Description of problem: # ausearch -m avc -i -ts recent | audit2why - type=AVC msg=audit(11/18/2017 11:55:47.215:208) : avc: denied { map } for pid=1646 comm=php-fpm path=/tmp/apc.xeudaj (deleted) dev="tmpfs" ino=29843 scontext=system_u:system_r:httpd_t:s0 tcontext=system_u:object_r:httpd_tmp_t:s0 tclass=file permissive=0 Was caused by: The boolean httpd_tmp_exec was set incorrectly. Description: Allow Apache to execute tmp content. Allow access by executing: # setsebool -P httpd_tmp_exec 1 systemctl start php-fpm logs the following error: NOTICE: PHP message: PHP Fatal error: PHP Startup: apc_mmap: mmap failed: in Unknown on line 0 I'm not very excited about having to enable httpd_tmp_exec for all apache processes just to run php with apcu. Perhaps php-pecl-apcu needs a different /tmp directory with a label that it can map files in? Version-Release number of selected component (if applicable): selinux-policy-3.13.1-283.14.fc27.noarch php-fpm-7.1.11-1.fc27.x86_64 php-pecl-apcu-5.1.8-4.fc27.x86_64
selinux-policy-3.13.1-283.16.fc27 has been submitted as an update to Fedora 27. https://bodhi.fedoraproject.org/updates/FEDORA-2017-5178e6a393
selinux-policy-3.13.1-283.16.fc27 has been pushed to the Fedora 27 stable repository. If problems still persist, please make note of it in this bug report.