Wordpress: How To Allow httpd to write to /usr/share/wordpress/wp-content/uploads

Daniel J Walsh dwalsh at redhat.com
Thu Sep 10 16:03:36 UTC 2009 

On 09/09/2009 10:37 PM, Robert L Cochran wrote:
> I installed Wordpress 2.8.3 on Fedora 11 and attempted to upload a photo
> to the directory /usr/share/wordpress/wp-content/uploads/2009/09/, but
> failed even though my Wordpress "author" role permits file uploads.
> Wordpress uses php for scripting. I suspected that I had set file
> permissions incorrectly. Here are the permissions on /usr:
> 
> drwxrwxr-x.  16 root apache  4096 2009-04-12 19:05 usr
> 
> I ran `setsebool`:
> 
> [root at deafeng3 /]# setsebool -P allow_httpd_anon_write=1
> [root at deafeng3 /]# service httpd restart
> Stopping httpd:                                            [  OK  ]
> Starting httpd:                                            [  OK  ]
> 
> 
> I wrote a php script to see if it can move a single file just to /usr/.
> Here is the error message that appears in /var/log/httpd/error_log:
> 
> [Wed Sep 09 22:25:30 2009] [error] [client 127.0.0.1] PHP Warning: 
> move_uploaded_file(/usr/Cochran.jpg) [<a
> href='function.move-uploaded-file'>function.move-uploaded-file</a>]:
> failed to open stream: Permission denied in
> /var/www/html/testuploads.php on line 35, referer:
> http://localhost/testuploads.php
> [Wed Sep 09 22:25:30 2009] [error] [client 127.0.0.1] PHP Warning: 
> move_uploaded_file() [<a
> href='function.move-uploaded-file'>function.move-uploaded-file</a>]:
> Unable to move '/tmp/phpJFMNbS' to '/usr/Cochran.jpg' in
> /var/www/html/testuploads.php on line 35, referer:
> http://localhost/testuploads.php
> 
> 
> But I still can't write to /usr. If I can't write to that, how can I
> continue down the file hierarchy to write to the true target directory
> of /usr/share/wordpress/wp-content/uploads/*? That is to say, the
> uploads directory and every subdirectory under it should be writable by
> httpd.
> 
> Thanks
> 
> Bob Cochran
> 
> 
> -- 
> fedora-selinux-list mailing list
> fedora-selinux-list at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-selinux-list
> 
> 
Could you send me  the /var/log/audit/audit.log  compressed.

I would like to run it through setroubleshoot in rawhide and see what it suggests.

/usr/share/wordpress/wp-content/uploads should be set to httpd_sys_content_rw_t and everything will work.

More information about the fedora-selinux-list mailing list