Nginx + PHP-FPM: Permissions on UNIX socket
B.R.
reallfqq-nginx at yahoo.fr
Wed May 9 23:51:39 UTC 2012
Well,
Following the advice of a friend, I made the Nginx user owner of the socket.
Guess what: it works!
I restricted the chmod to 0600 to be sure the group was involved.
Now here is some questions:
Why can't we use the group right on the socket?
Why is it the owner user who only has an impact on the effectiveness of the
rights?
The group is useless here... I am a little lost following that logic.
---
*B. R.*
On Wed, May 9, 2012 at 7:12 PM, B.R. <reallfqq-nginx at yahoo.fr> wrote:
> Hi,
>
> I still don't get it...
> I even tried to put the UNIX socket file inside a directory whose owner
> group was the 'www-data' one... Still 'Permission denied' in the Nginx log
> files!
>
> I reverted temporarily to the old way to bind Nginx with PHP-FPM, using
> the standard TCP listening and restricting it to the local interface
> through my firewall.
>
> If someone had an idea on this, I would be glad if he contributed!
> ---
> *B. R.*
>
>
>
> On Wed, May 9, 2012 at 1:43 PM, B.R. <reallfqq-nginx at yahoo.fr> wrote:
>
>> Hi Mark,
>>
>> Since I don't have ACL installed, here is the output of all others
>> commands:
>>
>> $ sudo service php5-fpm restart
>> Restarting PHP5 FastCGI Process Manager: php5-fpm.
>>
>>
>> $ date +%Y-%m-%d\ %H:%M:%S
>> 2012-05-09 19:39:30
>>
>>
>> $ ls -ald /var /var/run /var/run/php-fpm.sock
>> drwxr-xr-x 16 root root 4096 21 nov. 17:10 /var
>> drwxr-xr-x 7 root root 4096 9 mai 19:39 /var/run
>> srw-rw---- 1 www-data www-data 0 9 mai 19:39 /var/run/php-fpm.sock
>>
>> $ groups nginx
>> nginx : www-data debian-transmission
>>
>> $ groups www-data
>> www-data : www-data
>>
>>
>> $ ps aux | grep -F -e php -e nginx
>> root 19448 0.0 0.0 30400 1164 ? Ss May08 0:00 nginx:
>> master process /usr/sbin/nginx -c /etc/nginx/nginx.conf
>> nginx 19449 0.0 0.0 30808 2104 ? S May08 0:00 nginx:
>> worker process
>> root 30316 0.0 0.1 108440 4252 ? Ss 19:39 0:00 php-fpm:
>> master process (/etc/php5/fpm/php-fpm.conf)
>> www-data 30317 0.0 0.0 108440 3788 ? S 19:39 0:00 php-fpm:
>> pool www
>> www-data 30318 0.0 0.0 108440 3788 ? S 19:39 0:00 php-fpm:
>> pool www
>> (me) 30330 0.0 0.0 9616 832 pts/0 S+ 19:39 0:00 grep -F
>> -e php -e nginx
>>
>> I still don't get the problem...
>> ---
>> *B. R.*
>>
>>
>>
>> On Wed, May 9, 2012 at 1:32 PM, W-Mark Kubacki <wmark+nginx at hurrikane.de>wrote:
>>
>>> # (stop, then start php-fpm)
>>> # date +%Y-%m-%d\ %H:%M:%S
>>> # ls -ald /var /var/run /var/run/php-fpm.sock
>>> # getfacl /var/run/php-fpm.sock
>>> # groups nginx
>>> # groups www-data
>>> # ps aux | grep -F -e php -e nginx
>>>
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20120509/ffe15ef7/attachment.html>
More information about the nginx
mailing list