We Keep Coding

gpg sign a file with --detach-sign in CentOS7 with SELinux enabled

My development environment is CentOS 7. SELinux is enabled in this.
I am trying to sign a tgz file using gpg command with shell_exec() in my PHP code as below.
$signResult = shell_exec("gpg --detach-sig --output signfile.gpg --sign InputFile.tgz 2>&1");
but I am getting the below error due to SELinux.
Error: gpg: failed to create temporary file `/opt/rh/httpd24/root/usr/share/httpd/.gnupg/.#xxxx.test.com:22680': Permission denied
gpg: Fatal: can't create lock for '/opt/rh/httd24/root/usr/share/httpd/.gnupg/trustdb.gpg'
I want to know how to sign a file (tgz file in my case) using gpg command in PHP code which should create a signature file(signfile.gpg) apart from the input file(InputFile.tgz).
or
Is there a way to do it with gnupg package like,
$gnupg = new gnupg();
$gnupg->setsignmode(gnupg::GNUPG_SIG_MODE_DETACH);
I do not know how to proceed after these steps.

By default GnuPG looks for keyrings in the $HOME/.gnupg, and if it is empty then attempts to create basic keyring files. Which fails in this case due to permissions. To override this you shoulde use --homedir option.
Also you would not be able to sign until you have some secret key file generated and stored in your keyrings.

Python setup.py egg_info failed with error code 1 at pip install psycopg2

[root#Nav15 nav15]# pip install psycopg2
Collecting psycopg2
/usr/lib/python2.6/site-packages/pip/_vendor/requests/packages/urllib3/util/ssl_.py:90: InsecurePlatformWarning: A true SSLContext object is not available. This prevents urllib3 from configuring SSL appropriately and may cause certain SSL connections to fail. For more information, see https://urllib3.readthedocs.org/en/latest/security.html#insecureplatformwarning.
InsecurePlatformWarning
Using cached psycopg2-2.6.2.tar.gz
Complete output from command python setup.py egg_info:
running egg_info
creating pip-egg-info/psycopg2.egg-info
/tmp/pip-build-Fh_XN3/psycopg2/setup.py:12: DeprecationWarning: Parameters to load are deprecated. Call .resolve and .require separately.
# FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
writing pip-egg-info/psycopg2.egg-info/PKG-INFO
writing top-level names to pip-egg-info/psycopg2.egg-info/top_level.txt
writing dependency_links to pip-egg-info/psycopg2.egg-info/dependency_links.txt
writing pip-egg-info/psycopg2.egg-info/PKG-INFO
writing top-level names to pip-egg-info/psycopg2.egg-info/top_level.txt
writing dependency_links to pip-egg-info/psycopg2.egg-info/dependency_links.txt
writing manifest file 'pip-egg-info/psycopg2.egg-info/SOURCES.txt'
warning: manifest_maker: standard file '-c' not found
Error: pg_config executable not found.
Please add the directory containing pg_config to the PATH
or specify the full executable path with the option:
python setup.py build_ext --pg-config /path/to/pg_config build ...
or with the pg_config option in 'setup.cfg'.
----------------------------------------
Command "python setup.py egg_info" failed with error code 1 in /tmp/pip-build-Fh_XN3/psycopg2

PHP Extension for C is failing to find function in C Library

Problem
I am learning to create a php extension. I have created a php extension for a basic hello world app. But the moment I try to include functions from the C library I am trying to entend then I get the following error message:
PHP Warning: PHP Startup: Unable to load dynamic library '/usr/lib/php5/20121212/hello.so' - /usr/lib/php5/20121212/hello.so: undefined symbol: nc_open in Unknown on line 0
This nc_open() function is the key function in the libary I am trying to extend
Process
I have created by header and config files and my c extension file which contains:
#ifdef HAVE_CONFIG_H
#include "config.h"
#endif
#include "php.h"
#include "php_hello.h"
#include <netcdf.h>
...
PHP_FUNCTION(hello_world)
{
int status;
int ncid;
status = nc_open("sample.nc", 0, &ncid);
RETURN_LONG(status);
}
I have set up a directory (on Ubuntu) and run the phpize and configure steps. I run the make command which runs with no errors.
In my php.ini file I have the hello.so extension which points to symbolic link to the file I make.
I then restart the apache server on my local machine and then run:
php -r 'echo hello_world();'
and get:
- /usr/lib/php5/20121212/hello.so: undefined symbol: nc_open in Unknown on line 0
PHP Warning: Module 'xdebug' already loaded in Unknown on line 0
PHP Fatal error: Call to undefined function hello_world() in Command line code on line 1
PHP Stack trace:
PHP 1. {main}() Command line code:0
The error only occurs when I have a function from netcdf.h
The error does not occur from just having the include statement.
What I've tried:
Firstly I tried writing a basic c program to check that it would work, I managed to succeed by compiling it with:
gcc test.c -lnetcdf -o Test
and running ./Test
I tried using the following MakeFile
LDLIBS = -lnetcdf
but was unsuccessful.
What I would like:
Preferably to know how to get this library to work in my extension but I would settle for being pointed to documents or examples to help me understand what I need to know to accomplish this.
Update
Following Elliott Frisch's comments I have tried the
Setting the PHP_RPATHS=/usr/local
Setting /etc/ld.so.conf to:
include /etc/ld.so.conf.d/*.conf
/usr/lib
Changing the MakeFile to:
LDLIBS = -lnetcdf
LDFLAGS = -static
I am making the assumption that /usr/local is the correct directory due to it containing netcdf.so
I have added the following lines to my config.m4 file according to try adding the suggested functions
PHP_ADD_INCLUDE(/usr/lib)
PHP_ADD_LIBRARY_WITH_PATH(netcdf, /usr/lib, HELLO_SHARED_LIBADD)
Unfortunately I am still getting the problem so I am trying to understand what these functions mean to make sure I using them correctly. (The library I need to connect to is /usr/lib/libnetcdf.a and need to include netcdf.h from that file.)

You'll need to use PHP_ADD_LIBRARY_WITH_PATH & PHP_ADD_INCLUDE macros in config.m4 to handle linking. Autoconf's macros are also helpful for find & verifying existing libraries.
The best examples can be found in the ext directory of PHP's source code. Like ext/zlib
PHP_ADD_LIBPATH($ZLIB_DIR/$PHP_LIBDIR, ZLIB_SHARED_LIBADD)
PHP_ZLIB_DIR=$ZLIB_DIR
PHP_ADD_LIBRARY(z,, ZLIB_SHARED_LIBADD)
PHP_ADD_INCLUDE($ZLIB_INCDIR)
And more detailed examples in ext/oracle (from apple's open source labs)
PHP_ADD_LIBRARY(clntsh, 1, ORACLE_SHARED_LIBADD)
PHP_ADD_LIBPATH($ORACLE_DIR/lib, ORACLE_SHARED_LIBADD)

The issue was with an incorrectly configured config.m4 file.
I added the following that I modified from examples I found to get it to work:
if test "$PHP_HELLO" != "no"; then
SEARCH_PATH="/usr/local /usr" # you might want to change this
SEARCH_FOR="/include/netcdf.h" # you most likely want to change this
if test -r $PHP_HELLO/$SEARCH_FOR; then # path given as parameter
HELLO_INC_DIR=$PHP_HELLO/include
else # search default path list
AC_MSG_CHECKING([for netcdf.h in default path])
for i in $SEARCH_PATH ; do
if test -r $i/$SEARCH_FOR; then
HELLO_INC_DIR=$i/include
AC_MSG_RESULT(found in $i)
fi
done
fi
if test -z "$HELLO_INC_DIR"; then
AC_MSG_RESULT([not found])
fi
SEARCH_PATH="/usr/local /usr" # you might want to change this
SEARCH_FOR="/lib/libnetcdf.a" # you most likely want to change this
if test -r $PHP_HELLO/$SEARCH_FOR; then # path given as parameter
HELLO_LIB_DIR=$PHP_HELLO/lib
else # search default path list
AC_MSG_CHECKING([for libnetcdf in default path])
for i in $SEARCH_PATH ; do
if test -r $i/$SEARCH_FOR; then
HELLO_LIB_DIR=$i/lib
AC_MSG_RESULT(found in $i)
fi
done
fi
if test -z "$HELLO_LIB_DIR"; then
AC_MSG_RESULT([not found])
AC_MSG_ERROR([Please check the netCDF distribution])
fi
# --with-netcdf -> add include path
PHP_ADD_INCLUDE($HELLO_INC_DIR)
# --with-netcdf -> check for lib and symbol presence
LIBNAME=netcdf # you may want to change this
dnl O_LDFLAGS=$LDFLAGS
dnl LDFLAGS="$LDFLAGS -L$NETCDF_LIB_DIR -l$LIBNAME"
PHP_ADD_LIBRARY($LIBNAME)
LIBSYMBOL=nc_inq_libvers # you most likely want to change this
PHP_CHECK_LIBRARY($LIBNAME,$LIBSYMBOL,
[
PHP_ADD_LIBRARY($LIBNAME)
AC_DEFINE(HAVE_HELLO,1,[Build netCDF extension])
],[
AC_MSG_ERROR([wrong netCDF library version or lib not found])
])
PHP_SUBST(HELLO_SHARED_LIBADD)
HELLO_SHARED_LIBADD=-l$LIBNAME

WSO2 WSF/PHP installation problems (C devs help needed)

I'm trying to install WSO2 WSF/PHP extension to use SOAP with WSSE.
I was having problems when I was compiling sources, I needed to checkout trunk (instead of tag 2.1) from their repository, couple of times I fixed php 5.4 compatibility issues in source codes, finally everything compiled successfully
But when I try to enable this extension I get an error:
user#centos:~/wsf$ php -i | grep "wsf"
PHP Warning: PHP Startup: Unable to load dynamic library '/usr/lib/php5/20100525+lfs/wsf.so' - /usr/lib/php5/20100525+lfs/wsf.so: undefined symbol: rampart_context_set_prv_key in Unknown on line 0
/etc/php5/cli/conf.d/20-wsf.ini,
PWD => /home/user/wsf
_SERVER["PWD"] => /home/user/wsf
I did grep on sources and found this:
user#centos:~/wsf$ grep -r "rampart_context_set_prv_key" .
./src/.svn/text-base/wsf_policy.c.svn-base: rampart_context_set_prv_key(rampart_context, env, Z_STRVAL_PP(token_val));
./src/.svn/text-base/wsf_policy.c.svn-base: if (rampart_context_set_prv_key_type (rampart_context, env, AXIS2_KEY_TYPE_PEM) == AXIS2_SUCCESS)
Binary file ./src/modules/wsf.so matches
./src/wsf_policy.c: rampart_context_set_prv_key(rampart_context, env, Z_STRVAL_PP(token_val));
./src/wsf_policy.c: if (rampart_context_set_prv_key_type (rampart_context, env, AXIS2_KEY_TYPE_PEM) == AXIS2_SUCCESS)
Binary file ./src/.libs/wsf.soT matches
Binary file ./src/.libs/wsf.so matches
Binary file ./src/.libs/wsf_policy.o matches
Binary file ./wsf_c/rampartc/src/util/.libs/librampart.so.0 matches
Binary file ./wsf_c/rampartc/src/util/.libs/librampart.a matches
Binary file ./wsf_c/rampartc/src/util/.libs/librampart.so.0.3.0 matches
Binary file ./wsf_c/rampartc/src/util/.libs/rampart_context.o matches
Binary file ./wsf_c/rampartc/src/util/.libs/librampart.so matches
./wsf_c/rampartc/src/util/rampart_context.c:rampart_context_set_prv_key(rampart_context_t *rampart_context,
./wsf_c/rampartc/src/util/rampart_context.c:rampart_context_set_prv_key_type(rampart_context_t *rampart_context,
./wsf_c/rampartc/src/util/rampart_context.c:rampart_context_set_prv_key_password(rampart_context_t *rampart_context,
Binary file ./wsf_c/rampartc/src/util/rampart_context.o matches
./wsf_c/rampartc/include/rampart_context.h: rampart_context_set_prv_key(rampart_context_t *rampart_context,
./wsf_c/rampartc/include/rampart_context.h: rampart_context_set_prv_key_type(rampart_context_t *rampart_context,
./wsf_c/rampartc/include/rampart_context.h: rampart_context_set_prv_key_password(rampart_context_t *rampart_context,
So basically I found only 1 file, wsf_policy.c which uses rampart_context_set_prv_key, but includes looks correct, and I don't know how to solve it. Any ideas?

Same Problem. Solved in the same way as in Error when trying to run security examples in wsf/php 2.1:
sudo apt-get install gcc-4.4
and then configuring wsf/php by running
./configure CC=gcc-4.4
Follow the rest of the normal installation steps and it should work.
You can also check the wsf.so library to see if it has the rampart libs linked in it by doing
ldd /usr/lib/php5/20090626/wsf.so
Also, just in case you haven't found it yet, here are the steps to compile WSF using PHP 5.4
https://wso2.org/jira/browse/WSFPHP-477

In my installation, the symbol "rampart_context_set_prv_key" is defined in the library ${wsf.home}/lib/librampart.so which is directly accessible from wsf.so thank to RPATH variable.

Class 'PharData' not found

I get this error on my production server (CentOS 5.4 and php 5.3.5) :
Warning: include_once(PharData.php): failed to open stream: No such
file or directory in /var/www/ZendFramework/library/Zend/Loader.php on
line 146
Warning: include_once(): Failed opening 'PharData.php' for inclusion
(include_path='/var/www/fw:/var/www/vmms:/var/www/ZendFw/library:.:/usr/share/pear:/usr/share/php')
in /var/www/ZendFw/library/Zend/Loader.php on line 146
Fatal error: Class 'PharData' not found in
/var/www/vm/app/Backup.php on line 40
And this is the code which fail :
$phar = new PharData($imageBackupFile);
$phar->buildFromDirectory($imageDir);
Logger::info("Image directory backed up to: $imageBackupFile");
This code is working fine on my own computer.
PharData should be included by default in php 5.3+ ...
Thanks for your help!
UPDATE :
I am using the Zend Auto loader feature to load the good php files using this code :
require_once("Zend/Loader/Autoloader.php");
$autoloader = Zend_Loader_Autoloader::getInstance()->setFallbackAutoloader(true);
Zend autoloader is doing the include_once(PharData.php).

Just because Phar is bundled by default in PHP 5.3 doesn't mean that it's necessarily included in your install. When you build PHP with ./configure, you can pass the --disable-phar to disable the Phar extension.
To confirm this, run the following script:
<?php
phpinfo();
?>
One of the first sections to appear will be the Configure Command section. Review this section to see if the --disable-phar switch is present, and if there is a Phar section to the page in general.
If it's not present, you'll need to contact your host to have it enabled. There's a decent chance, however, that they won't do it for you since it could impact other users depending on how their servers are set up. If this is on your own machine, you'll need to either rebuild PHP without that switch, or install Phar manually from PECL (no idea if this would still work in 5.3, but I don't see why it wouldn't).