Mkdir - Permission Denied in Live Website. Migrated from CentOS 7 to 8

This is a desperate call for help since the website is live and users are unable to upload pics. This is not a VirtualMin issue, but something related to folder permissions.

I just migrated my website from CentOS 7 to 8. Old & new server details are as follows

Old Server
Operating system CentOS Linux 7.8.2003
Apache version 2.4.6
PHP versions 5.6.40, 7.0.27
MySQL version 5.5.65
PHP: mod_php

New Server
Operating system CentOS Linux 8.2.2004
Apache version 2.4.37
PHP versions 7.2.24
MySQL version 10.3.17
PHP: PHP-FPM

I have a folder named “userpics” where i store photos uploaded by user. The userpics folder & files are owned by the user apache recursively. Folders have permission 0755 and files have permission 0644.

This used to work without issues in old server with CentOS 7 . But after migrating to CentOS 8, I am getting the following error while creating a directory.
PHP message: PHP Warning: mkdir(): Permission denied in /home/vserv/public_html/m.php on line 28\n’

sestatus command returns “SELinux status: disabled” in both the servers.

I tried setting httpd_sys_rw_content_t for the folders, but it didn’t work.

I have spent 2 days to diagnose the issue. But nothing worked. Please help.

Update:
I ran echo exec(‘whoami’) in old and new server and found that the Old Server returns apache and new server returns the virtual server username. So, I think this has something to do with who runs PHP scripts. Is it PHP-FPM issue?

If the userpics folder & files are within the /home/vserv directory structure then this might help:

Virtualmin -> Limits & Validation -> Validate Virtual Servers. Under the Fix Permissions tab, choose a suitable option. This will apply the correct ownership and permissions to files and directories that the Virtualmin ecosystem, including the web server, needs to work normally.

You were using mod_php on the old server. If userpic is outside /home/vserv directory you must manually apply the same ownership and permissions to the userpics folder & files that have been applied to folder & files that are within the /home/vserv directory on the new server for the script will work and users to be able to upload files.

1 Like

Thanks a lot Niel. I was able to fix the issue. Thanks a ton.

I am assuming this was the reason - in old server I had given ‘apache’ as the owner of userpics since I was using mod_php. And in new server only PHP-FPM is available. So, the fix you suggested changed the ownership of userpics folder to domain owner and that solved the issue. Hope this won’t result in security issues.

After I checked Virtualmin -> Limits & Validation -> Validate Virtual Servers, I found other minor issues. Fixing those too.

I am glad I was able to assist, @John_Arthur

I believe this will make the system more secure than before because using PHP-FPM rather than mod_php will restrict the impact of a security breach to only the virtual server that has been compromised.

I am stopping before I wander too far off-topic.

2 Likes

This topic was automatically closed 4 days after the last reply. New replies are no longer allowed.