Knowledge Base

cancel
Showing results for 
Search instead for 
Did you mean: 

What are the requirements for monitoring PHP applications using mod_php with SELinux?

AppDynamics does not directly support SELinux. For troubleshooting SELinux, consult your security team.

 

This page lists the requirements for monitoring PHP modules with SELinux.

 

The PHP agent requires the following:

 

  • Read/write/execute privileges on <agent-install-dir>/logs directory.
  • Read/write/execute privileges on proxy_ctrl_dir. The default directory for the PHP agent is /tmp/ad-XXXXX, where XXXXX is generated at runtime.
  • The ability to read, write, create, and unlink Unix sockets.
  • The ability to create, write, add_name, remove_name, and setattr on class dir.
  • For automatically launching the proxy on RHEL/Centos 7, class capability2 block_suspend.
  • Adding class process execmem or the SE bool httpd_execmem=on.
  • Read/execute privileges on <agent-install-dir>/php/conf
  • Read privilege on <agent-install-dir/conf/php/appdynamics_agent_log4cxx.xml
  • Read/execute privileges on <agent-install-dir>/php/modules/*


Note: Many of the read/write requirements can be met by setting the type, recursively, of the <agent-install-dir> to httpd_sys_rw_content_t.

Version history
Revision #:
2 of 2
Last update:
3 weeks ago
Updated by:
 
Labels (1)
Tags (1)
0 Kudos