Question
I have a website using propel. I want to put the various config files out of the web root, but propel needs them (such as schema.xml, build.properties, etc) in the same directory. So, I decided to add symbolic links from the web root to those directories:
https://stackoverflow.com/questions/23362186
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russiansomesite.com/
|
|- public/
| |- index.php
| |- build -> ../private/build
| |- vendor -> ../private/vendor
|
|- private/
| |- build.properties
| |- schema.xml
| |- build/
| |- vendor/
My include path is set thus:
set_include_path('vendor/propel/propel1/runtime/lib' . PATH_SEPARATOR . 'build/classes' . PATH_SEPARATOR . get_include_path());
However, when I try to require_once 'Propel.php'; I get the following error:
Warning: require_once(Propel.php): failed to open stream: No such file or directory in /home/staging/apache/somewebsite.co.uk/public/functions.php on line 5
Checking it with chdir('vendor/propel/propel1/runtime/lib'); I get the following error:
Warning: chdir(): Permission denied (errno 13) in /home/staging/apache/somewebsite.co.uk/public/functions.php on line 5
So, it appears PHP/Apache won't follow the symlinks. I have tried the following:
o+x so apache can read itOptions FollowSymLinks to the directory directive in the apache config (though in the docs it says this is the default setting anyway)chcon -R -h -t httpd_sys_content_t public/vendor/ to change the SELinux type but for some reason it doesn't changeUpdate
I logged in as apache user (su -s /bin/bash apache) and ran cat vendor/propel/propel1/runtime/lib/Propel.php from inside the public directory and it worked just fine. However, I temporarily disabled SELinux and the error went away. So of course it must be SELinux.
As I mentioned earlier, I tried:
chcon -R -h -t httpd_sys_content_t public/vendor/
but after doing it, running ls -alZ gives me the following for vendor:
lrwxrwxrwx. staging developers unconfined_u:object_r:user_home_t:s0 vendor -> /home/staging/apache/somewebsite.co.uk/private/vendor/
Any ideas?
Solution
The problem ended up being the way I was trying to set the SELinux type.
I was running:
chcon -R -h -t httpd_sys_content_t public/vendor/
However, I had to run:
chcon -R -h -t httpd_sys_content_t public/vendor
without the trailing slash. Once I did this, everything immediately sprung to life.
Note: As I didn't have an Options directive in my apache Directory config, I didn't have to specify it and it still worked.
