php-fpm监听文件拒绝访问
朱高丽
nginx与php-fpm有两种通信方式: tcp socket 和 unix socket。对于第一种,php-fpm通常监听本机的9000端口,对于第二种,php-fpm通常监听本机的一个sock文件。今天遇到一个问题,分别配置并启动nginx和php-fpm后,当nginx处理来自浏览器的PHP文件请求时,log文件中报以下错误:
[crit] 14881#14881: *17 connect() to unix:/run/php/php7.2-fpm.sock failed (13: Permission denied)
while connecting to upstream, client: 127.0.0.1, server: , request: "GET /index.php HTTP/1.1",
upstream: "fastcgi://unix:/run/php/php7.2-fpm.sock:", host: "localhost"其中,php-fpm的监听文件正是 /run/php/php7.2-fpm.sock,从错误信息来看,是nginx没有权限连接sock文件。解决的方法是,在ngxin中配置与php-fpm中相同的user信息,在这里假设都为www-data,如下面两幅图所示:
nginx配置文件:
# For more information on configuration, see:
# * Official English Documentation: http://nginx.org/en/docs/
# * Official Russian Documentation: http://nginx.org/ru/docs/
user www-data;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
php-fpm配置文件:
; Unix user/group of processes
; Note: The user is mandatory. If the group is not set, the default user's group
; will be used.
user = www-data
group = www-data
; The address on which to accept FastCGI requests.
; Valid syntaxes are:
; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific IPv4 address on
; a specific port;
; '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on
; a specific port;
; 'port' - to listen on a TCP socket to all addresses
; (IPv6 and IPv4-mapped) on a specific port;
; '/path/to/unix/socket' - to listen on a unix socket.
; Note: This value is mandatory.
listen = /run/php/php7.2-fpm.sock
; Set listen(2) backlog.
; Default Value: 511 (-1 on FreeBSD and OpenBSD)
;listen.backlog = 511
; Set permissions for unix socket, if one is used. In Linux, read/write
; permissions must be set in order to allow connections from a web server. Many
; BSD-derived systems allow connections regardless of permissions.
; Default Values: user and group are set as the running user
; mode is set to 0660
listen.owner = www-data
listen.group = www-data
类似资料: