問(wèn)題描述

我正在嘗試在 Red Hat 7 Amazon EC2 實(shí)例 (ami-8cff51fb) 中安裝基于 PHP 的軟件包已經(jīng)使用 yum 在其上安裝了 Apache 2.4.6 和 PHP 5.4.16.安裝失敗，因?yàn)樗f(shuō)特定目錄需要由具有 0755 或 0775 權(quán)限的網(wǎng)絡(luò)服務(wù)器寫入.

I'm trying to install a PHP-based software package in a Red Hat 7 Amazon EC2 instance (ami-8cff51fb) that has had Apache 2.4.6 and PHP 5.4.16 installed on it using yum. The installation fails because it says a particular directory needs to be writable by the webserver with 0755 or 0775 permissions.

有問(wèn)題的目錄具有 0775 權(quán)限，具有 root:apache 所有權(quán).我已經(jīng)驗(yàn)證 httpd 進(jìn)程正在由 apache 用戶運(yùn)行，并且 apache 用戶是 apache 組的成員.

The directory in question has 0775 permissions with root:apache ownership. I have verified that the httpd process is being run by the apache user and that the apache user is a member of the apache group.

如果我編輯 /etc/passwd 暫時(shí)給 apache 用戶一個(gè)登錄 shell，然后 su 到那個(gè)帳戶，我可以手動(dòng)創(chuàng)建文件作為 apache用戶在目錄中使用 touch 命令.

If I edit /etc/passwd to temporarily give the apache user a login shell and then su to that account, I am able to manually create files as the apache user within the directory using the touch command.

我查看了安裝程序腳本的源代碼，發(fā)現(xiàn)它失敗了，因?yàn)?PHP 的 is_writable() 函數(shù)為相關(guān)目錄返回 false.我創(chuàng)建了一個(gè)單獨(dú)的測(cè)試 PHP 腳本來(lái)隔離和驗(yàn)證我看到的行為:

I took a look at the source code of the installer script and identified that it's failing because PHP's is_writable() function is returning false for the directory in question. I created a separate test PHP script to isolate and verify the behaviour I'm seeing:

<?php
  $dir = '/var/www/html/limesurvey/tmp';
  if (is_writable($dir)) {
    echo $dir, ' is writable';
  } else {
    echo $dir, ' is NOT writable';
  }
?>

這會(huì)輸出不可寫消息.如果我將上面的 $dir 更改為 /tmp 那么它會(huì)正確輸出 /tmp 是可寫的.

This outputs the NOT writable message. If I change $dir above to be /tmp then it correctly outputs that /tmp is writable.

如果我將目錄權(quán)限更改為 0777 和/或?qū)⑺袡?quán)更改為 apache:apache 然后 PHP 仍然報(bào)告該目錄不可寫.我什至嘗試創(chuàng)建一個(gè)具有相同權(quán)限和所有權(quán)的 /test 目錄，但我的測(cè)試腳本仍然報(bào)告它不可寫.

If I change the directory permissions to 0777 and/or change the ownership to apache:apache then PHP still reports that the directory isn't writable. I even tried creating a /test directory set up with the same permissions and ownership and my test script still reports it as not writable.

我真的不知道如何解釋這種行為，所以歡迎提出任何想法！

I'm really at a loss as to explain this behaviour, so any ideas would be welcome!

提前致謝.

/var/www/html/limesurvey 的目錄列表如下.根據(jù) Lime Survey 的安裝說(shuō)明，tmp 和 upload 目錄具有 0775 權(quán)限.test.php 是我上面提到的測(cè)試腳本.

The directory listing for /var/www/html/limesurvey is given below. The tmp and upload directories have 0775 permissions as per Lime Survey's installation instructions. test.php is my test script mentioned above.

[ec2-user@ip-xx-x-x-xxx limesurvey]$ pwd
/var/www/html/limesurvey
[ec2-user@ip-xx-x-x-xxx limesurvey]$ ls -al
total 80
drwxr-xr-x. 20 root apache 4096 Mar 30 11:25 .
drwxr-xr-x.  3 root root     23 Mar 25 14:41 ..
drwxr-xr-x.  2 root apache   38 Mar 10 12:56 admin
drwxr-xr-x. 16 root apache 4096 Mar 10 12:56 application
drwxr-xr-x.  3 root apache 4096 Mar 10 12:56 docs
drwxr-xr-x.  2 root apache 4096 Mar 10 12:56 fonts
drwxr-xr-x. 19 root apache 4096 Mar 10 12:56 framework
-rw-r--r--.  1 root apache  429 Mar 10 12:56 .gitattributes
-rw-r--r--.  1 root apache  399 Mar 10 12:56 .gitignore
-rw-r--r--.  1 root apache  296 Mar 10 12:56 .htaccess
drwxr-xr-x.  4 root apache 4096 Mar 10 12:56 images
-rw-r--r--.  1 root apache 6652 Mar 10 12:56 index.php
drwxr-xr-x.  5 root apache   39 Mar 10 12:56 installer
drwxr-xr-x. 89 root apache 4096 Mar 10 12:56 locale
drwxrwxr-x.  2 root apache   39 Mar 25 14:41 logs
drwxr-xr-x.  4 root apache   49 Mar 10 12:56 plugins
-rw-r--r--.  1 root apache   61 Mar 10 12:56 README
drwxr-xr-x.  4 root apache 4096 Mar 10 12:56 scripts
-rw-r--r--.  1 root apache  380 Mar 10 12:56 .scrutinizer.yml
drwxr-xr-x.  5 root apache 4096 Mar 10 12:56 styles
drwxr-xr-x.  5 root apache 4096 Mar 10 12:56 styles-public
drwxr-xr-x. 12 root apache 4096 Mar 10 12:56 templates
-rw-r--r--.  1 root apache  159 Mar 30 11:11 test.php
drwxr-xr-x.  3 root apache   20 Mar 10 12:56 themes
drwxr-xr-x. 26 root apache 4096 Mar 10 12:56 third_party
drwxrwxr-x.  5 root apache   80 Mar 26 13:45 tmp
drwxrwxr-x.  6 root apache   79 Mar 10 12:57 upload

運(yùn)行 namei -l/var/www/html/limesurvey/tmp 給出:

[ec2-user@ip-x-x-x-xxx ~]$ namei -l /var/www/html/limesurvey/tmp
f: /var/www/html/limesurvey/tmp
drwxr-xr-x root root   /
drwxr-xr-x root root   var
drwxr-xr-x root root   www
drwxr-xr-x root root   html
drwxr-xr-x root apache limesurvey
drwxrwxr-x root apache tmp

推薦答案

經(jīng)過(guò)反復(fù)思考，發(fā)現(xiàn) SELinux 正在阻止寫入目錄.我發(fā)現(xiàn)了一個(gè) good說(shuō)明發(fā)生了什么的教程.我可以通過(guò)運(yùn)行以下命令修復(fù)它:

After much head-scratching, it transpired that SELinux was preventing the directory from being written to. I found a good tutorial that explains what's going on. I was able to fix it by running this command:

sudo chcon -R -t httpd_sys_rw_content_t tmp

這篇關(guān)于PHP is_writable() 函數(shù)對(duì)于可寫目錄總是返回 false的文章就介紹到這了，希望我們推薦的答案對(duì)大家有所幫助，也希望大家多多支持html5模板網(wǎng)！