LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices


Reply
  Search this Thread
Old 06-24-2011, 01:43 PM   #1
fantasygoat
Member
 
Registered: Sep 2009
Posts: 119

Rep: Reputation: 17
PHP-FPM and permissions


I'm trying to get nginx + php-fpm working together and so far so good - except I've run into a weird permissions issue.

Unless I set a content directory to 777, php-fpm cannot access the files, *even though they are owned by the same user php-fpm is running as*.

So, for example:

Quote:
root 13301 0.0 0.0 364416 5960 ? Ss 14:30 0:00 php-fpm: master process (/etc/php-fpm.conf)
nginx 13302 0.0 0.1 370768 16416 ? S 14:30 0:00 php-fpm: pool www
nginx 13303 0.1 0.1 368476 13024 ? S 14:30 0:00 php-fpm: pool www
nginx 13304 0.0 0.1 369008 13380 ? S 14:30 0:00 php-fpm: pool www
nginx 13305 0.0 0.1 368492 12920 ? S 14:30 0:00 php-fpm: pool www
nginx 13306 0.0 0.1 368484 12980 ? S 14:30 0:00 php-fpm: pool www
nginx 13310 0.0 0.1 368444 13044 ? S 14:30 0:00 php-fpm: pool www
nginx 13313 0.0 0.1 368240 12340 ? S 14:33 0:00 php-fpm: pool www

# ls -la
-rwxrwx--- 1 nginx nginx 4510 Jun 14 15:21 media/video/default.png*
The above should work, but it generates an access denied error.

Once I change it to 777 it works, so it's not accessing it as the "nginx" user or group.

Any clues?
 
Old 06-29-2011, 03:43 AM   #2
Web31337
Member
 
Registered: Sep 2009
Location: Russia
Distribution: Gentoo, LFS
Posts: 399
Blog Entries: 71

Rep: Reputation: 65
it must. use nginx shell(su nginx) to check your access rights. otherwise, if you can access it from shell, your php must be broken or running with "secure" config.
what exact error do you get and from where?
pastebin your nginx.conf, php-fpm.conf and php.ini.
 
Old 06-29-2011, 10:10 AM   #3
fantasygoat
Member
 
Registered: Sep 2009
Posts: 119

Original Poster
Rep: Reputation: 17
Here's my nginx config:

Quote:
user nginx;
worker_processes 1;

error_log /var/log/nginx/error.log;
pid /var/run/nginx.pid;

events {
worker_connections 1024;
}

http {
include /etc/nginx/mime.types;
default_type application/octet-stream;

log_format main '$http_x_forwarded_for - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$remote_addr"';

access_log /var/log/nginx/access.log main;

sendfile on;

keepalive_timeout 10 10;

gzip on;
gzip_comp_level 1;
gzip_proxied any;

ssl_certificate /etc/nginx/ssl/cert.pem;
ssl_certificate_key /etc/nginx/ssl/cert.key;

server {
listen :81;
listen :444 default ssl;
server_name _;

client_max_body_size 16M;

root /www/current/public;
index index.php;

location / {
if (-f $request_filename) {
break;
}

if (!-e $request_filename) {
rewrite ^(.+)$ /index.php$1 last;
break;
}
}

location ~ ^/index.php {
fastcgi_pass 127.0.0.1:9000;
fastcgi_param SCRIPT_FILENAME /www/current/public$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_script_name;
include fastcgi_params;
}

error_page 404 /404-error.html;
}
}
The php.ini and php-fpm.conf are both the defaults.

Here's php-fpm.d/www.conf:

Quote:
listen = 127.0.0.1:9000
listen.allowed_clients = 127.0.0.1

listen.owner = nginx
listen.group = nginx

user = nginx
group = nginx

pm = dynamic
pm.max_children = 50
pm.start_servers = 5
pm.min_spare_servers = 5
pm.max_spare_servers = 35
pm.status_path = /status
ping.path = /ping
php_admin_value[error_log] = /var/log/php-fpm/www-error.log
php_admin_flag[log_errors] = on
Nothing I see in any of them would indicate an issue.

The media directory is an NFS4 mount, but as the nginx user I have no issues accessing files on it.
 
Old 06-29-2011, 10:26 AM   #4
fantasygoat
Member
 
Registered: Sep 2009
Posts: 119

Original Poster
Rep: Reputation: 17
I take it back - the nginx user cannot edit files on the NFS4 share.

Is there some option I'm missing on my share?

Quote:
/exports 172.23.6.0/255.255.255.0(rw,no_root_squash,fsid=0)
/exports/media 172.23.6.0/255.255.255.0(rw,no_root_squash)
fstab:

Quote:
media1:/media /exports/media nfs4 defaults,soft,noatime 0 0
 
Old 06-29-2011, 01:44 PM   #5
Web31337
Member
 
Registered: Sep 2009
Location: Russia
Distribution: Gentoo, LFS
Posts: 399
Blog Entries: 71

Rep: Reputation: 65
what exact error do you get and from where? what does nginx/php access/error logs say?
 
Old 06-29-2011, 01:51 PM   #6
fantasygoat
Member
 
Registered: Sep 2009
Posts: 119

Original Poster
Rep: Reputation: 17
Turned out to be a UID issue. Another admin had set the UIDs on one of the boxes wrong. Once we matched them up, the issue was fixed.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Problem with php-fpm error logging LMW Linux - Server 0 06-08-2011 09:38 PM
request shipping php-fpm with php in -current repo cowyn Slackware 1 04-03-2011 05:29 PM
apache with php/suexec/fpm/fastcgi? hoodez Linux - Server 0 07-23-2010 01:26 AM
LXer: Installing Nginx With PHP 5.3 And PHP-FPM On Ubuntu Lucid Lynx (10.04) LXer Syndicated Linux News 0 06-14-2010 11:42 PM
LXer: Installing PHP 5.3, Nginx And PHP-fpm On Ubuntu/Debian LXer Syndicated Linux News 0 02-10-2010 05:40 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Server

All times are GMT -5. The time now is 03:07 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration