Directory not writable

klohma 2018-01-20 22:29:15 UTC #1

Okay install version 17.1 and set shows that the files and backup directories are not writable. I have searched the web and implemented what I found there to no avail. open_basedir is set in the egroupware config, also tried php.ini, file and have tried setting to other directories. Have insursed that the directories belong to apache and have proper permissions.

What gives?

Using Centos 7.4 PHP 7.1

Thanks for the help

StefanU 2018-01-21 18:37:12 UTC #2

Hi Ken,

Did you do a package installation?

Greetings
Stefan

klohma 2018-01-21 19:41:04 UTC #3

I did the install via RPM from your repo.

StefanU 2018-01-22 19:24:36 UTC #4

Is that how you installed it?:

In the EGw-setup? Please make hardcopys.
And take a look into the install-log in /root.

Greetings
Stefan

klohma 2018-01-22 20:52:40 UTC #5

Yes I followed the directions for Centos.

xenolevis 2018-01-23 08:15:55 UTC #6

This is likely to be a SELinux-related issue. Try

sudo sestatus

to see if it’s enabled. If yes, try

sudo ls -lZ /var/lib/egroupware/default

or whatever you path might be. The Z options shows the security context. For httpd to be able to write to it, it should be httpd_sys_rw_content_t. If you find it to be httpd_sys_content_t instead, then that’s your problem.

To fix you would do

sudo chcon -R -t httpd_sys_rw_content_t <path_to>/files
sudo chcon -R -t httpd_sys_rw_content_t <path_to>/backup

This fix may or may not survive a reboot, depending on your configuration. You may have to look here for more info.

klohma 2018-01-24 14:38:37 UTC #7

Thanks, I did a clean re-install, did other things to get what I need done. Now to figre out why SELINUX did not ‘disable’ when I disabled it.

StefanU 2018-01-28 12:37:58 UTC #8

Hi Ken.

in addition to @xenolevis from release notes:

Attention should be paid to SE-Linux on RedHat and CentOS:

SE-Linux enforced may lead to problems accessing file paths for the webserver and the database server that needs to be accessable by EGroupware. The EGroupware install process tries to enable the used default file paths for SE-Linux but it does no harm to disable SE-Linux during the installation process. To disable SE-Linux set in file /etc/selinux/config the variable from SELINUX=enforcing to SELINUX=disabled. To activate that change a reboot of your Linux system is necessary.

Information how SE-Linux works and how to configure it after installation of EGroupware can be found at: http://wiki.centos.org/HowTos/SELinux

After install an disable SELINUX: chown -R apache /var/lib/egroupware

I hope this helps. Let us know…

Greetings
Stefan

klohma 2018-01-28 13:48:47 UTC #9

Stefan;

Yes Selinux was the issue, one which I need to dig into a little deeper as I had disabled Selinux at some point and still was not able to write to the directory. I belive that the Selinux permissions where not “removed” when I disabled it.

For now egroupware is working.

Thanks

Ken Lohmann