fopen permission denied apache server

Question

code(located in /var/www/html/fileio_test/io_test.php):

<?php

$logging = <<< LOG
This is a test
LOG;

$testfile = fopen('/home/djameson/test.txt','a');  // append  mode
fwrite ($testfile, $logging);
fclose($testfile);

?>

test.txt(in /home/djameson/test.txt):

-rwxrw-r--.  1 apache   apache       0 Feb 28 20:21 test.txt

Errors:

Warning: fopen(/home/djameson/test.txt): failed to open stream: Permission denied in /var/www/html/fileio_test/io_test.php on line 7

Warning: fwrite() expects parameter 1 to be resource, boolean given in /var/www/html/fileio_test/io_test.php on line 8

Warning: fclose() expects parameter 1 to be resource, boolean given in /var/www/html/fileio_test/io_test.php on line 9

Been at this for a number of days changing around file permissions, adding test.txt to different groups but I have not been able to write to a file. Any ideas?

The results of sestatus:

SELinux status:                 enabled
SELinuxfs mount:                /sys/fs/selinux
SELinux root directory:         /etc/selinux
Loaded policy name:             targeted
Current mode:                   permissive
Mode from config file:          enforcing
Policy MLS status:              enabled
Policy deny_unknown status:     allowed
Max kernel policy version:      28

Additional Information:

The server runs on fedora 20; apache server located /var/www

One often runs into this error, and to quickly troubleshoot it, follow these steps : https://stackoverflow.com/a/36577021/2873507 — Vic Seedoubleyew, Apr 15 '16 at 14:39

score 0 · Answer 1 · answered Feb 28 '14 at 07:54

Probably selinux is enforcing its rules. From Selinux's wiki on fedoraproject

httpd by default is not allowed to access users home directories.
If you want to allow access to users home directories you need to set the httpd_enable_homedirs boolean and change the context of the files that you want people to access off the home dir.

You should therefore try disabling temporarily selinux -> setenforce 0 (WARN: This will disable entirely selinux on your system for the current session DO NOT RUN this on a production server). If after this it works probably is the sebool httpd_enable_homedirs that is being enforced. Should you wish to disable just that flag instead of entirely disabling selinux you can run:

setsebool httpd_enable_homedirs 1 //This will enable for the current session only

if you want to set it permanently:

setsebool -P httpd_enable_homedirs 1 //Permanent

After setting this you should run a chcon or restorecon on the user home dir:

chcon -R -t httpd_sys_content_t /home/djameson

Ran the commands setenforce 0, no effect. I then ran setsebool httpd_enable_homedirs 1 and chcon -R -t httpd_sys_content_t /home/djameson. None of these commands had any effect unfortunately. I restarted with sudo service httpd restart just to be sure. — user3247608, Feb 28 '14 at 08:14
There is now a troubleshooting checklist for this frequent error here : https://stackoverflow.com/a/36577021/2873507 — Vic Seedoubleyew, Apr 15 '16 at 14:40

score 0 · Answer 2 · answered Feb 28 '14 at 09:35

0

Antonio's post is what I had in mind. One thing you might check though is that apache can actually access /home/djameson (chmod +x is your friend).

answered Feb 28 '14 at 09:35

Aif

11,015
1
30
44

fopen permission denied apache server

2 Answers2