System administrators

Page tree

AppArmor

If AppArmor is running, and mysql or apache2 data directories are other as the default, this must be changed in the apparmor config too.

See https://askubuntu.com/questions/916009/mysql-wont-start-because-of-apparmor

SELinux enabled

The sestatus command provides a configurable view into the status of SELinux. The simplest form of this command shows the following information:

[root@localhost ~]# sestatus
SELinux status:                 enabled
SELinuxfs mount:                /selinux
Current mode:                   enforcing
Mode from config file:          enforcing
Policy version:                 21
Policy from config file:        targeted

If SELinux is enabled, the corresponding ACL labels has to be added to the translate5 writeable files/directories.

We assume the installation in /var/www/html and the DocumentRoot in /var/www/html/public.

chcon -R -t httpd_sys_rw_content_t /var/www/html/data
chmod -R o+w /var/www/html/data
chcon -R -t httpd_sys_rw_content_t /var/www/html/public/modules/editor/images/imageTags
chmod -R o+w /var/www/html/public/modules/editor/images/imageTags

The existing imageTags should also be writeable, since updates will perhaps manipulate the already existing images in the future.

To check for valid ACL context do the following (if httpd_sys_content_rw_r is invalid):

semanage fcontext -l | grep http

Since chcon changes are only temporarily (the previuos values are restored with restorecon) the above changes made with chcon should be added to the definition list in

/etc/selinux/targeted/contexts/files/file_contexts

It is possible that the writeable folders needed for translate5 will change in future!

PHP Log

If no errors are logged in the configured PHP Log file, the reason is probably the same as above, so call also chcon on the php log file and add it to the persistent file_contexts list.

Using .htaccess is not configured

If only index.php is working, but for example /login gives an 404 error, check the apache config if using .htaccess files is enabled.

In the httpd.conf there should be something like that:

<Directory "/var/www/html/public">
    Options Indexes FollowSymLinks
    AllowOverride All 
    Require all granted
</Directory>

Ensure that AllowOverride is All and not None!

  • No labels