Bug 139898 - php session management does not work
Summary: php session management does not work
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Fedora
Classification: Fedora
Component: selinux-policy-targeted (Show other bugs)
(Show other bugs)
Version: 3
Hardware: i386 Linux
medium
medium
Target Milestone: ---
Assignee: Daniel Walsh
QA Contact:
URL:
Whiteboard:
Keywords:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2004-11-18 18:02 UTC by Johannes Schmid
Modified: 2007-11-30 22:10 UTC (History)
0 users

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2004-11-19 14:13:27 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

Description Johannes Schmid 2004-11-18 18:02:54 UTC
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.3)
Gecko/20040910

Description of problem:
When using PHP and using the session_start to start a new session, the
current selinux targeted policy denies writing the session data file.

I tested both the policy that comes with FC3 and the latest version I
downloaded from ftp://people.redhat.com/dwalsh/SELinux/FC3

The audit message I get is:
avc:  denied  { write } for  pid=2245 exe=/usr/sbin/httpd
name=sess_06fefce137c6212d30abd148f3f43736 dev=hda3 ino=52451
scontext=user_u:system_r:httpd_t tcontext=root:object_r:var_lib_t
tclass=file


The PHP script used for testing is:
<?php
session_start();
?>


Version-Release number of selected component (if applicable):
selinux-policy-targeted-1.17.30-2.31

How reproducible:
Always

Steps to Reproduce:
1. execute above php script
    

Actual Results:  creation of session fails; PHP error message is:
session_start():
open(/var/lib/php/session/sess_06fefce137c6212d30abd148f3f43736,
O_RDWR) failed: Permission denied (13)

Expected Results:  a successful creation of a session file

Comment 1 Daniel Walsh 2004-11-18 18:41:46 UTC
restorecon -R -v /var/lib/php/session should fix this.

Dan

Comment 2 Johannes Schmid 2004-11-19 10:15:43 UTC
thanks, this did help. Works perfectly now.


Note You need to log in before you can comment on or make changes to this bug.