Check if php-file exists in chroot jail
Volodymyr Kostyrko
c.kworr at gmail.com
Thu Mar 22 12:33:06 UTC 2012
maverick78 wrote:
> There a a lot of configuration-files, so I better put them into a
> pastebin.
>
> example.com vhost: http://pastebin.com/ibAfvGNu
> nginx.conf: http://pastebin.com/mRtvvDq4
> fastcgi_params http://pastebin.com/mqxQPAK6
And that's your poison:
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
You haven't said anywhere that nginx is chrooted but your php-fpm pool
surely is. This way you should use full path in nginx config and submit
relative path to php-fpm.
Here's my sample setup for chrooted yii app:
== nginx.conf
server {
listen
server_name
root /home/user/www/sitedir;
access_log /var/log/nginx/site.access.log;
error_log /var/log/nginx/site.error.log;
index index.php;
set $docroot /www/sitedir;
location / {
expires 1d;
try_files $uri $uri/ @missing;
}
location @missing {
rewrite ^ /index.php?url=$uri last;
}
include "/home/user/etc/nginx_php.conf";
}
==
== nginx_php.conf
location ~ .*\.php$ {
try_files $uri =404;
include /usr/local/etc/nginx/fastcgi_params;
fastcgi_pass unix:/home/user/www/.fastcgi.php.socket;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $docroot$fastcgi_script_name;
}
==
> php-fpm.conf: http://pastebin.com/2DSEescT
> php fpm pool configuration: http://pastebin.com/zkek7TzN
>
> The above with try_files /web/example.com$uri =404; doesn't work either.
PS: Remember that some php modules do require access to extra files and
even devices like '/tmp' and '/dev/crypto'.
--
Sphinx of black quartz judge my vow.
More information about the nginx
mailing list