My web page worked fine on the test server, but on the production LAMP server, the PHP scripts do not work -- cannot open, read and write files. The logs show permission denied errors.

The web server - apache (httpd) - is running as user apache. In a test on the production server, we were able to create files in the designated directories as the apache user from the command line; however, the script to create the file will not run from the website. I have tested with giving all permissions - chmod 777 - on the directory and the files.

SCRIPT:

<?php
$date = `date +%N`;
$fp = fopen("/opt/webfiles/$date" , "w");
$info = "hello its me";
fwrite($fp, $info);
fclose($fp);
?>

runs fine from the command line. From the web, the log shows this error:

LOG

from "/var/log/messages" - I need help to understand this log:

Sep 13 14:44:25 localhost kernel: audit(1189712665.978:60): avc: denied { read } for pid=10109 comm="sh" name="[9002]" dev=eventpollfs ino=9002 scontext=system_u:system_r:httpd_sys_script_t:s0 tcontext=system_u:system_r:httpd_t:s0 tclass=file
Sep 13 14:44:26 localhost kernel: audit(1189712666.114:61): avc: denied { read } for pid=10115 comm="sh" name="[9002]" dev=eventpollfs ino=9002 scontext=system_u:system_r:httpd_sys_script_t:s0 tcontext=system_u:system_r:httpd_t:s0 tclass=file
Sep 13 14:44:26 localhost kernel: audit(1189712666.118:62): avc: denied { write } for pid=2649 comm="httpd" name="webfiles" dev=sda6 ino=11108368 scontext=system_u:system_r:httpd_t:s0 tcontext=user_u:object_r:usr_t:s0 tclass=dir
Sep 13 14:44:26 localhost kernel: audit(1189712666.118:63): avc: denied { read } for pid=10116 comm="sh" name="[9002]" dev=eventpollfs ino=9002 scontext=system_u:system_r:httpd_sys_script_t:s0 tcontext=system_u:system_r:httpd_t:s0 tclass=file

OK. I got it. SELinux was turned on. I turned it off and everything ran fine. More info here - http://atmail.com/view_article.php?num=172