Description of problem: Lack of SELinux fcontexts for php55-php-fpm package Version-Release number of selected component (if applicable): $ yum info php55-php-fpm Name : php55-php-fpm Arch : x86_64 Version : 5.5.6 Release : 13.el6 Size : 3.7 M Repo : installed From repo : rhel-server-rhscl-6-rpms How reproducible: The uploaded files has incorrect fcontext while uploading with WordPress Media Library Steps to Reproduce: 1. Upload some file as described above 2. # ls -lZ /var/www/example.com/public_html/wp-content/uploads/2015/08/bgTop2.jpg -rw-r--r--. www-owner www-owner unconfined_u:object_r:initrc_tmp_t:s0 /var/www/example.com/public_html/wp-content/uploads/2015/08/bgTop2.jpg As a result, the Apache can not read these files... Additional info: The fcontext templates are defined: # semanage fcontext -l | egrep \/var\/www.*\/public_html\/wp-content /var/www/[^/]*/public_html/wp-content/(uploads|upgrade)(/.*)? all files system_u:object_r:httpd_sys_rw_content_t:s0 The command # restorecon -R /var/www/ fixes fcontext, but for already uploaded only... To fix this problem: # semanage fcontext -a -t httpd_exec_t "/opt/[^/]*/[^/]*/root/usr/sbin/php-fpm" # semanage fcontext -a -t httpd_log_t "/opt/[^/]*/[^/]*/root/var/log/php-fpm(/.*)?" # semanage fcontext -a -t httpd_var_run_t "/opt/[^/]*/[^/]*/root/var/run/php-fpm(/.*)?" # semanage fcontext -a -t httpd_var_run_t "/opt/[^/]*/[^/]*/root/var/lib/php/session(/.*)?" # restorecon /opt/rh/php55/root/
The last line/command in the description is wrong. It should be like this: # restorecon -R /opt/rh/php55/root/ (to recursively change contexts)
Red Hat does not currently plan to provide any further changes to this collection in a Red Hat Software Collections update release. This software collection is nearing the retirement date (October 2016) after which customers are encouraged either to upgrade to a later release or continue on as self-supported without official Red Hat Support. Please contact Red Hat Support if you have further questions, or refer to the support lifecycle page for more information. https://access.redhat.com/support/policy/updates/rhscl/
In accordance with the Red Hat Software Collections Product Life Cycle, the support period for this collection has ended. New bug fix, enhancement, and security errata updates, as well as technical support services will no longer be made available for this collection. Customers are encouraged to upgrade to a later release. Please contact Red Hat Support if you have further questions, or refer to the support lifecycle page for more information. https://access.redhat.com/support/policy/updates/rhscl/