I have this issue with PHP and SELinux on Red Hat Enterprise Linux (RHEL) for AWS. When I use _FILES array to get the file (jpg) from POST, it makes the SELinux type to be
user_tmp_t instead of
httpd_sys_content_1 which is necessary when move_uploaded_file moves the file to the upload directory which is in the standard
var/www/html/ directory. Because
move_uploaded_file never changes the SELinux type on the file, the jpg file becomes forbidden to use. How do I solve this problem?
move_uploaded_file($_FILES['file']['tmp_name'], $uploaddir) is what I am using.
I’ve tried changing the php.ini sys_upload_dir and upload_tmp_dir but the problem still exists. I’ve also tried creating a new folder to store tmp files and using
sudo semanage fcontext -a -t httpd_sys_content_t "/phptmp(/.*)?" but still does not work.
semanage fcontext -a -t httpd_sys_content_t '/var/www/html(/.*)?' and
restorecon -R -v /var/www/html/ does solve the problem for the existing files, but it doesn’t work in the future though because PHP is causing it to be
user_tmp_t every time.
I would like to use SELinux but this is very frustrating since I don’t know a way to change SELinux properties on PHP really.