remote file access denied?

ajdegans

Hi there, short question:

If i get this error...

Warning: simplexml_load_file(http://whatpulse.org/api/users/185749.xml) [function.simplexml-load-file]: failed to open stream: Permission denied in /var/www/klant/whatpulse.php on line 2

where does it go wrong?

I tried to use include() to a remote file which also doesnt work, same error.

I'm using this code for the xml error:

<?php
$profile = simplexml_load_file('http://whatpulse.org/api/users/185749.xml');
echo $profile->UserID;
?>

I think i need to change something in either httpd.conf or php.ini but i cant find nothing about remote file access.
the fopen_url_allow thingy in php.ini is set to on.

im using fedora core 4 64, apache 2.0.54/php 5.0.4

many thanks in advance..

samudasu

Get rid of fedora. If you have to use it then disable SELinux which is most likely the problem.

ajdegans

samudasu wrote:
Get rid of fedora. If you have to use it then disable SELinux which is most likely the problem.

sounds like you just dont like fedora. 🙂

do you have another more reasonable sollution?

samudasu

You're right, i don't like it. Are you running with SELinux? I'm not joking about disabling it if you're using it.

ajdegans

fair enough! 🙂

hmm, im not entirely sure if its fully enabled i remember on installation it asked for it but cant recall what i did then. if it is enabled it will be some default low profile. in general i dont really need much security as i handle security elsewhere.

im not very experienced with linux, just installed the thing and focused on configuring webservices.

from some research i did i understand selinux handles most of the security?
im not using a gui of anykind and all administration i do goes via putty.

i also found on a fedora site its a 'tricky' thing to play with as it can kill the filesystem when things change? im not sure how this can be. but i assume they know what theyre talking about....

samudasu

I'm not saying 100% that this is the problem but the symptoms are right (permission denied on remote file access). You already said allow_url_fopen is on, you've tried incude, and other functions that rely on the url fopen wrapper so this is why i think it's selinux. This isn't the first time i've seen this. You might want to read this. Maybe you can temporarily disable it and see if your problem goes away.
http://fedora.redhat.com/docs/selinux-faq-fc5/

ajdegans

thanks, ill have a look at it when im back from college...

ajdegans

i cant find how to disable selinux temporarily also im not confident on rewriting policy to exclude httpd from selinux.

what does change if i disable selinux at all?
how 'unsecure' will me system be then?

just asking before i do something silly 🙂

edit
i played with system-config-securitylevel from commandline

its some firewalling program? When i enabled > customized it nothing would work regarding connections. so i assumed it was disabled. on reboot i noticed SElinux being initialized but i saw no httpd or anything alike in the list which was scrolling by in the selinux part. im not sure if that matters but if it sums up a list of software which is controlled/protected/whatevered by it i think httpd should to if its under its wing.

ajdegans

i just noticed i cant include local files too.

but, im using php all over my server and this is on a subdomain.
it seems some random includes are not working 🙁
plus, and this is the weird thing, in some files on this subdomain are include() things that work. even require() ones....

i am totally lost now. and have no clue where the error is.

anyone has a clue?
thanks!