用date指令查看給定時區的時間
[root@localhost ~]# timedatectl list-timezones
:
Asia/Taipei
Asia/Tashkent
Asia/Tbilisi
Asia/Tehran
:
[root@localhost ~]# TZ='Asia/Taipei' date
Wed 11 Nov 2020 04:20:56 PM CST
[root@localhost ~]# date
Wed 11 Nov 2020 03:21:12 AM EST
圖檔上傳失敗訊息
無法開啟 "mwstore://local-backend/local-public/e/e1/嘸蝦米字根表.gif" 的鎖定檔案。請確保您的上傳目錄配置正確,且您的網頁伺服器具有寫入該目錄的權限。參見https://www.mediawiki.org/wiki/Special:MyLanguage/Manual:$wgUploadDirectory 獲取更多信息。
# ls /var/log -t
messages sssd spooler-20201108 messages-20201025 secure-20201018 maillog-20201018
secure spooler messages-20201101 dnf.librepo.log-20201025 boot.log spooler-20201018
lastlog maillog btmp hawkey.log-20201025 boot.log-20201014 private
wtmp php-fpm dnf.librepo.log-20201101 secure-20201025 sangfor_watchdog.log tallylog
dnf.log messages-20201108 hawkey.log-20201101 maillog-20201025 sangfor_vm_proxyd.log README
dnf.librepo.log httpd dnf.log.1 spooler-20201025 sfping.log samba
hawkey.log dnf.librepo.log-20201108 secure-20201101 mariadb firewalld chrony
dnf.rpm.log hawkey.log-20201108 btmp-20201101 messages-20201018 audit
sangfor_module_update.log secure-20201108 maillog-20201101 dnf.librepo.log-20201018 journal
sangfor maillog-20201108 spooler-20201101 hawkey.log-20201018 anaconda
察看/var/log/php-fpm並讓影像檔可以上傳
# ls /var/log/php-fpm -tl
total 416
-rw-r--r--. 1 apache apache 990 Nov 8 22:11 www-error.log
-rw-------. 1 root root 56 Nov 8 00:00 error.log
:
# cat /var/log/php-fpm/www-error.log
:
[11-Nov-2020 08:36:34 UTC] PHP Warning: move_uploaded_file(uploads/reddog.jpg): failed to open stream: Permission denied in /var/www/html/upload.php on line 20
[11-Nov-2020 08:36:34 UTC] PHP Warning: move_uploaded_file(): Unable to move '/tmp/phpoVb874' to 'uploads/reddog.jpg' in /var/www/html/upload.php on line 20
# chmod 777 uploads
* http://lfwiki.kmvs.km.edu.tw/upload.php
:
target_file=uploads/Tulips.jpg File is an image - image/jpeg.The file Tulips.jpg has been uploaded.
查看/var/log/httpd/access_log
[root@localhost kmvswiki2]# ls /var/log/httpd -t
access_log error_log-20201108 error_log-20201101 error_log-20201025 error_log-20201018
error_log access_log-20201108 access_log-20201101 access_log-20201025 access_log-20201018
[root@localhost kmvswiki2]# cat /var/log/httpd/access_log
:
163.25.20.252 - - [08/Nov/2020:20:57:46 -0500] "POST /kmvswiki2/api.php HTTP/1.1" 200 88 "http://lfwiki.kmvs.km.edu.tw/kmvswiki2/index.php?title=20201109%E6%9F%A5%E7%9C%8Bmediawiki%E7%9A%84LOG%E4%BE%86debug&action=edit" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:82.0) Gecko/20100101 Firefox/82.0"
163.25.20.252 - - [08/Nov/2020:20:57:46 -0500] "POST /kmvswiki2/index.php?title=20201109%E6%9F%A5%E7%9C%8Bmediawiki%E7%9A%84LOG%E4%BE%86debug&action=submit HTTP/1.1" 302 - "http://lfwiki.kmvs.km.edu.tw/kmvswiki2/index.php?title=20201109%E6%9F%A5%E7%9C%8Bmediawiki%E7%9A%84LOG%E4%BE%86debug&action=edit" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:82.0) Gecko/20100101 Firefox/82.0"
163.25.20.252 - - [08/Nov/2020:20:57:46 -0500] "GET /kmvswiki2/index.php?title=20201109%E6%9F%A5%E7%9C%8Bmediawiki%E7%9A%84LOG%E4%BE%86debug HTTP/1.1" 200 20304 "http://lfwiki.kmvs.km.edu.tw/kmvswiki2/index.php?title=20201109%E6%9F%A5%E7%9C%8Bmediawiki%E7%9A%84LOG%E4%BE%86debug&action=edit" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:82.0) Gecko/20100101 Firefox/82.0"
221.225.114.106 - - [08/Nov/2020:20:57:52 -0500] "GET /phpmyAdmin/ HTTP/1.1" 404 196 "-" "-"
[root@localhost kmvswiki2]#
查看/var/log/httpd/error_log
[root@localhost kmvswiki2]# cat /var/log/httpd/error_log
:
[Sun Nov 08 19:51:29.875119 2020] [autoindex:error] [pid 1874604:tid 1874666] [client 101.251.242.238:36919] AH01276: Cannot serve directory /var/www/html/: No matching DirectoryIndex (index.html,index.php) found, and server-generated directory index forbidden by Options directive
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using localhost.localdomain. Set the 'ServerName' directive globally to suppress this message
;[http2:warn] [pid 1196989:tid 1196989] AH02951: mod_ssl does not seem to be enabled
修改httpd.conf 及 php.ini
# vi /etc/httpd/conf/httpd.conf
# cat /etc/httpd/conf/httpd.conf|grep index.php
DirectoryIndex index.html index.php
:
ServerName lfwiki.kmvs.km.edu.tw:80
# systemctl restart httpd
# ps ax|grep httpd
1183559 ? Ss 0:00 /usr/sbin/httpd -DFOREGROUND
1183561 ? S 0:00 /usr/sbin/httpd -DFOREGROUND
1183562 ? Sl 0:00 /usr/sbin/httpd -DFOREGROUND
1183563 ? Sl 0:00 /usr/sbin/httpd -DFOREGROUND
1183564 ? Sl 0:00 /usr/sbin/httpd -DFOREGROUND
1184331 pts/0 S+ 0:00 grep --color=auto httpd
# cat /etc/php.ini|grep open_basedir
; open_basedir, if set, limits all file operations to the defined directory
open_basedir = /var/www/html/kmvswiki2/images/:/var/www/html/uploads/:/tmp/
; Note: if open_basedir is set, the cache is disabled
[root@localhost ~]#
[root@localhost ~]# stat /var/www/html/uploads/
File: /var/www/html/uploads/
Size: 57 Blocks: 0 IO Block: 4096 directory
Device: fd00h/64768d Inode: 11578759 Links: 2
Access: (0755/drwxr-xr-x) Uid: ( 0/ root) Gid: ( 0/ root)
Context: unconfined_u:object_r:httpd_sys_rw_content_t:s0
Access: 2020-11-10 22:34:30.326348884 -0500
Modify: 2020-10-27 00:59:57.339026081 -0400
Change: 2020-10-27 01:38:35.541541889 -0400
Birth: -
[root@localhost ~]# stat /tmp/
File: /tmp/
Size: 180 Blocks: 0 IO Block: 4096 directory
Device: 1fh/31d Inode: 20408 Links: 9
Access: (1777/drwxrwxrwt) Uid: ( 0/ root) Gid: ( 0/ root)
Context: system_u:object_r:tmp_t:s0
Access: 2020-11-05 03:10:05.959282800 -0500
Modify: 2020-11-11 03:35:03.898004510 -0500
Change: 2020-11-11 03:35:03.898004510 -0500
Birth: -
[root@localhost ~]#
# cat /etc/php.ini |grep file_uploads
file_uploads = On
max_file_uploads = 20
# tree test
test
├── 1.txt
└── b
└── 1.php
1 directory, 2 files
# cat test/b/1.php
<?php
echo file_get_contents("../1.txt");
?>
# systemctl restart httpd
# php 1.php
PHP Warning: file_get_contents(): open_basedir restriction in effect. File(../1.txt) is not within the allowed path(s): (/var/www/html/uploads/:/var/www/html/kmvswiki2/images/) in /var/www/html/test/b/1.php on line 2
Warning: file_get_contents(): open_basedir restriction in effect. File(../1.txt) is not within the allowed path(s): (/var/www/html/uploads/:/var/www/html/kmvswiki2/images/) in /var/www/html/test/b/1.php on line 2
PHP Warning: file_get_contents(../1.txt): failed to open stream: Operation not permitted in /var/www/html/test/b/1.php on line 2
Warning: file_get_contents(../1.txt): failed to open stream: Operation not permitted in /var/www/html/test/b/1.php on line 2
[root@localhost html]# cd test/b
[root@localhost b]# vi 2.php
[root@localhost b]# cat 2.php
<?php
system("rm -rf ../1.txt");
?>
[root@localhost b]# php 2.php
[root@localhost b]# ls ..
b
[root@localhost b]#