Nginx + PHP-FPM: Permissions on UNIX socket

B.R. reallfqq-nginx at yahoo.fr
Wed May 9 23:51:39 UTC 2012 

Well,

Following the advice of a friend, I made the Nginx user owner of the socket.
Guess what: it works!

I restricted the chmod to 0600 to be sure the group was involved.

Now here is some questions:
Why can't we use the group right on the socket?
Why is it the owner user who only has an impact on the effectiveness of the
rights?

The group is useless here... I am a little lost following that logic.
---
*B. R.*


On Wed, May 9, 2012 at 7:12 PM, B.R. <reallfqq-nginx at yahoo.fr> wrote:

> Hi,
>
> I still don't get it...
> I even tried to put the UNIX socket file inside a directory whose owner
> group was the 'www-data' one... Still 'Permission denied' in the Nginx log
> files!
>
> I reverted temporarily to the old way to bind Nginx with PHP-FPM, using
> the standard TCP listening and restricting it to the local interface
> through my firewall.
>
> If someone had an idea on this, I would be glad if he contributed!
> ---
> *B. R.*
>
>
>
> On Wed, May 9, 2012 at 1:43 PM, B.R. <reallfqq-nginx at yahoo.fr> wrote:
>
>> Hi Mark,
>>
>> Since I don't have ACL installed, here is the output of all others
>> commands:
>>
>> $ sudo service php5-fpm restart
>> Restarting PHP5 FastCGI Process Manager: php5-fpm.
>>
>>
>> $ date +%Y-%m-%d\ %H:%M:%S
>> 2012-05-09 19:39:30
>>
>>
>> $ ls -ald /var /var/run /var/run/php-fpm.sock
>> drwxr-xr-x 16 root     root     4096 21 nov.  17:10 /var
>> drwxr-xr-x  7 root     root     4096  9 mai   19:39 /var/run
>> srw-rw----  1 www-data www-data    0  9 mai   19:39 /var/run/php-fpm.sock
>>
>> $ groups nginx
>> nginx : www-data debian-transmission
>>
>> $ groups www-data
>> www-data : www-data
>>
>>
>> $ ps aux | grep -F -e php -e nginx
>>  root     19448  0.0  0.0  30400  1164 ?        Ss   May08   0:00 nginx:
>> master process /usr/sbin/nginx -c /etc/nginx/nginx.conf
>> nginx    19449  0.0  0.0  30808  2104 ?        S    May08   0:00 nginx:
>> worker process
>> root     30316  0.0  0.1 108440  4252 ?        Ss   19:39   0:00 php-fpm:
>> master process (/etc/php5/fpm/php-fpm.conf)
>> www-data 30317  0.0  0.0 108440  3788 ?        S    19:39   0:00 php-fpm:
>> pool www
>> www-data 30318  0.0  0.0 108440  3788 ?        S    19:39   0:00 php-fpm:
>> pool www
>> (me)    30330  0.0  0.0   9616   832 pts/0    S+   19:39   0:00 grep -F
>> -e php -e nginx
>>
>> I still don't get the problem...
>> ---
>> *B. R.*
>>
>>
>>
>> On Wed, May 9, 2012 at 1:32 PM, W-Mark Kubacki <wmark+nginx at hurrikane.de>wrote:
>>
>>> # (stop, then start php-fpm)
>>> # date +%Y-%m-%d\ %H:%M:%S
>>> # ls -ald /var /var/run /var/run/php-fpm.sock
>>> # getfacl /var/run/php-fpm.sock
>>> # groups nginx
>>> # groups www-data
>>> # ps aux | grep -F -e php -e nginx
>>>
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20120509/ffe15ef7/attachment.html>

More information about the nginx mailing list