Failed executing: /usr/local/bin/convert

Next topic

Author	Message
Kristian Hole	Monday 12 February 2007 9:54:59 am Hi All, A word of warning to all of you running recent version of Red Hat Enterprise Linux (RHEL) / Fedora. Newer RHEL has a kernel level protection mechanism called SELinux (Security Enhanced Linux). If this is installed, and you are running eZ Publish you will typically get similar errors in the debugoutput to this when trying to upload an image in the admin interface: Failed executing: /usr/local/bin/convert '-geometry' '600x600>' 'var/plain/storage/images/media/images//9769-1-eng-GB/blah.gif' 'GIF:var/plain/storage/images/media/images/9769-1-eng-GB/blah.gif', Error: , Return: 1 This is because the default SELinux disallows PHP to run the command. You can disable the protection by running: setenforce permissive But a better solution would be to configure SELinux to work with this. Does anybody know the best way to set up SELinux to get this working? Kristian http://ez.no/ez_publish/documenta...tricks/show_which_templates_are_used http://ez.no/doc/ez_publish/techn...te_operators/miscellaneous/attribute
Paul Borgermans	Monday 12 February 2007 11:20:29 am Hi Kristian, SELinux can be a tough beast. We should create a policy file which can be used by eZ publish based installations (fine grained control). Alternatively (from the httpd_selinux(8) man page): You can disable SELinux protection for the httpd daemon by executing: setsebool -P httpd_disable_trans 1 service httpd restart Paul eZ Publish, eZ Find, Solr expert consulting and training http://twitter.com/paulborgermans
James Ward	Monday 12 February 2007 11:41:37 am Paul, That is exactly how I am currently getting around SELinux issues with eZ Publish. I couldn't agree more that we need an example policy to provide Apache with access to imagemagick and only the write permissions required to run eZ. working at www.wardnet.com blogging at www.jamesward.ca
Kristian Hole	Monday 12 February 2007 1:03:41 pm Here is some more information: http://codex.gallery2.org/Gallery2:Installation_on_a_SELinux_Server Kristian http://ez.no/ez_publish/documenta...tricks/show_which_templates_are_used http://ez.no/doc/ez_publish/techn...te_operators/miscellaneous/attribute
Karl Latiss	Tuesday 13 February 2007 6:28:14 pm On a default Centos 4 server install with eZ installed in /var/www/html I added the following to /etc/selinux/targeted/src/policy/domains/misc/local.te allow httpd_sys_script_t devpts_t:chr_file { read write }; allow httpd_sys_script_t httpd_runtime_t:file write; allow httpd_sys_script_t httpd_sys_content_t:dir { add_name read setattr write }; allow httpd_sys_script_t httpd_sys_content_t:file { create setattr write }; allow httpd_sys_script_t self:capability { dac_override dac_read_search }; allow httpd_sys_script_t httpd_tmp_t:file { getattr read }; allow httpd_sys_script_t httpd_tmp_t:file write; allow httpd_sys_script_t tmp_t:lnk_file read; which seems to be enough to make things work. Atvert Systems http://www.atvert.com.au

eZ debug

Timing:	Jan 18 2025 11:40:42
Script start
Timing:	Jan 18 2025 11:40:42
Module start 'layout'
Timing:	Jan 18 2025 11:40:42
Module start 'content'
Timing:	Jan 18 2025 11:40:43
Module end 'content'
Timing:	Jan 18 2025 11:40:43
Script end

Main resources:

Total runtime	1.4112 sec
Peak memory usage	4,096.0000 KB
Database Queries	67

Timing points:

Checkpoint	Start (sec)	Duration (sec)	Memory at start (KB)	Memory used (KB)
Script start	0.0000	0.0055	588.0391	152.6406
Module start 'layout'	0.0055	0.0032	740.6797	39.4922
Module start 'content'	0.0087	1.4010	780.1719	648.7578
Module end 'content'	1.4097	0.0014	1,428.9297	16.1250
Script end	1.4111		1,445.0547

Time accumulators:

Accumulator	Duration (sec)	Duration (%)	Count	Average (sec)
Ini load
Load cache	0.0032	0.2247	16	0.0002
Check MTime	0.0013	0.0908	16	0.0001
Mysql Total
Database connection	0.0011	0.0769	1	0.0011
Mysqli_queries	1.3488	95.5784	67	0.0201
Looping result	0.0007	0.0473	65	0.0000
Template Total	1.3769	97.6	2	0.6884
Template load	0.0021	0.1495	2	0.0011
Template processing	1.3748	97.4191	2	0.6874
Template load and register function	0.0001	0.0067	1	0.0001
states
state_id_array	0.0011	0.0760	1	0.0011
state_identifier_array	0.0013	0.0937	2	0.0007
Override
Cache load	0.0020	0.1398	38	0.0001
Sytem overhead
Fetch class attribute can translate value	0.0006	0.0441	4	0.0002
Fetch class attribute name	0.0017	0.1184	8	0.0002
XML
Image XML parsing	0.0015	0.1054	4	0.0004
class_abstraction
Instantiating content class attribute	0.0000	0.0010	9	0.0000
General
dbfile	0.0011	0.0755	29	0.0000
String conversion	0.0000	0.0006	4	0.0000
Note: percentages do not add up to 100% because some accumulators overlap

Templates used to render the page:

Usage	Requested template	Template	Template loaded
1	node/view/full.tpl	full/forum_topic.tpl	extension/sevenx/design/simple/override/templates/full/forum_topic.tpl
4	content/datatype/view/ezimage.tpl	<No override>	extension/sevenx/design/simple/templates/content/datatype/view/ezimage.tpl
5	content/datatype/view/ezxmltext.tpl	<No override>	extension/community_design/design/suncana/templates/content/datatype/view/ezxmltext.tpl
9	content/datatype/view/ezxmltags/paragraph.tpl	<No override>	extension/ezwebin/design/ezwebin/templates/content/datatype/view/ezxmltags/paragraph.tpl
3	content/datatype/view/ezxmltags/literal.tpl	<No override>	extension/community/design/standard/templates/content/datatype/view/ezxmltags/literal.tpl
3	content/datatype/view/ezxmltags/line.tpl	<No override>	design/standard/templates/content/datatype/view/ezxmltags/line.tpl
1	print_pagelayout.tpl	<No override>	extension/community/design/community/templates/print_pagelayout.tpl
Number of times templates used: 26 Number of unique templates used: 7

Time used to render debug report: 0.0001 secs