Permissions Issue with Laravel on CentOS

linux permissions apache centos laravel

I've cloned a laravel repo to my CentOS 7 box. When I try to run it, I get a 500 error with nothing displayed.

So I check out /var/log/httpd/error_log and I see that I've got some permissions errors:

[Mon May 16 11:39:32.996441 2016] [:error] [pid 2434] [client 104.156.67.195:39136] PHP Fatal error:  Uncaught UnexpectedValueException: The stream or file "/var/www/html/MYSITE/storage/logs/laravel.log" could not be opened: failed to open stream: Permission denied in /var/www/html/MYSITE/bootstrap/cache/compiled.php:13701
Stack trace:
#0 /var/www/html/MYSITE/bootstrap/cache/compiled.php(13635): Monolog\\Handler\\StreamHandler->write(Array)
#1 /var/www/html/MYSITE/bootstrap/cache/compiled.php(13396): Monolog\\Handler\\AbstractProcessingHandler->handle(Array)
#2 /var/www/html/MYSITE/bootstrap/cache/compiled.php(13494): Monolog\\Logger->addRecord(400, Object(Symfony\\Component\\Debug\\Exception\\FatalErrorException), Array)
#3 /var/www/html/MYSITE/bootstrap/cache/compiled.php(13189): Monolog\\Logger->error(Object(Symfony\\Component\\Debug\\Exception\\FatalErrorException), Array)
#4 /var/www/html/MYSITE/bootstrap/cache/compiled.php(13160): Illuminate\\Log\\Writer->writeLog('error', Object(Symfony\\Component\\Debug\\Exception\\FatalErrorException), Array)
# in /var/www/html/MYSITE/bootstrap/cache/compiled.php on line 13701

I have done the following to try to overcome the issues:

chmod -R 775 storage
chmod -R 775 vendor
chown -R apache:apache storage

So it now shows as so:

-rwxrwxr-x. 1 apache apache 2156 May 16 11:41 storage/logs/laravel.log

But that didn't work.

Interestingly enough, I mis-typed some artisan commands earlier and those seemed to add logs to the logfile...

I already read/tried:

  • “laravel.log” could not be opened: failed to open stream
  • Error: laravel.log could not be opened
  • log file permission problem

Solution 1:

Turns out the issue is with selinux

I found this answer, which solved my problem.

Prove this is the problem by turning off selinux with the command

setenforce 0

This should allow writing, but you've turned off added security server-wide. That's bad. Turn SELinux back

setenforce 1

Then finally use SELinux to allow writing of the file by using this command

chcon -R -t httpd_sys_rw_content_t storage

And you're off!

Solution 2:

I need to make more adjustments for SELinux than just for storage. Especially the config dir can get you this issue on Laravel bootstrapping.

If you sudo setenforce permissive and it works, then turn it back sudo setenforce enforcing then follow below.

SELinux laravel setup:

sudo semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/site/laravel/storage(/.*)?"
sudo semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/site/laravel/bootstrap/cache(/.*)?"

You may not need the following one for config, but i did. It may be safest not to run this one unless you need to:

sudo semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/site/laravel/config(/.*)?"

Then Reset after your dir adjustments have been made:

restorecon -Rv /var/www/site/

Related

How to encrypt text with a password in python?
Configuration of Microsoft NLB
Dual DNS Issue - Internal & External
IIS8 Centralized Certificates Not Recognizing Certs ("The specified private key password is not correct.")
Kubernetes pod /etc/resolv.conf has the wrong nameserver
What are the mechanics behind a CIFS "readonly" mount?
TLD servers and ADDITIONAL section [duplicate]
Why does my MySQL server suddenly not start. ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2) [closed]
How do I add a static route in Windows?
Is it possible to use "route ADD ... MASK ..." command to exclude an application or website from VPN connection?
Can I use glue records as authoritative answer if I cannot get the authoritative answer
Postgresql 13 on CentOS8 fail to start at boot time, but can be started manualy