I'm trying to arrange for the permissions on /var/log/httpd to be set so that httpd can write its log files there, but I can't seem to make it work. I've chowned the directory to apache:apache, and chmoded it 777:
# ls -l /var/log
[...]
drwxrwxrwx 2 apache apache 4096 Aug 26 15:55 httpd
So why the heck can't the apache user write files to that directory?
# sudo -u apache touch /var/log/httpd/foo
touch: cannot touch `/var/log/httpd/foo': Permission denied
What's going on here?
Best Answer
The apache user needs to be able to traverse the directory tree to /var/log/httpd so ensure that at some permission level each of the directories /var, /var/log and /var/log/httpd have an
xbit set that will allow this.Check that there are no acls set that affect the apache user getfacl can help you determine this.
Check that there are no extended file attributes that are affecting the apache user lsattr with explanation in the chattr manual.