Hubzilla 无法启动:/store/[data]/smarty3 必须可由网络服务器写入
Hubzilla won't start: /store/[data]/smarty3 must be writable by webserver
我在这里按照手动说明设置了 Hubzilla。
https://project.hubzilla.org/help/en/admin/administrator_guide#Manual_Installation
我运行命令
chmod -R 777 store
但是当我在浏览器中查看页面时仍然出现此错误。
ERROR: folder /var/www/html//store/[data]/smarty3 must be writable by webserver.
我尝试了 chown -R apache:apache store
和 chmod o-w -R store
来收紧它,但是没有用,所以我再次 运行 chmod -R 777 store
。这是权限。
[root@fsphub html]# ls -ld store
drwxrwxrwx. 3 apache apache 20 Dec 1 22:08 store
[root@fsphub html]# ls -lR store
store:
total 0
drwxrwxrwx. 3 apache apache 21 Dec 1 22:08 [data]
store/[data]:
total 0
drwxrwxrwx. 2 apache apache 6 Dec 1 22:08 smarty3
store/[data]/smarty3:
total 0
Apache 运行 为 apache
。
[root@fsphub html]# ps -ef | grep http
root 16997 1 0 21:47 ? 00:00:00 /usr/sbin/httpd -DFOREGROUND
apache 16998 16997 0 21:47 ? 00:00:00 /usr/sbin/httpd -DFOREGROUND
有什么问题吗?
PHP 7.2.12
这是因为 SELinux 处于开启状态。 https://wiki.centos.org/HowTos/SELinux
# sestatus
SELinux status: enabled
Current mode: enforcing
# sealert -a /var/log/audit/audit.log
SELinux is preventing /usr/sbin/httpd from write access on the directory smarty3.
***** Plugin httpd_write_content (92.2 confidence) suggests ***************
If you want to allow httpd to have write access on the smarty3 directory
Then you need to change the label on 'smarty3'
Do
# semanage fcontext -a -t httpd_sys_rw_content_t 'smarty3'
# restorecon -v 'smarty3'
Raw Audit Messages
type=AVC msg=audit(1543792561.65:60034): avc: denied { write } for pid=21907 comm="httpd" name="smarty3" dev="vda1" ino=621797 scontext=system_u:system_r:httpd_t:s0 tcontext=unconfined_u:object_r:httpd_sys_content_t:s0 tclass=dir
# ls -lZd store/\[data\]/smarty3/
drwxrwxrwx. apache apache unconfined_u:object_r:httpd_sys_content_t:s0 store/[data]/smarty3/
所以我运行
# semanage fcontext -a -t httpd_sys_rw_content_t store/\[data\]/smarty3/
# restorecon -v store/\[data\]/smarty3/
但这行不通,所以我使用了
setenforce 0
要将模式更改为permissive
。
我在这里按照手动说明设置了 Hubzilla。
https://project.hubzilla.org/help/en/admin/administrator_guide#Manual_Installation
我运行命令
chmod -R 777 store
但是当我在浏览器中查看页面时仍然出现此错误。
ERROR: folder /var/www/html//store/[data]/smarty3 must be writable by webserver.
我尝试了 chown -R apache:apache store
和 chmod o-w -R store
来收紧它,但是没有用,所以我再次 运行 chmod -R 777 store
。这是权限。
[root@fsphub html]# ls -ld store
drwxrwxrwx. 3 apache apache 20 Dec 1 22:08 store
[root@fsphub html]# ls -lR store
store:
total 0
drwxrwxrwx. 3 apache apache 21 Dec 1 22:08 [data]
store/[data]:
total 0
drwxrwxrwx. 2 apache apache 6 Dec 1 22:08 smarty3
store/[data]/smarty3:
total 0
Apache 运行 为 apache
。
[root@fsphub html]# ps -ef | grep http
root 16997 1 0 21:47 ? 00:00:00 /usr/sbin/httpd -DFOREGROUND
apache 16998 16997 0 21:47 ? 00:00:00 /usr/sbin/httpd -DFOREGROUND
有什么问题吗?
PHP 7.2.12
这是因为 SELinux 处于开启状态。 https://wiki.centos.org/HowTos/SELinux
# sestatus
SELinux status: enabled
Current mode: enforcing
# sealert -a /var/log/audit/audit.log
SELinux is preventing /usr/sbin/httpd from write access on the directory smarty3.
***** Plugin httpd_write_content (92.2 confidence) suggests ***************
If you want to allow httpd to have write access on the smarty3 directory Then you need to change the label on 'smarty3' Do
# semanage fcontext -a -t httpd_sys_rw_content_t 'smarty3'
# restorecon -v 'smarty3'
Raw Audit Messages
type=AVC msg=audit(1543792561.65:60034): avc: denied { write } for pid=21907 comm="httpd" name="smarty3" dev="vda1" ino=621797 scontext=system_u:system_r:httpd_t:s0 tcontext=unconfined_u:object_r:httpd_sys_content_t:s0 tclass=dir
# ls -lZd store/\[data\]/smarty3/
drwxrwxrwx. apache apache unconfined_u:object_r:httpd_sys_content_t:s0 store/[data]/smarty3/
所以我运行
# semanage fcontext -a -t httpd_sys_rw_content_t store/\[data\]/smarty3/
# restorecon -v store/\[data\]/smarty3/
但这行不通,所以我使用了
setenforce 0
要将模式更改为permissive
。