AppDynamics does not directly support SELinux. For troubleshooting SELinux, consult your security team.
This page lists the requirements for monitoring PHP modules with SELinux.
The PHP agent requires the following:
- Read/write/execute privileges on <agent-install-dir>/logs directory.
- Read/write/execute privileges on proxy_ctrl_dir. The default directory for the PHP agent is /tmp/ad-XXXXX, where XXXXX is generated at runtime.
- The ability to read, write, create, and unlink Unix sockets.
- The ability to create, write, add_name, remove_name, and setattr on class dir.
- For automatically launching the proxy on RHEL/Centos 7, class capability2 block_suspend.
- Adding class process execmem or the SE bool httpd_execmem=on.
- Read/execute privileges on <agent-install-dir>/php/conf
- Read privilege on <agent-install-dir/conf/php/appdynamics_agent_log4cxx.xml
- Read/execute privileges on <agent-install-dir>/php/modules/*
Note: Many of the read/write requirements can be met by setting the type, recursively, of the <agent-install-dir> to httpd_sys_rw_content_t.
