AppDynamics Knowledge Base
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
New Article

What are the requirements for monitoring PHP applications using mod_php with SELinux?

What are the requirements for monitoring PHP applications using mod_php with SELinux?

AppDynamics does not directly support SELinux. For troubleshooting SELinux, consult your security team.

This page lists the requirements for monitoring PHP modules with SELinux.

The PHP agent requires the following:

  • Read/write/execute privileges on <agent-install-dir>/logs directory.
  • Read/write/execute privileges on proxy_ctrl_dir. The default directory for the PHP agent is /tmp/ad-XXXXX, where XXXXX is generated at runtime.
  • The ability to read, write, create, and unlink Unix sockets.
  • The ability to create, write, add_name, remove_name, and setattr on class dir.
  • For automatically launching the proxy on RHEL/Centos 7, class capability2 block_suspend.
  • Adding class process execmem or the SE bool httpd_execmem=on.
  • Read/execute privileges on <agent-install-dir>/php/conf
  • Read privilege on <agent-install-dir/conf/php/appdynamics_agent_log4cxx.xml
  • Read/execute privileges on <agent-install-dir>/php/modules/*


Note: Many of the read/write requirements can be met by setting the type, recursively, of the <agent-install-dir> to httpd_sys_rw_content_t.

Labels (1)
Labels:
Tags (2)
Version history
Last update:
‎10-16-2017 02:04 PM
Updated by:
Splunk Employee