Forums / Install & configuration / Failed executing: /usr/local/bin/convert

Failed executing: /usr/local/bin/convert

« 
Previous topic
|
Install & configuration
|
Next topic
 »
Author Message

Kristian Hole

Monday 12 February 2007 9:54:59 am

Hi All,

A word of warning to all of you running recent version of Red Hat Enterprise Linux (RHEL) / Fedora. Newer RHEL has a kernel level protection mechanism called SELinux (Security Enhanced Linux). If this is installed, and you are running eZ Publish you will typically get similar errors in the debugoutput to this when trying to upload an image in the admin interface:

Failed executing: /usr/local/bin/convert '-geometry' '600x600>' 'var/plain/storage/images/media/images//9769-1-eng-GB/blah.gif' 'GIF:var/plain/storage/images/media/images/9769-1-eng-GB/blah.gif', Error: , Return: 1

This is because the default SELinux disallows PHP to run the command.

You can disable the protection by running: 

setenforce permissive

But a better solution would be to configure SELinux to work with this. Does anybody know the best way to set up SELinux to get this working?

Kristian

http://ez.no/ez_publish/documenta...tricks/show_which_templates_are_used
http://ez.no/doc/ez_publish/techn...te_operators/miscellaneous/attribute

Paul Borgermans

Monday 12 February 2007 11:20:29 am

Hi Kristian,

SELinux can be a tough beast. We should create a policy file which can be used by eZ publish based installations (fine grained control).

Alternatively (from the httpd_selinux(8) man page):

You can disable SELinux protection for the httpd daemon by executing:

    setsebool -P httpd_disable_trans 1 service httpd restart

Paul

eZ Publish, eZ Find, Solr expert consulting and training
http://twitter.com/paulborgermans

James Ward

Monday 12 February 2007 11:41:37 am

Paul,
That is exactly how I am currently getting around SELinux issues with eZ Publish. I couldn't agree more that we need an example policy to provide Apache with access to imagemagick and only the write permissions required to run eZ.

working at www.wardnet.com
blogging at www.jamesward.ca

Kristian Hole

Monday 12 February 2007 1:03:41 pm

Here is some more information:
http://codex.gallery2.org/Gallery2:Installation_on_a_SELinux_Server

Kristian

http://ez.no/ez_publish/documenta...tricks/show_which_templates_are_used
http://ez.no/doc/ez_publish/techn...te_operators/miscellaneous/attribute

Karl Latiss

Tuesday 13 February 2007 6:28:14 pm

On a default Centos 4 server install with eZ installed in /var/www/html I added the following to

/etc/selinux/targeted/src/policy/domains/misc/local.te

allow httpd_sys_script_t devpts_t:chr_file { read write };
allow httpd_sys_script_t httpd_runtime_t:file write;
allow httpd_sys_script_t httpd_sys_content_t:dir { add_name read setattr write };
allow httpd_sys_script_t httpd_sys_content_t:file { create setattr write };
allow httpd_sys_script_t self:capability { dac_override dac_read_search };
allow httpd_sys_script_t httpd_tmp_t:file { getattr read };
allow httpd_sys_script_t httpd_tmp_t:file write;
allow httpd_sys_script_t tmp_t:lnk_file read;

which seems to be enough to make things work.

Atvert Systems
http://www.atvert.com.au

eZ debug

Timing: Jan 18 2025 11:10:22
Script start
Timing: Jan 18 2025 11:10:22
Module start 'content'
Timing: Jan 18 2025 11:10:23
Module end 'content'
Timing: Jan 18 2025 11:10:23
Script end

Main resources:

Total runtime0.9205 sec
Peak memory usage4,096.0000 KB
Database Queries204

Timing points:

CheckpointStart (sec)Duration (sec)Memory at start (KB)Memory used (KB)
Script start 0.00000.0062 588.9688180.8203
Module start 'content' 0.00620.7480 769.7891653.8516
Module end 'content' 0.75420.1662 1,423.6406341.0469
Script end 0.9204  1,764.6875 

Time accumulators:

 Accumulator Duration (sec) Duration (%) Count Average (sec)
Ini load
Load cache0.00380.4113210.0002
Check MTime0.00150.1622210.0001
Mysql Total
Database connection0.00080.085110.0008
Mysqli_queries0.831490.32142040.0041
Looping result0.00330.36172020.0000
Template Total0.888296.520.4441
Template load0.00210.230420.0011
Template processing0.886196.254220.4430
Template load and register function0.00020.016410.0002
states
state_id_array0.00130.139510.0013
state_identifier_array0.00110.115520.0005
Override
Cache load0.00180.1964380.0000
Sytem overhead
Fetch class attribute can translate value0.00220.235750.0004
Fetch class attribute name0.00250.270980.0003
XML
Image XML parsing0.00240.262450.0005
class_abstraction
Instantiating content class attribute0.00000.001690.0000
General
dbfile0.00390.4288400.0001
String conversion0.00000.000730.0000
Note: percentages do not add up to 100% because some accumulators overlap

CSS/JS files loaded with "ezjscPacker" during request:

CacheTypePacklevelSourceFiles
CSS0extension/community/design/community/stylesheets/ext/jquery.autocomplete.css
extension/community_design/design/suncana/stylesheets/scrollbars.css
extension/community_design/design/suncana/stylesheets/tabs.css
extension/community_design/design/suncana/stylesheets/roadmap.css
extension/community_design/design/suncana/stylesheets/content.css
extension/community_design/design/suncana/stylesheets/star-rating.css
extension/community_design/design/suncana/stylesheets/syntax_and_custom_tags.css
extension/community_design/design/suncana/stylesheets/buttons.css
extension/community_design/design/suncana/stylesheets/tweetbox.css
extension/community_design/design/suncana/stylesheets/jquery.fancybox-1.3.4.css
extension/bcsmoothgallery/design/standard/stylesheets/magnific-popup.css
extension/sevenx/design/simple/stylesheets/star_rating.css
extension/sevenx/design/simple/stylesheets/libs/fontawesome/css/all.min.css
extension/sevenx/design/simple/stylesheets/main.v02.css
extension/sevenx/design/simple/stylesheets/main.v02.res.css
JS0extension/ezjscore/design/standard/lib/yui/3.17.2/build/yui/yui-min.js
extension/ezjscore/design/standard/javascript/jquery-3.7.0.min.js
extension/community_design/design/suncana/javascript/jquery.ui.core.min.js
extension/community_design/design/suncana/javascript/jquery.ui.widget.min.js
extension/community_design/design/suncana/javascript/jquery.easing.1.3.js
extension/community_design/design/suncana/javascript/jquery.ui.tabs.js
extension/community_design/design/suncana/javascript/jquery.hoverIntent.min.js
extension/community_design/design/suncana/javascript/jquery.popmenu.js
extension/community_design/design/suncana/javascript/jScrollPane.js
extension/community_design/design/suncana/javascript/jquery.mousewheel.js
extension/community_design/design/suncana/javascript/jquery.cycle.all.js
extension/sevenx/design/simple/javascript/jquery.scrollTo.js
extension/community_design/design/suncana/javascript/jquery.cookie.js
extension/community_design/design/suncana/javascript/ezstarrating_jquery.js
extension/community_design/design/suncana/javascript/jquery.initboxes.js
extension/community_design/design/suncana/javascript/app.js
extension/community_design/design/suncana/javascript/twitterwidget.js
extension/community_design/design/suncana/javascript/community.js
extension/community_design/design/suncana/javascript/roadmap.js
extension/community_design/design/suncana/javascript/ez.js
extension/community_design/design/suncana/javascript/ezshareevents.js
extension/sevenx/design/simple/javascript/main.js

Templates used to render the page:

UsageRequested templateTemplateTemplate loadedEditOverride
1node/view/full.tplfull/forum_topic.tplextension/sevenx/design/simple/override/templates/full/forum_topic.tplEdit templateOverride template
4content/datatype/view/ezimage.tpl<No override>extension/sevenx/design/simple/templates/content/datatype/view/ezimage.tplEdit templateOverride template
5content/datatype/view/ezxmltext.tpl<No override>extension/community_design/design/suncana/templates/content/datatype/view/ezxmltext.tplEdit templateOverride template
9content/datatype/view/ezxmltags/paragraph.tpl<No override>extension/ezwebin/design/ezwebin/templates/content/datatype/view/ezxmltags/paragraph.tplEdit templateOverride template
3content/datatype/view/ezxmltags/literal.tpl<No override>extension/community/design/standard/templates/content/datatype/view/ezxmltags/literal.tplEdit templateOverride template
3content/datatype/view/ezxmltags/line.tpl<No override>design/standard/templates/content/datatype/view/ezxmltags/line.tplEdit templateOverride template
1pagelayout.tpl<No override>extension/sevenx/design/simple/templates/pagelayout.tplEdit templateOverride template
 Number of times templates used: 26
 Number of unique templates used: 7

Time used to render debug report: 0.0002 secs