Scheduled Maintenance: We are aware of an issue with Google, AOL, and Yahoo services as email providers which are blocking new registrations. We are trying to fix the issue and we have several internal and external support tickets in process to resolve the issue. Please see: viewtopic.php?t=158230

 

 

 

PHP7-FPM pool not running with my specific user

If none of the specific sub-forums seem right for your thread, ask here.
Post Reply
Message
Author
anto60
Posts: 9
Joined: 2016-12-04 16:34

PHP7-FPM pool not running with my specific user

#1 Post by anto60 »

Hi all.
I installed on my Debian Jessie PHP 7.0 with fpm and Apache and i have defined two fpm pools with not system users.
My problem is that, if i check the process owner, is www-data of Apache and not my users.

I installed these packages: php7.0 php7.0-fpm php7.0-gd php7.0-mysql apache2 php-pear
then i enabled PHP 7.0 FPM in apache with:
a2enmod proxy_fcgi setenvif
a2enconf php7.0-fpm

Then I created two fpm pools and verified service with the following command:
systemctl status php7.0-fpm.service

● php7.0-fpm.service - The PHP 7.0 FastCGI Process Manager
Loaded: loaded (/lib/systemd/system/php7.0-fpm.service; enabled)
Active: active (running) since mar 2017-05-09 16:49:15 CEST; 21h ago
Docs: man:php-fpm7.0(8)
Main PID: 438 (php-fpm7.0)
Status: "Processes active: 0, idle: 6, Requests: 4, slow: 0, Traffic: 0req/sec"
CGroup: /system.slice/php7.0-fpm.service
├─438 php-fpm: master process (/etc/php/7.0/fpm/php-fpm.conf)
├─490 php-fpm: pool test1
├─491 php-fpm: pool test1
├─492 php-fpm: pool test2
├─493 php-fpm: pool test2
├─494 php-fpm: pool www
└─495 php-fpm: pool www

mag 09 16:49:15 webtest systemd[1]: Started The PHP 7.0 FastCGI Process Manager

I configured the FPM Pools using these values:

; pool name ('www' here)
[test1]
…………………………………….
; Unix user/group of processes
; Note: The user is mandatory. If the group is not set, the default user's group
; will be used.
user = test1
group = test1

……………………….
; Note: This value is mandatory.
listen = /run/php/php7.0-fpm.test1.sock

; Set listen(2) backlog.
; Default Value: 511 (-1 on FreeBSD and OpenBSD)
;listen.backlog = 511

; Set permissions for unix socket, if one is used. In Linux, read/write
; permissions must be set in order to allow connections from a web server. Many
; BSD-derived systems allow connections regardless of permissions.
; Default Values: user and group are set as the running user
; mode is set to 0660
listen.owner = test1
listen.group = test1
;listen.owner = www-data
;listen.group = www-data

listen.mode = 0660

This is /etc/apache2/conf-enabled/php7.0-fpm.conf:
# Redirect to local php-fpm if mod_php is not available
<IfModule !mod_php7.c>
<IfModule proxy_fcgi_module>
# Enable http authorization headers
<IfModule setenvif_module>
SetEnvIfNoCase ^Authorization$ "(.+)" HTTP_AUTHORIZATION=$1
</IfModule>

<FilesMatch ".+\.ph(p[3457]?|t|tml)$">
SetHandler "proxy:unix:/run/php/php7.0-fpm.sock|fcgi://localhost"
</FilesMatch>
<FilesMatch ".+\.phps$">
# Deny access to raw php sources by default
# To re-enable it's recommended to enable access to the files
# only in specific virtual host or directory
Require all denied
</FilesMatch>
# Deny access to files without filename (e.g. '.php')
<FilesMatch "^\.ph(p[3457]?|t|tml|ps)$">
Require all denied
</FilesMatch>
</IfModule>
</IfModule>

and this a example of one Virtual Host in /etc/apache2/sites-available/test1.conf

<VirtualHost *:80>
ServerName test1.x.y
ServerAdmin webmaster@localhost
DocumentRoot /var/www/test1
#
ErrorLog ${APACHE_LOG_DIR}/test1-error.log
CustomLog ${APACHE_LOG_DIR}/test1-access.log combined

</VirtualHost>

Then i created a file called test.php in one DocumentRoot (e.g. /var/www/test1/test.php):

<?php
/* test.php */
phpinfo();
?>

If when type url: http://my-domain/test.php i get www-data and not test1

Why? May you help me, please? Many thanks.

User avatar
debiman
Posts: 3063
Joined: 2013-03-12 07:18

Re: PHP7-FPM pool not running with my specific user

#2 Post by debiman »

anto60 wrote:if i check the process owner, is www-data of Apache and not my users.
that is normal.
you can change it in /etc/apache2/ (forgot the name of the config file; maybe envvars.conf?) but i wouldn't recommend it.
then restart apache2: systemctl restart apache2
should be enough.

i have to ask, how did you install php 7? it is not standard in debian jessie.

anto60
Posts: 9
Joined: 2016-12-04 16:34

Re: PHP7-FPM pool not running with my specific user

#3 Post by anto60 »

Thanks.
I thought that must be "test1" not www-data.

I have read the "How to install PHP 7 on Debian Linux 8.7/7.x [jessie/wheezy]" tutorial on https://www.cyberciti.biz/faq/installin ... g-apt-get/.

I cleaned my old apache and php configurations and followed the directions, in this way the system created the important file/etc/apache2/conf-enabled/php7.0-fpm.conf.

I would like to use WordPress and i configured the web area of single user with these owners: (user1: www-data), (user2:www-data), ... in this way i can execute one script to read and write a file. The problem is that the file has created with www-data:www-data owners but i can clean or modify it.
Any advice?

User avatar
debiman
Posts: 3063
Joined: 2013-03-12 07:18

Re: PHP7-FPM pool not running with my specific user

#4 Post by debiman »

not exactly, but this is a very common problem on LAMP servers.
please try a search like "apache www-data permission problem"

anto60
Posts: 9
Joined: 2016-12-04 16:34

Re: PHP7-FPM pool not running with my specific user

#5 Post by anto60 »

Yes, for this reason I have assigned user test1 and test2 to my folders and files and the www-data how group.

But I would try Debian 9 with Apache, PHP7 and FPM.

Many thanks.

Post Reply