restorecon -r /var/www/html/test.php ] and it worked! Now I'll look at why disabling selinux didn't work.

Thank you all for the help.

huangapple
  • 本文由 发表于 2023年7月14日 08:55:28
  • 转载请务必保留本文链接:https://go.coder-hub.com/76684083.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定