i can't make work nginx with php-fpm. Googled whole day, tried everything but no result.
Any request is 502 and in error log i see this:
# tail /var/log/**/*error*.log
==> /var/log/nginx/acme.www.error.log <==
2016/08/16 04:24:14 [crit] 930#930: *1 connect() to unix:/root/.phpbrew/php/php-5.6.24/var/run/php-fpm.sock failed (13: Permission denied) while connecting to upstream, client: 10.0.2.2, server: acme.dev, request: "GET / HTTP/1.1", upstream: "fastcgi://unix:/root/.phpbrew/php/php-5.6.24/var/run/php-fpm.sock:", host: "www.acme.dev:8080"
More tech info about my configuration here (it's almost default from repos):
# uname -a
Linux vagrant-ubuntu-trusty-64 3.13.0-93-generic #140-Ubuntu SMP Mon Jul 18 21:21:05 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux
# php -v
PHP 5.6.24 (cli) (built: Aug 16 2016 02:28:22)
Copyright (c) 1997-2016 The PHP Group
Zend Engine v2.6.0, Copyright (c) 1998-2016 Zend Technologies
with Xdebug v2.4.1, Copyright (c) 2002-2016, by Derick Rethans
# phpbrew fpm which
/root/.phpbrew/php/php-5.6.24/sbin/php-fpm
# /root/.phpbrew/php/php-5.6.24/sbin/php-fpm -v
PHP 5.6.24 (fpm-fcgi) (built: Aug 16 2016 02:28:29)
Copyright (c) 1997-2016 The PHP Group
Zend Engine v2.6.0, Copyright (c) 1998-2016 Zend Technologies
with Xdebug v2.4.1, Copyright (c) 2002-2016, by Derick Rethans
# /root/.phpbrew/php/php-5.6.24/sbin/php-fpm -t
[16-Aug-2016 04:09:42] NOTICE: configuration file /root/.phpbrew/php/php-5.6.24/etc/php-fpm.conf test is successful
# cat /root/.phpbrew/php/php-5.6.24/etc/php-fpm.conf | egrep 'user|owner|group|mode'
user = www-data
group = www-data
listen.owner = www-data
listen.group = www-data
listen.mode = 0660
# nginx -v
nginx version: nginx/1.10.1
# cat /etc/nginx/nginx.conf | egrep 'user|owner|group|mode'
user www-data;
# cat /etc/nginx/snippets/fastcgi-php.conf | grep fastcgi_pass
fastcgi_pass unix:/root/.phpbrew/php/php-5.6.24/var/run/php-fpm.sock;
# fastcgi_pass unix:/root/.phpbrew/php/php-7.0.9/var/run/php-fpm.sock;
# nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
# date +%Y-%m-%d\ %H:%M:%S
2016-08-16 04:21:21
# ls -ahlFG /root/.phpbrew/php/php-5.6.24/var/run/php-fpm.sock
srw-rw---- 1 www-data 0 Aug 16 04:02 /root/.phpbrew/php/php-5.6.24/var/run/php-fpm.sock=
# getfacl /root/.phpbrew/php/php-5.6.24/var/run/php-fpm.sock
getfacl: Removing leading '/' from absolute path names
# file: root/.phpbrew/php/php-5.6.24/var/run/php-fpm.sock
# owner: www-data
# group: www-data
user::rw-
group::rw-
other::---
# groups nginx
nginx : nginx www-data
# groups www-data
www-data : www-data nginx
# ps aux | grep -F -e php -e nginx
root 2660 0.0 0.1 91500 1596 ? Ss 03:57 0:00 nginx: master process /usr/sbin/nginx -g daemon on; master_process on;
www-data 2661 0.1 0.3 92200 3612 ? SN 03:57 0:02 nginx: worker process
www-data 2662 0.0 0.3 92200 3120 ? SN 03:57 0:00 nginx: worker process
www-data 2664 0.1 0.3 92200 3612 ? SN 03:57 0:02 nginx: worker process
root 2712 0.0 1.0 251288 10276 ? Ss 04:02 0:00 php-fpm: master process (/root/.phpbrew/php/php-5.6.24/etc/php-fpm.conf)
www-data 2713 0.0 0.9 251288 9216 ? S 04:02 0:00 php-fpm: pool www
www-data 2714 0.0 0.9 251288 9216 ? S 04:02 0:00 php-fpm: pool www
root 3101 0.0 0.0 11920 788 pts/0 R+ 04:20 0:00 grep --color=auto -F -e php -e nginx
I'm lost with this and even don't know how to search where is error.
With php-7.0.9 – same error.
Related
i have a Problem. My Website is only a White Clean Site. With no Error, like nothing there.
Running Ubuntu 16.04, NGINX and PHP5.6-fpm
/var/run/php/php5.6-fpm.sock is exists.
The Site is running before with my NGINX Settings, here is PHP location
location ~ \.php$ {
#NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
try_files $uri =404;
include fastcgi_params;
fastcgi_intercept_errors on;
fastcgi_pass unix:/var/run/php/php5.6-fpm.sock;
}
Before (Ubuntu 14.04 and PHP5-fpm) it was fastcgi_pass unix:/var/run/php/php5-fpm.sock;
But i cannot install php5-fpm anymore, cause Ubuntu 16.04 doesnt support it.
If i take a look to /var/log/nginx/error.log there is nothing! No Logs from the Site
I dont know what i can do... i tried php7.0 but also same look...
Outputs:
fpm grep
root 2214 0.0 0.1 14236 1024 pts/0 S+ 16:26 0:00 grep --color=auto fpm
root 31797 0.0 2.2 234016 22504 ? Ss 13:15 0:00 php-fpm: master process (/etc/php/5.6/fpm/php-fpm.conf)
www-data 31802 0.0 7.1 280008 72224 ? S 13:15 0:02 php-fpm: pool www
www-data 31803 0.0 5.9 280888 60328 ? S 13:15 0:01 php-fpm: pool www
nginx grep
root 319 0.0 0.2 125368 3040 ? Ss 13:32 0:00 nginx: master process /usr/sbin/nginx -g daemon on; master_process on;
www-data 320 0.0 0.6 125368 6776 ? S 13:32 0:00 nginx: worker process
root 2219 0.0 0.1 14236 1020 pts/0 S+ 16:27 0:00 grep --color=auto nginx
status nginx
nginx.service - A high performance web server and a reverse proxy server
Loaded: loaded (/lib/systemd/system/nginx.service; enabled; vendor preset: enabled)
Active: active (running) since Thu 2017-09-21 13:32:45 CEST; 2h 55min ago
Process: 308 ExecStop=/sbin/start-stop-daemon --quiet --stop --retry QUIT/5 --pidfile /run/nginx.pid (code=exited, status=0/SUCCE
Process: 316 ExecStart=/usr/sbin/nginx -g daemon on; master_process on; (code=exited, status=0/SUCCESS)
Process: 313 ExecStartPre=/usr/sbin/nginx -t -q -g daemon on; master_process on; (code=exited, status=0/SUCCESS)
Main PID: 319 (nginx)
CGroup: /system.slice/nginx.service
├─319 nginx: master process /usr/sbin/nginx -g daemon on; master_process on
└─320 nginx: worker process
Sep 21 13:32:45 Ubuntu-1404-trusty-64-minimal systemd[1]: Starting A high performance web server and a reverse proxy server...
Sep 21 13:32:45 Ubuntu-1404-trusty-64-minimal nginx[313]: nginx: [warn] server name "/var/www/*****.de/htdocs" has suspiciou
Sep 21 13:32:45 Ubuntu-1404-trusty-64-minimal nginx[313]: nginx: [warn] conflicting server name "*****.de" on 0.0.0.0:80, ignored
Sep 21 13:32:45 Ubuntu-1404-trusty-64-minimal nginx[313]: nginx: [warn] conflicting server name "*****.de" on 0.0.0.0:80,
Sep 21 13:32:45 Ubuntu-1404-trusty-64-minimal nginx[316]: nginx: [warn] server name "/var/www/*****.de/htdocs" has suspiciou
Sep 21 13:32:45 Ubuntu-1404-trusty-64-minimal nginx[316]: nginx: [warn] conflicting server name "*****.de" on 0.0.0.0:80, ignored
Sep 21 13:32:45 Ubuntu-1404-trusty-64-minimal nginx[316]: nginx: [warn] conflicting server name "*****.de" on 0.0.0.0:80,
Sep 21 13:32:45 Ubuntu-1404-trusty-64-minimal systemd[1]: nginx.service: Failed to read PID from file /run/nginx.pid: Invalid argum
Sep 21 13:32:45 Ubuntu-1404-trusty-64-minimal systemd[1]: Started A high performance web server and a reverse proxy server.
Nginx returns in browser the page
403 Forbidden
Is it my data:
/etc/nginx/sites-enabled/lar.template
upstream phpapp {
server 127.0.0.1:9000;
}
server {
listen 80;
server_name www.lar.app lar.app;
root /home/vagrant/lar/public;
location / {
index index.php index.html index.htm;
}
location ~ \.php$ {
fastcgi_pass phpapp;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
error_log /var/log/nginx/lar_error.log;
access_log /var/log/nginx/lar_access.log;
}
/etc/nginx/nginx.conf
user vagrant;
worker_processes 1;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*.*;
}
/etc/opt/remi/php71/php-fpm.d/www.conf
; Unix user/group of processes
; Note: The user is mandatory. If the group is not set, the default user's group
; will be used.
; RPM: apache Choosed to be able to access some dir as httpd
user = vagrant
; RPM: Keep a group allowed to write in log dir.
group = vagrant
listen = 127.0.0.1:9000
; Set permissions for unix socket, if one is used. In Linux, read/write
; permissions must be set in order to allow connections from a web server.
; Default Values: user and group are set as the running user
; mode is set to 0660
listen.owner = vagrant
listen.group = vagrant
$ ls -l /home/vagrant/lar
drwxrwxr-x. 1 vagrant vagrant 4096 дек 3 09:03 app
-rwxrwxr-x. 1 vagrant vagrant 1646 дек 3 09:03 artisan
drwxrwxr-x. 1 vagrant vagrant 4096 дек 3 09:03 bootstrap
-rw-rw-r--. 1 vagrant vagrant 1283 дек 3 09:03 composer.json
-rw-rw-r--. 1 vagrant vagrant 124490 дек 3 09:15 composer.lock
drwxrwxr-x. 1 vagrant vagrant 4096 дек 3 09:03 config
drwxrwxr-x. 1 vagrant vagrant 4096 дек 3 09:03 database
-rw-rw-r--. 1 vagrant vagrant 558 дек 3 09:03 gulpfile.js
-rw-rw-r--. 1 vagrant vagrant 401 дек 3 09:03 package.json
-rw-rw-r--. 1 vagrant vagrant 930 дек 3 09:03 phpunit.xml
drwxrwxr-x. 1 vagrant vagrant 4096 дек 3 09:03 public
-rw-rw-r--. 1 vagrant vagrant 1918 дек 3 09:03 readme.md
drwxrwxr-x. 1 vagrant vagrant 4096 дек 3 09:03 resources
drwxrwxr-x. 1 vagrant vagrant 4096 дек 3 09:03 routes
-rw-rw-r--. 1 vagrant vagrant 563 дек 3 09:03 server.php
drwxrwxr-x. 1 vagrant vagrant 4096 дек 3 09:03 storage
drwxrwxr-x. 1 vagrant vagrant 4096 дек 3 09:03 tests
drwxrwxr-x. 1 vagrant vagrant 4096 дек 3 09:15 vendor
ps -aux | grep php
root 1080 0.0 1.9 578248 37264 ? Ss 09:40 0:01 php-fpm: master process (/etc/opt/remi/php71/php-fpm.conf)
vagrant 2334 0.0 0.5 578248 9752 ? S 09:40 0:00 php-fpm: pool www
vagrant 2335 0.0 0.5 578248 9752 ? S 09:40 0:00 php-fpm: pool www
vagrant 2336 0.0 0.5 578248 9752 ? S 09:40 0:00 php-fpm: pool www
vagrant 2337 0.0 0.5 578248 9752 ? S 09:40 0:00 php-fpm: pool www
vagrant 2338 0.0 0.5 578248 9756 ? S 09:40 0:00 php-fpm: pool www
vagrant 6838 0.0 0.0 112672 972 pts/0 D+ 11:53 0:00 grep --color=auto php
ps -aux | grep nginx
root 1617 0.0 0.0 47792 1232 ? Ss 09:40 0:00 nginx: master process /usr/sbin/nginx -c /etc/nginx/nginx.conf
vagrant 1618 0.0 0.1 48328 2240 ? S 09:40 0:00 nginx: worker process
vagrant 6840 0.0 0.0 112672 976 pts/0 R+ 11:55 0:00 grep --color=auto nginx
lar_error.log
2016/12/03 09:40:54 [error] 1618#1618: *1
"/home/vagrant/lar/public/index.php" is forbidden (13: Permission
denied), client: 192.168.5.1, server: www.lar.app, request: "GET /
HTTP/1.1", host: "lar.app" 2016/12/03 09:40:54 [error] 1618#1618: *1
open() "/home/vagrant/lar/public/favicon.ico" failed (13: Permission
denied), client: 192.168.5.1, server: www.lar.app, request: "GET
/favicon.ico HTTP/1.1", host: "lar.app" 2016/12/03 09:40:54 [error]
1618#1618: *1 open() "/home/vagrant/lar/public/favicon.ico" failed
(13: Permission denied), client: 192.168.5.1, server:
$ groups vagrant
vagrant: vagrant nginx apache
What is the cause here? Thanks in advance
I'm seeing the following error in my nginx logs on my Ubuntu machine:
[crit] 14697#0: *1 connect() to unix:/home/php/run/php-fpm.sock failed (13: Permission denied) while connecting to upstream, client: x.y.z.w, server: mydomain.org, request: "GET / HTTP/1.1", upstream: "fastcgi://unix:/home/php/run/php-fpm.sock:", host: "mydomain.org"
Here are the permissions on the socket:
$ ll /home/php/run
total 8.0K
drwxr-xr-x 2 php php 4.0K Jan 10 18:56 .
drwxr-xr-x 12 php php 4.0K Jan 9 17:33 ..
srw-rw---- 1 php php 0 Jan 10 18:56 php-fpm.sock
The "nginx" process is run as the nginx user:
$ ps aux | grep nginx | grep -v grep
root 14694 0.0 0.3 88732 1784 ? Ss 19:08 0:00 nginx: master process /home/nginx/sbin/nginx -c /home/nginx/conf/nginx.conf
nginx 14697 0.0 1.0 88732 5112 ? S 19:08 0:00 nginx: worker process
I added the nginx user to the "php" group:
$ groups nginx
nginx : php
I tried restarting both nginx and php-fpm after doing so but I got the same failure. I am confused because the socket has permissions of 660, which should give read and write permissions to members of the php group. I'm also confused because the file appears writeable; if I run su - nginx and then run
$ test -w /home/php/run/php-fpm.sock ; echo $?
0
which seems to indicate that the nginx user can write to the socket. Why can't nginx write to the socket? What other information do I need to solve this problem?
I am having some permission issues with Nginx and Php fastcgi when trying to get to the php file. I am using 5.5.15 and Nginx 1.6.0 in Redhat 7 .
My php file is very simple for now.
<?php
echo "\nscript owner : ".get_current_user()."\n";
$myFile = '/usr/share/nginx/html/test.log';
$fh = fopen($myFile, 'a') or die("can''t open file");
?>
Get current user will result in : "myuser"
The error that I am getting is the following:
2014/08/26 22:47:14 [error] 6424#0: *16 FastCGI sent in stderr: "PHP message: PHP Warning: fopen(/usr/share/nginx/html/test.log): failed to open stream: Permission denied in /usr/share/nginx/html/test.php on line 19" while reading response header from upstream, client: XXXXXX, server: XXXXXXX, request: "GET /test.php HTTP/1.1", upstream: "fastcgi://127.0.0.1:9000", host: "XXXXXXX"
Here is the permissions for the directory /usr/share/nginx( all of the parent directories have x permissions):
drwxrwsrwx. 4 myuser myuser 4096 Aug 26 22:32 html
Running the following commands:
$ ps aux | grep "nginx: worker process"
myuser 6423 0.0 0.3 111228 3880 ? S 22:36 0:00 nginx: worker process
myuser 6424 0.0 0.5 111228 5428 ? S 22:36 0:00 nginx: worker process
myuser 6480 0.0 0.0 112640 980 pts/0 R+ 22:41 0:00 grep --color=auto nginx: worker process
$ ps aux | grep "php"
myuser 5930 0.0 0.1 128616 1860 pts/0 T 21:09 0:00 vi /etc/php-fpm.conf
myuser 5931 0.0 0.2 128628 2052 pts/0 T 21:09 0:00 vi /etc/php.ini
myuser 5933 0.0 0.1 128616 1864 pts/0 T 21:13 0:00 vi /etc/php-fpm.conf
myuser 5934 0.0 0.1 128616 1860 pts/0 T 21:14 0:00 vi /etc/php-fpm.d/www.conf
myuser 5935 0.0 0.1 128616 1864 pts/0 T 21:15 0:00 vi /etc/php-fpm.conf
root 6313 0.0 2.4 544732 25208 ? Ss 22:25 0:00 php-fpm: master process (/etc/php-fpm.conf)
myuser 6314 0.0 0.8 544732 8356 ? S 22:25 0:00 php-fpm: pool www
myuser 6315 0.0 0.8 544732 8328 ? S 22:25 0:00 php-fpm: pool www
myuser 6316 0.0 0.9 545076 9892 ? S 22:25 0:00 php-fpm: pool www
myuser 6317 0.0 0.9 544860 9452 ? S 22:25 0:00 php-fpm: pool www
myuser 6318 0.0 0.9 544860 9212 ? S 22:25 0:00 php-fpm: pool www
myuser 6483 0.0 0.0 112640 976 pts/0 R+ 22:47 0:00 grep --color=auto php
My Server looks like the following:
server {
listen 80;
root /usr/share/nginx/html;
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
And in the nginx.config I am using the same user: "user ec2-user;"
I have also changed the /etc/php-fpm.d/www.conf file to have the same user and group.
user = myuser
group = myuser
So, both Nginx and PHP are running on the same user "myuser".
All the directories up to where the log file and the php file are located(/usr/share/nginx/html) have x access and that user has 777 access to that html directory.
Not sure what I am missing. I have been searching online for 2 days now but no luck.
I suppose rights are correct, but you have 3 line of code in test.php, but due to error this is not true :) Check what file you run.
"in /usr/share/nginx/html/test.php on line 19"
Environment
PHP -V output: PHP 5.3.5-1ubuntu7.2 with Suhosin-Patch (cli) (built: May 2 2011 23:00:17) Copyright (c) 1997-2009 The PHP Group Zend Engine v2.3.0, Copyright (c) 1998-2010 Zend Technologies
cat /etc/issue output: Ubuntu 11.04
Apache2 -V ouput: Server version: Apache/2.2.17 (Ubuntu) Server built: Sep 1 2011 09:31:14
Browser About output: Firefox 6.0.2
PS -AUX Ouput
root 2943 0.0 0.3 206420 12428 ? Ss Sep19 0:20 /usr/sbin/apache2 -k start
www-data 18658 0.0 0.2 208552 11096 ? S Sep25 0:00 /usr/sbin/apache2 -k start
www-data 18659 0.0 0.3 208976 12036 ? S Sep25 0:00 /usr/sbin/apache2 -k start
www-data 18660 0.0 0.3 210532 12476 ? S Sep25 0:00 /usr/sbin/apache2 -k start
www-data 18661 0.0 0.3 210276 11820 ? S Sep25 0:00 /usr/sbin/apache2 -k start
www-data 18662 0.0 0.2 206948 10236 ? S Sep25 0:00 /usr/sbin/apache2 -k start
www-data 20037 0.0 0.3 208976 12128 ? S 08:22 0:00 /usr/sbin/apache2 -k start
www-data 20039 0.0 0.3 209132 11748 ? S 08:23 0:00 /usr/sbin/apache2 -k start
www-data 20120 0.0 0.3 209004 12000 ? S 09:04 0:00 /usr/sbin/apache2 -k start
File Permissions
drwxr-xr-x 2 www-data www-data 4096 2011-09-26 15:24 .
drwxr-xr-x 4 www-data www-data 4096 2011-08-26 11:31 ..
-rw-r--r-- 1 root root 161976 2011-08-26 16:26 market.txt
-rw-r--r-- 1 root root 0 2011-09-26 14:55 test1.txt
-rw-r--r-- 1 root root 0 2011-09-26 14:55 test2.txt
-rw-r--r-- 1 root root 0 2011-09-26 14:55 test3.txt
-rw-r--r-- 1 root root 0 2011-09-26 14:55 test4.txt
-rw-r--r-- 1 root root 0 2011-09-26 15:02 test5.txt
Code
rename($file, "$dest/$file");
Question
When I run the above code on the files listed in the File Permissions section above, it properly moves the file from its current location to a new location and removes the original. How is this possible when apache2 is running as www-data and the files are owned by root and only have read access for non-root users? On the PHP documentation it says:
Warnings may be generated if the destination filesystem doesn't permit chown() or chmod() system calls to be made on files — for example, if the destination filesystem is a FAT filesystem.
Does rename() call either of those system functions during the process? If so, why? Not that it matters anyway as www-data should not be able to chown/chmod a file owned by root anyway.
Can anyone explain to me how this is occuring?
Additional Information
I have tried this with the PHP script owned by root and by www-data and it works.
I tried to provide as much pertinent info as possible but let me know if you need anything else.
Moves don't "remove" originals, unless the move takes place across filesystem boundaries. Within a single filesystem, a move simply rewrites the relevant directory entries so it APPEARS that you've copied/deleted the file, but all you've done is a bit of housekeeping. Since www-data owns the directories in question, it can rewrite the directory entries representing those files all it wants, and never touch the actual files.
When moving files you are not editing the files themselves, but rather the directory they are part of. In your case that directory is owned by www-data (the apache process)