31

I've cloned a laravel repo to my CentOS 7 box. When I try to run it, I get a 500 error with nothing displayed.

So I check out /var/log/httpd/error_log and I see that I've got some permissions errors:

[Mon May 16 11:39:32.996441 2016] [:error] [pid 2434] [client 104.156.67.195:39136] PHP Fatal error:  Uncaught UnexpectedValueException: The stream or file "/var/www/html/MYSITE/storage/logs/laravel.log" could not be opened: failed to open stream: Permission denied in /var/www/html/MYSITE/bootstrap/cache/compiled.php:13701
Stack trace:
#0 /var/www/html/MYSITE/bootstrap/cache/compiled.php(13635): Monolog\\Handler\\StreamHandler->write(Array)
#1 /var/www/html/MYSITE/bootstrap/cache/compiled.php(13396): Monolog\\Handler\\AbstractProcessingHandler->handle(Array)
#2 /var/www/html/MYSITE/bootstrap/cache/compiled.php(13494): Monolog\\Logger->addRecord(400, Object(Symfony\\Component\\Debug\\Exception\\FatalErrorException), Array)
#3 /var/www/html/MYSITE/bootstrap/cache/compiled.php(13189): Monolog\\Logger->error(Object(Symfony\\Component\\Debug\\Exception\\FatalErrorException), Array)
#4 /var/www/html/MYSITE/bootstrap/cache/compiled.php(13160): Illuminate\\Log\\Writer->writeLog('error', Object(Symfony\\Component\\Debug\\Exception\\FatalErrorException), Array)
# in /var/www/html/MYSITE/bootstrap/cache/compiled.php on line 13701

I have done the following to try to overcome the issues:

chmod -R 775 storage
chmod -R 775 vendor
chown -R apache:apache storage

So it now shows as so:

-rwxrwxr-x. 1 apache apache 2156 May 16 11:41 storage/logs/laravel.log

But that didn't work.

Interestingly enough, I mis-typed some artisan commands earlier and those seemed to add logs to the logfile...

I already read/tried:

Improve this question
1

7 Answers 7

Reset to default
117

Turns out the issue is with selinux

I found this answer, which solved my problem.

Prove this is the problem by turning off selinux with the command

setenforce 0

This should allow writing, but you've turned off added security server-wide. That's bad. Turn SELinux back

setenforce 1

Then finally use SELinux to allow writing of the file by using this command

chcon -R -t httpd_sys_rw_content_t storage

And you're off!

Improve this answer
Sign up to request clarification or add additional context in comments.

8 Comments

I have tried chmod, I have tried chown, I have checked ACL, they all not work... you saved me a lot of time...thanks
I wasted a lot of time on this problem. This was the solution that got me moving again.
I want to acknowledge that, this is best answer when I deploy php project such as laravel website on CentOS, selinux is default firewall in RHEL CentOS system, Thank you
spent like 2 hours on this problem... thx for the solution...
chcon is temporary solution. Use semanage to set directory context permanently. chcon set context will be restored to default on reboot
|
10

I need to make more adjustments for SELinux than just for storage. Especially the config dir can get you this issue on Laravel bootstrapping.

If you sudo setenforce permissive and it works, then turn it back sudo setenforce enforcing then follow below.

SELinux laravel setup:

sudo semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/site/laravel/storage(/.*)?"
sudo semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/site/laravel/bootstrap/cache(/.*)?"

You may not need the following one for config, but i did. It may be safest not to run this one unless you need to:

sudo semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/site/laravel/config(/.*)?"

Then Reset after your dir adjustments have been made:

restorecon -Rv /var/www/site/

Improve this answer

3 Comments

This is the better way to do it than chcon, which will get reset if anyone ever calls restorecon or if the filesystem is relabelled. I agree with storage and bootstrap/cache. However, you really shouldn't make the config folder writable by the web server. Stock Laravel certainly does not need the config folder to be writable.
I think for me, if i recall correctly, the reason i wrote this post, was because of that very dir. That was my only issue config. So, i dont recall my setup on that, sorry. I would say dont do config, unless you need to.
this answer should be correct answer, remember chcon only for temporary. semanage for permanently
5

try these worked for me ...

sudo find ./storage -type f -exec chmod 666 {} \;
sudo find ./storage -type d -exec chmod 777 {} \;
Improve this answer

1 Comment

777 permission is a security risk !
1

In my case it was another unix user so this one worked:

chown -R php-fpm:php-fpm storage
Improve this answer

Comments

1

cd [laravelfolder]

chmod 777 storage -R

sudo chcon -t httpd_sys_rw_content_t storage -R

chmod 777 bootstrap

sudo chcon -t httpd_sys_rw_content_t bootstrap -R
Improve this answer

Comments

0

On CentOS 7 I had similar permissions issue. The solution which works for me is:

Add user centos to group apache

Add user apache to group centos

Restart httpd

The final line is vital as otherwise user apache will not be aware it is now also in group centos!

Same as user apache logging out and back in again.

Improve this answer

1 Comment

This would be way too permissive for any production server
0

I spent several hours looking for an easy solution in vain. I had to learn how SELinux works. This was quite helpful

Follow these steps to give php-fpm(httpd) the proper access rights to serve your laravel application on CentOS.

For some reason, I couldn't do this at the storage/ and bootstrap/cache/ level so I had to go down into the specific folders

0 (a) sudo semanage fcontext -a -t httpd_sys_content_t "/var/www/your_app(/.*)?"

0 (b) restorecon -Rv /var/www/your_app

1 (a). sudo semanage fcontext -a -t httpd_sys_rw_content_t '/var/www/your_app/storage/framework/views'

1(b). sudo restorecon -v /var/www/your_app/storage/framework/views'

2 (a). sudo semanage fcontext -a -t httpd_sys_rw_content_t '/var/www/your_app/storage/framework/cache'

2 (b). sudo restorecon -v /var/www/your_app/storage/framework/cache'

3 (a). sudo semanage fcontext -a -t httpd_sys_rw_content_t '/var/www/your_app/storage/framework/sessions'

3 (b). sudo restorecon -v /var/www/your_app/storage/framework/sessions'

4 (a). sudo semanage fcontext -a -t httpd_sys_rw_content_t '/var/www/your_app/bootstrap/cache/data'

4 (b). sudo restorecon -v /var/www/your_app/bootstrap/cache/data'

5 (a) sudo semanage fcontext -a -t httpd_log_t "/var/www/your_app/storage/logs"

5 (b) sudo restorecon -v /var/www/your_app/storage/logs'

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.