> > Could be caused by the user rw permissions: > > http://unix.stackexchange.com/questions/50639/httpd-cant-write-to-folder-file-because-of-selinux Ok cool. Thanks dude, I'll check it out! On Mon, Dec 29, 2014 at 2:30 PM, Aziz Saleh <azizsaleh@xxxxxxxxx> wrote: > > > On Mon, Dec 29, 2014 at 2:26 PM, Tim Dunphy <bluethundr@xxxxxxxxx> wrote: > >> > >> > Hi Jasper, >> > >> >> >> > This is a bit off topic, but a point to think about. A small point to >> > consider. Generally it is a bad idea to let the webserver write files in >> > the documentroot. (There are exceptions, like updating webapps or such, >> and >> > even then it is questionable whether that is a good idea). Admittedly I >> am >> > no SELinux expert, but it just might be the default policy prohibits >> > writing temp, or data, files in the documentroot. >> > Apart from that, by turning SELinux to no enforcing on a webserver is, >> > given the fact that webserver are usually directly connected to the >> > internet, and not taking other measures, is inviting trouble. >> > I do hope your site won't fall prey to malicious attacks. >> >> >> Ok yes you do make a valid point. True, this is a hobby server on the >> amazon free tier that I am using to learn PHP (and some other languages >> potentially down the road) I still want to keep security in mind. So I >> will >> look into getting this to work with SELinux turned back on. Again, no >> great >> loss if the whole server goes belly up. But it's still nice to have >> around. >> >> Thanks >> Tim >> >> On Mon, Dec 29, 2014 at 2:10 PM, Jasper Kips <jasper@xxxxxxxxxxxxx> >> wrote: >> >> > >> > >> > > Op 28 dec. 2014 om 20:34 heeft Tim Dunphy <bluethundr@xxxxxxxxx> het >> > volgende geschreven: >> > > >> > > Hey guys, >> > > >> > > I found the issue. The problem was that I'm on CentOS and I was using >> > > SELinux!! Well I'm not much of an SELinux user. So I just turned it >> off >> > > like this: >> > > >> > > [root@web1:/var/www/php-webdev] #setenforce 0 >> > > [root@web1:/var/www/php-webdev] # >> > > >> > > [root@web1:/var/www/php-webdev] #getenforce >> > > Permissive >> > > [root@web1:/var/www/php-webdev] # >> > > >> > > And now the script works as designed: >> > > >> > > Bob’s Auto PartsOrder Results >> > > >> > > Order processed at 14:31, 28th December 2014 >> > > >> > > Your order is as follows: >> > > Items ordered: 8 >> > > 1 tires >> > > 2 bottles of oil >> > > 5 spark plugs >> > > >> > > Total of order is $140.00 >> > > >> > > Address to ship to is 39 Carmen Court >> > > >> > > Order written. >> > > >> > > Thanks for your suggestion! But I'm glad that did it! >> > > >> > > Tim >> > > >> > >> On Sun, Dec 28, 2014 at 1:34 PM, Tim Dunphy <bluethundr@xxxxxxxxx> >> > wrote: >> > >> >> > >> Hi James, >> > >> >> > >> Ok, so I tried taking your advice. And set the mode and group >> > accordingly: >> > >> >> > >> [root@web1:~] #ls -lh /var/www/php-webdev/orders/orders.txt >> > >> -rw-r--r--. 1 apache users 0 Dec 27 21:47 >> > >> /var/www/php-webdev/orders/orders.txt >> > >> >> > >> However the result didn't change. I get the same failure when trying >> to >> > >> write to the file: >> > >> >> > >> *Warning*: fopen(/var/www/php-webdev/orders/orders.txt): failed to >> open >> > >> stream: Permission denied in >> > */var/www/php-webdev/ch01/processorder.php* on >> > >> line *50* >> > >> >> > >> Thanks >> > >> Tim >> > >> >> > >>> On Sun, Dec 28, 2014 at 1:27 PM, James Moe <jimoe@xxxxxxxxxxxxxx> >> > wrote: >> > >>> >> > >>>> On 12/28/2014 11:03 AM, Tim Dunphy wrote: >> > >>>> -rwxr-xr-x. 1 apache apache 0 Dec 27 21:47 >> > >>>> /var/www/php-webdev/orders/orders.txt >> > >>> Is there a reason why it is marked as an executable? Such files are >> > >>> normally 0644 or 0664. >> > >>> >> > >>> Another option is to set the group to "users" and add apache to that >> > >>> group. >> > >>> >> > >>> -- >> > >>> James Moe >> > >>> jmm-list at sohnen-moe dot com >> > >>> >> > >>> -- >> > >>> PHP General Mailing List (http://www.php.net/) >> > >>> To unsubscribe, visit: http://www.php.net/unsub.php >> > >> >> > >> >> > >> -- >> > >> GPG me!! >> > >> >> > >> gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B >> > > >> > > >> > > -- >> > > GPG me!! >> > > >> > > gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B >> > >> > Hi Tim, >> > This is a bit off topic, but a point to think about. A small point to >> > consider. Generally it is a bad idea to let the webserver write files in >> > the documentroot. (There are exceptions, like updating webapps or such, >> and >> > even then it is questionable whether that is a good idea). Admittedly I >> am >> > no SELinux expert, but it just might be the default policy prohibits >> > writing temp, or data, files in the documentroot. >> > Apart from that, by turning SELinux to no enforcing on a webserver is, >> > given the fact that webserver are usually directly connected to the >> > internet, and not taking other measures, is inviting trouble. >> > I do hope your site won't fall prey to malicious attacks. >> > >> > Jasper >> > -- >> > PHP General Mailing List (http://www.php.net/) >> > To unsubscribe, visit: http://www.php.net/unsub.php >> > >> > >> >> >> -- >> GPG me!! >> >> gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B >> > > Could be caused by the user rw permissions: > > http://unix.stackexchange.com/questions/50639/httpd-cant-write-to-folder-file-because-of-selinux > > -- GPG me!! gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B
