无法以 shell 用户身份执行 PHP,因为存在套接字拥有权问题。

huangapple go评论91阅读模式
英文:

Unable to execute php as shell user for a ownership problem with socket

问题

我正在运行Apache + PHP作为FPMDebian 11(Bullseye)上。我需要并且不能更改这些!

我的PHP www池包含

user = shell_user
group = shell_user

此外,Apache以相同的方式配置运行。

当我重新启动PHP服务(以root用户身份)时,出现了以下问题:

cd /run/php
systemctl start php7.4-fpm.service
ls -la /run/php/

输出:

total 4
drwxr-xr-x  2 www-data www-data 100 Jun  5 11:07 .
drwxr-xr-x 23 root     root     700 Jun  5 10:53 ..
-rw-r--r--  1 root     root       5 Jun  5 11:07 php7.4-fpm.pid
srw-rw----  1 www-data www-data   0 Jun  5 11:07 php7.4-fpm.sock
lrwxrwxrwx  1 root     root      30 Jun  5 09:50 php-fpm.sock -> /etc/alternatives/php-fpm.sock

正如您所看到的,.sock文件仍然由www-data:www-data拥有。

因此,当我从Web浏览器加载PHP文件时,浏览器会显示503错误,并且Apache的错误日志文件中会显示以下内容:

[Mon Jun 05 11:03:25.599836 2023] [proxy:error] [pid 19819:tid 139705513932544] (13)Permission denied: AH02454: FCGI: attempt to connect to Unix domain socket /run/php/php7.4-fpm.sock (*:80) failed

如果我手动更改sock的所有权为www-data:shell_user,则可以正常工作。

但我必须确保在重新启动或服务重启后一切都能正常工作。

英文:

I am running Apache + PHP as FPM on a Debian 11 (Bullseye). I need and cannot change these!

My PHP www pool contains

user = shell_user
group = shell_user

Also, Apache is running configured in the same way.

When I restarted the PHP service (as root) I got this problem:

cd /run/php
systemctl start php7.4-fpm.service
ls -la /run/php/

Output:

total 4
drwxr-xr-x  2 www-data www-data 100 Jun  5 11:07 .
drwxr-xr-x 23 root     root     700 Jun  5 10:53 ..
-rw-r--r--  1 root     root       5 Jun  5 11:07 php7.4-fpm.pid
srw-rw----  1 www-data www-data   0 Jun  5 11:07 php7.4-fpm.sock
lrwxrwxrwx  1 root     root      30 Jun  5 09:50 php-fpm.sock -> /etc/alternatives/php-fpm.sock

As you can see, the .sock file is created anyway as owned by www-data:www-data.

So, when I load a PHP file from web browser, I got a 503 error into the browser and this in the error log file of Apache:

[Mon Jun 05 11:03:25.599836 2023] [proxy:error] [pid 19819:tid 139705513932544] (13)Permission denied: AH02454: FCGI: attempt to connect to Unix domain socket /run/php/php7.4-fpm.sock (*:80) failed

If I change the sock ownership manually as www-data:shell_user, it works.

But I must ensure that all should work as expected even after a reboot or a service restart.

答案1

得分: 0

已解决。

在PHP的www池配置文件中,我还需要设置

listen.owner = shell_user
listen.group = shell_user

英文:

Solved.

In the PHP www pool config file I need also to set

listen.owner = shell_user
listen.group = shell_user

huangapple
  • 本文由 发表于 2023年6月5日 17:10:27
  • 转载请务必保留本文链接:https://go.coder-hub.com/76404967.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定