[CentOS] find out who accessed a file
Jonathan Billings
billings at negate.org
Sun Jan 25 02:23:06 UTC 2015
On Sat, Jan 24, 2015 at 12:32:01PM -0600, Valeri Galtsev wrote:
> One other thing I would try: disable selinux, and see if that lets
> apache read file, e.g.:
>
> setenforce 0
Setting SELinux to permissive temporarily is a good start, although
it's also helpful to check the audit logs, with:
ausearch -m avc -ts today
...to see if SELinux prevented access today. It's quite likely
SELinux preventing access, particularly if you're using PHP to read a
file that's not in one of the standard WWW paths that the web server
is allowed to access. SELinux prevents the web server from reading,
writing or executing files outside of a fairly select few locations.
--
Jonathan Billings <billings at negate.org>
More information about the CentOS
mailing list