Masalah Permission Denied di CentOS 7 Akibat SELINUX


Postingan ini hanya mencatat solusi untuk mengatasi permasalahan gagal akses aplikasi yang ditanam di server httpd (apache) akibat security permission pada SELinux (jika diaktifkan).

1. Cek permission SELINUX:

ls -LZ

2. Lihat hasilnya:

drwxr-xr-x. apache apache unconfined_u:object_r:httpd_sys_content_t:s0 bootstrap
drwxr-xr-x. apache apache unconfined_u:object_r:httpd_sys_content_t:s0 storage

3. Ubah security dari “httpd_sys_content_t” menjadi “httpd_sys_rw_content_t”

chcon -Rv -t httpd_sys_rw_content_t bootstrap/
changing security context of ‘bootstrap/app.php’
changing security context of ‘bootstrap/autoload.php’
changing security context of ‘bootstrap/cache/.gitignore’
changing security context of ‘bootstrap/cache’
changing security context of ‘bootstrap/’
changing security context of ‘storage/app/.gitignore’
changing security context of ‘storage/app/public/.gitignore’
changing security context of ‘storage/app/public’
changing security context of ‘storage/app’
changing security context of ‘storage/framework/.gitignore’
changing security context of ‘storage/framework/cache/.gitignore’
changing security context of ‘storage/framework/cache’
changing security context of ‘storage/framework/sessions/.gitignore’
changing security context of ‘storage/framework/sessions’
changing security context of ‘storage/framework/views/.gitignore’
changing security context of ‘storage/framework/views’
changing security context of ‘storage/framework’
changing security context of ‘storage/logs/.gitignore’
changing security context of ‘storage/logs’
changing security context of ‘storage/oauth-private.key’
changing security context of ‘storage/oauth-public.key’
changing security context of ‘storage/’

chcon -Rv -t httpd_sys_rw_content_t storage/
changing security context of ‘storage/app/.gitignore’
changing security context of ‘storage/app/public/.gitignore’
changing security context of ‘storage/app/public’
changing security context of ‘storage/app’
changing security context of ‘storage/framework/.gitignore’
changing security context of ‘storage/framework/cache/.gitignore’
changing security context of ‘storage/framework/cache’
changing security context of ‘storage/framework/sessions/.gitignore’
changing security context of ‘storage/framework/sessions’
changing security context of ‘storage/framework/views/.gitignore’

4. Lihat hasilnya lagi:

ls -LZ
drwxr-xr-x. apache apache unconfined_u:object_r:httpd_sys_rw_content_t:s0 bootstrap
drwxr-xr-x. apache apache unconfined_u:object_r:httpd_sys_rw_content_t:s0 storage

Seharusnya sih problem sudah solved dengan langkah-langkat di atas 🙂

Leave a comment

Your email address will not be published. Required fields are marked *