When I use PHP's move_uploaded_file function to upload files in to a directory, those files have the label httpd_sys_rw_content_t and inherit the parent directory's ACLs. If I configure PHP to use a custom created temp directory, the uploaded files are instead labelled httpd_tmp_t and lose the ACL.
What causes this to happen?
The temp directory resides in /var/www/project/tmp. It has a mode of 1777 and a label of tmp_t.
The upload directory resides in /var/www/project/uploads and is writable by the PHP process and has a label of httpd_sys_rw_content_t. Files created inside it also have this label and inherit the ACLs of its parent, except in this strange case.
I would say this is the result of moving files from one location to another, but why does it not do this for /tmp?
- Rocky Linux 8
- PHP 8.1
There is a file transition saying that when a process with the type
httpd_tcreates a file in a directory with the typetmp_t, it applies the typehttpd_tmp_t.If you are expecting the
httpd_sys_rw_content_ttype for the files created in this directory, you should set this type to the directory: