PHP FPM gives permission denied?nginx + PHP-FPM = “permission denied” error 13 in nginx log; configuration mistake?Blank Page: wordpress on nginx+php-fpmPHP-FPM issue on LEMP Stack and WordPressphpmyadmin having problems on nginx and php-fpm on RHEL 6PHP-FPM/nginx-SELinux: No input file specifiedNGINX don't parse .php5 as .phpNginx PHP-fpm permissionnginx and php-fpm “Primary script unknown”nginx PHP files downloading instead of executingFastCGI: Access deniedWordpress overloads LEMP
Does expanded replace the romannumeral trick for expansion?
To kill a cuckoo
Do publishers care if submitted work has already been copyrighted?
Would you use "llamarse" for an animal's name?
History of the kernel of a homomorphism?
Is an HNN extension of a virtually torsion-free group virtually torsion-free?
Nested loops to process groups of pictures
Which sphere is fastest?
Checking if two expressions are related
Is it normal for gliders not to have attitude indicators?
Dihedral group D4 composition with custom labels
Why do these characters still seem to be the same age after the events of Endgame?
Is Benjen dead?
Why did WWI include Japan?
Should I mention being denied entry to UK due to a confusion in my Visa and Ticket bookings?
GitLab account hacked and repo wiped
Where are the "shires" in the UK?
Correct way of drawing empty, half-filled and fully filled circles?
Dangerous workplace travelling
How to pass hash as password to ssh server
Can my 2 children, aged 10 and 12, who are US citizens, travel to the USA on expired American passports?
Voltage Balun 1:1
How can I get people to remember my character's gender?
What do "Sech" and "Vich" mean in this sentence?
PHP FPM gives permission denied?
nginx + PHP-FPM = “permission denied” error 13 in nginx log; configuration mistake?Blank Page: wordpress on nginx+php-fpmPHP-FPM issue on LEMP Stack and WordPressphpmyadmin having problems on nginx and php-fpm on RHEL 6PHP-FPM/nginx-SELinux: No input file specifiedNGINX don't parse .php5 as .phpNginx PHP-fpm permissionnginx and php-fpm “Primary script unknown”nginx PHP files downloading instead of executingFastCGI: Access deniedWordpress overloads LEMP
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty height:90px;width:728px;box-sizing:border-box;
I read several entries on why PHP-FPM might give me permission denied but I can not solve it.
The error logs read like:
2013/04/20 23:33:28 [crit] 15479#0: *6 open() "/var/lib/nginx/tmp/fastcgi
/2/00/0000000002" failed (13: Permission denied) while reading upstream, client:
99.999.999.999, server: example.net, request: "GET /wp-admin/ HTTP/1.1",
upstream: "fastcgi://unix:/tmp/php-fpm.sock:", host: "example.net", referrer:
"http://example.net/"
Im a little but lost:
- I have set the /var/lib/nginx/tmp to ec2-user (i even +777 everything to check)
- I have set the /tmp/php-fpm.sock to ec2-user
- the nginx conf file is set to ec2-user
- the php-conf is set to user and group ec2-user
- ps aux gives ec2-user on all php-fpm and nginx processes
My Nginx Configuration includes a lot of files , the basic conf is:
user ec2-user ec2-user;
worker_processes 5;
error_log /opt/nginx/error.log;
pid /var/run/nginx.pid;
events
worker_connections 1024;
http
include mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /opt/nginx/access.log main;
sendfile on;
keepalive_timeout 65;
client_max_body_size 13m;
index index.php index.html index.htm;
upstream php
server unix:/tmp/php-fpm.sock;
include /etc/nginx/conf.d/*.conf;
include /mnt/web/nginx/conf.d/*.conf;
my /etc/nginx/conf.d/ is empty
my /mnt/web/nginx/conf.d contain A LOT of website configurations which all include "wordpress.conf":
location /
try_files $uri $uri/ /index.php?$args;
rewrite /wp-admin$ $scheme://$host$uri/ permanent;
location ~* .(js|css|png|jpg|jpeg|gif|ico)$
expires 24h;
log_not_found off;
location ~ .php$
try_files $uri =404;
fastcgi_split_path_info ^(.+.php)(/.+)$;
include fastcgi_params;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_pass php;
My /opt/php/etc/php-fpm.conf:
include=/opt/php/etc/fpm.d/*.conf
pid = run/php-fpm.pid
error_log = log/php-fpm.log
log_level = notice
[www]
listen = /tmp/php-fpm.sock
user = ec2-user
group = ec2-user
pm = dynamic
pm.max_children = 250
pm.start_servers = 20
pm.min_spare_servers = 5
pm.max_spare_servers = 35
pm.max_requests = 500
pm.status_path = /fpm-status
ping.path = /fpm-ping
slowlog = log/$pool.log.slow
catch_workers_output = yes
UPDATE: found the problem, put it in the answer
nginx amazon-ec2 php-fpm
asked Apr 20 '13 at 23:43
edelwateredelwater
3121311
|
show 8 more comments
I read several entries on why PHP-FPM might give me permission denied but I can not solve it.
The error logs read like:
2013/04/20 23:33:28 [crit] 15479#0: *6 open() "/var/lib/nginx/tmp/fastcgi
/2/00/0000000002" failed (13: Permission denied) while reading upstream, client:
99.999.999.999, server: example.net, request: "GET /wp-admin/ HTTP/1.1",
upstream: "fastcgi://unix:/tmp/php-fpm.sock:", host: "example.net", referrer:
"http://example.net/"
Im a little but lost:
- I have set the /var/lib/nginx/tmp to ec2-user (i even +777 everything to check)
- I have set the /tmp/php-fpm.sock to ec2-user
- the nginx conf file is set to ec2-user
- the php-conf is set to user and group ec2-user
- ps aux gives ec2-user on all php-fpm and nginx processes
My Nginx Configuration includes a lot of files , the basic conf is:
user ec2-user ec2-user;
worker_processes 5;
error_log /opt/nginx/error.log;
pid /var/run/nginx.pid;
events
worker_connections 1024;
http
include mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /opt/nginx/access.log main;
sendfile on;
keepalive_timeout 65;
client_max_body_size 13m;
index index.php index.html index.htm;
upstream php
server unix:/tmp/php-fpm.sock;
include /etc/nginx/conf.d/*.conf;
include /mnt/web/nginx/conf.d/*.conf;
my /etc/nginx/conf.d/ is empty
my /mnt/web/nginx/conf.d contain A LOT of website configurations which all include "wordpress.conf":
location /
try_files $uri $uri/ /index.php?$args;
rewrite /wp-admin$ $scheme://$host$uri/ permanent;
location ~* .(js|css|png|jpg|jpeg|gif|ico)$
expires 24h;
log_not_found off;
location ~ .php$
try_files $uri =404;
fastcgi_split_path_info ^(.+.php)(/.+)$;
include fastcgi_params;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_pass php;
My /opt/php/etc/php-fpm.conf:
include=/opt/php/etc/fpm.d/*.conf
pid = run/php-fpm.pid
error_log = log/php-fpm.log
log_level = notice
[www]
listen = /tmp/php-fpm.sock
user = ec2-user
group = ec2-user
pm = dynamic
pm.max_children = 250
pm.start_servers = 20
pm.min_spare_servers = 5
pm.max_spare_servers = 35
pm.max_requests = 500
pm.status_path = /fpm-status
ping.path = /fpm-ping
slowlog = log/$pool.log.slow
catch_workers_output = yes
UPDATE: found the problem, put it in the answer
nginx amazon-ec2 php-fpm
asked Apr 20 '13 at 23:43
edelwateredelwater
3121311
1
is selinux enabled ? run getenforce or cat /selinux/enforce if is not 0 is enabled
– silviud
Apr 20 '13 at 23:48
1
What's the rest of your nginx configuration?
– Michael Hampton♦
Apr 20 '13 at 23:51
1
your socket from log file is /tmp/php-fpm.sock but you changed /var/lib/nginx/tmp - did you do chroot in nginx ?
– silviud
Apr 20 '13 at 23:51
1
send the output from the command mount
– silviud
Apr 21 '13 at 0:12
1
also look that all directories in your home ... see serverfault.com/questions/170192/…
– silviud
Apr 21 '13 at 0:50
|
show 8 more comments
I read several entries on why PHP-FPM might give me permission denied but I can not solve it.
The error logs read like:
2013/04/20 23:33:28 [crit] 15479#0: *6 open() "/var/lib/nginx/tmp/fastcgi
/2/00/0000000002" failed (13: Permission denied) while reading upstream, client:
99.999.999.999, server: example.net, request: "GET /wp-admin/ HTTP/1.1",
upstream: "fastcgi://unix:/tmp/php-fpm.sock:", host: "example.net", referrer:
"http://example.net/"
Im a little but lost:
- I have set the /var/lib/nginx/tmp to ec2-user (i even +777 everything to check)
- I have set the /tmp/php-fpm.sock to ec2-user
- the nginx conf file is set to ec2-user
- the php-conf is set to user and group ec2-user
- ps aux gives ec2-user on all php-fpm and nginx processes
My Nginx Configuration includes a lot of files , the basic conf is:
user ec2-user ec2-user;
worker_processes 5;
error_log /opt/nginx/error.log;
pid /var/run/nginx.pid;
events
worker_connections 1024;
http
include mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /opt/nginx/access.log main;
sendfile on;
keepalive_timeout 65;
client_max_body_size 13m;
index index.php index.html index.htm;
upstream php
server unix:/tmp/php-fpm.sock;
include /etc/nginx/conf.d/*.conf;
include /mnt/web/nginx/conf.d/*.conf;
my /etc/nginx/conf.d/ is empty
my /mnt/web/nginx/conf.d contain A LOT of website configurations which all include "wordpress.conf":
location /
try_files $uri $uri/ /index.php?$args;
rewrite /wp-admin$ $scheme://$host$uri/ permanent;
location ~* .(js|css|png|jpg|jpeg|gif|ico)$
expires 24h;
log_not_found off;
location ~ .php$
try_files $uri =404;
fastcgi_split_path_info ^(.+.php)(/.+)$;
include fastcgi_params;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_pass php;
My /opt/php/etc/php-fpm.conf:
include=/opt/php/etc/fpm.d/*.conf
pid = run/php-fpm.pid
error_log = log/php-fpm.log
log_level = notice
[www]
listen = /tmp/php-fpm.sock
user = ec2-user
group = ec2-user
pm = dynamic
pm.max_children = 250
pm.start_servers = 20
pm.min_spare_servers = 5
pm.max_spare_servers = 35
pm.max_requests = 500
pm.status_path = /fpm-status
ping.path = /fpm-ping
slowlog = log/$pool.log.slow
catch_workers_output = yes
UPDATE: found the problem, put it in the answer
nginx amazon-ec2 php-fpm
asked Apr 20 '13 at 23:43
edelwateredelwater
3121311
I read several entries on why PHP-FPM might give me permission denied but I can not solve it.
The error logs read like:
2013/04/20 23:33:28 [crit] 15479#0: *6 open() "/var/lib/nginx/tmp/fastcgi
/2/00/0000000002" failed (13: Permission denied) while reading upstream, client:
99.999.999.999, server: example.net, request: "GET /wp-admin/ HTTP/1.1",
upstream: "fastcgi://unix:/tmp/php-fpm.sock:", host: "example.net", referrer:
"http://example.net/"
Im a little but lost:
- I have set the /var/lib/nginx/tmp to ec2-user (i even +777 everything to check)
- I have set the /tmp/php-fpm.sock to ec2-user
- the nginx conf file is set to ec2-user
- the php-conf is set to user and group ec2-user
- ps aux gives ec2-user on all php-fpm and nginx processes
My Nginx Configuration includes a lot of files , the basic conf is:
user ec2-user ec2-user;
worker_processes 5;
error_log /opt/nginx/error.log;
pid /var/run/nginx.pid;
events
worker_connections 1024;
http
include mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /opt/nginx/access.log main;
sendfile on;
keepalive_timeout 65;
client_max_body_size 13m;
index index.php index.html index.htm;
upstream php
server unix:/tmp/php-fpm.sock;
include /etc/nginx/conf.d/*.conf;
include /mnt/web/nginx/conf.d/*.conf;
my /etc/nginx/conf.d/ is empty
my /mnt/web/nginx/conf.d contain A LOT of website configurations which all include "wordpress.conf":
location /
try_files $uri $uri/ /index.php?$args;
rewrite /wp-admin$ $scheme://$host$uri/ permanent;
location ~* .(js|css|png|jpg|jpeg|gif|ico)$
expires 24h;
log_not_found off;
location ~ .php$
try_files $uri =404;
fastcgi_split_path_info ^(.+.php)(/.+)$;
include fastcgi_params;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_pass php;
My /opt/php/etc/php-fpm.conf:
include=/opt/php/etc/fpm.d/*.conf
pid = run/php-fpm.pid
error_log = log/php-fpm.log
log_level = notice
[www]
listen = /tmp/php-fpm.sock
user = ec2-user
group = ec2-user
pm = dynamic
pm.max_children = 250
pm.start_servers = 20
pm.min_spare_servers = 5
pm.max_spare_servers = 35
pm.max_requests = 500
pm.status_path = /fpm-status
ping.path = /fpm-ping
slowlog = log/$pool.log.slow
catch_workers_output = yes
UPDATE: found the problem, put it in the answer
nginx amazon-ec2 php-fpm
nginx amazon-ec2 php-fpm
asked Apr 20 '13 at 23:43
edelwateredelwater
3121311
asked Apr 20 '13 at 23:43
edelwateredelwater
3121311
edited Apr 21 '13 at 1:23
edelwater
asked Apr 20 '13 at 23:43
edelwateredelwater
3121311
asked Apr 20 '13 at 23:43
edelwateredelwater
3121311
asked Apr 20 '13 at 23:43
edelwateredelwater
3121311
3121311
1
is selinux enabled ? run getenforce or cat /selinux/enforce if is not 0 is enabled
– silviud
Apr 20 '13 at 23:48
1
What's the rest of your nginx configuration?
– Michael Hampton♦
Apr 20 '13 at 23:51
1
your socket from log file is /tmp/php-fpm.sock but you changed /var/lib/nginx/tmp - did you do chroot in nginx ?
– silviud
Apr 20 '13 at 23:51
1
send the output from the command mount
– silviud
Apr 21 '13 at 0:12
1
also look that all directories in your home ... see serverfault.com/questions/170192/…
– silviud
Apr 21 '13 at 0:50
|
show 8 more comments
1
is selinux enabled ? run getenforce or cat /selinux/enforce if is not 0 is enabled
– silviud
Apr 20 '13 at 23:48
1
What's the rest of your nginx configuration?
– Michael Hampton♦
Apr 20 '13 at 23:51
1
your socket from log file is /tmp/php-fpm.sock but you changed /var/lib/nginx/tmp - did you do chroot in nginx ?
– silviud
Apr 20 '13 at 23:51
1
send the output from the command mount
– silviud
Apr 21 '13 at 0:12
1
also look that all directories in your home ... see serverfault.com/questions/170192/…
– silviud
Apr 21 '13 at 0:50
1
1
is selinux enabled ? run getenforce or cat /selinux/enforce if is not 0 is enabled
– silviud
Apr 20 '13 at 23:48
is selinux enabled ? run getenforce or cat /selinux/enforce if is not 0 is enabled
– silviud
Apr 20 '13 at 23:48
1
1
What's the rest of your nginx configuration?
– Michael Hampton♦
Apr 20 '13 at 23:51
What's the rest of your nginx configuration?
– Michael Hampton♦
Apr 20 '13 at 23:51
1
1
your socket from log file is /tmp/php-fpm.sock but you changed /var/lib/nginx/tmp - did you do chroot in nginx ?
– silviud
Apr 20 '13 at 23:51
your socket from log file is /tmp/php-fpm.sock but you changed /var/lib/nginx/tmp - did you do chroot in nginx ?
– silviud
Apr 20 '13 at 23:51
1
1
send the output from the command mount
– silviud
Apr 21 '13 at 0:12
send the output from the command mount
– silviud
Apr 21 '13 at 0:12
1
1
also look that all directories in your home ... see serverfault.com/questions/170192/…
– silviud
Apr 21 '13 at 0:50
also look that all directories in your home ... see serverfault.com/questions/170192/…
– silviud
Apr 21 '13 at 0:50
|
show 8 more comments
6 Answers
6
active
oldest
votes
I had set the /var/lib/nginx/tmp to ec2-user/ec2-user (i even +777 everything to check)
But ... I also had to set /var/lib/nginx to ec2-user/ec2-user
... after also chown/chgrp the parent nginx folder : no more errors.
Took me some hours...
answered Apr 21 '13 at 1:21
edelwateredelwater
3121311
6
chown -Rf www-data:www-data /var/lib/nginxworked for me. didn't need to chmod anything.
– Chris
Jul 24 '15 at 20:48
checking log files helps always, remember to check them before anything :)
– sorrow poetry
Jul 12 '18 at 22:59
add a comment |
This generally happens. When the user setting in nginx.conf is changed from
user nginx;
to something else. In this case,
user ec2-user ec2-user;
The chmod command is not necessary per Chris's comment, and could open up a security hole.
Solution:
Check the current user and group ownership on /var/lib/nginx.
$ ls -ld /var/lib/nginx
drwx------ 3 nginx nginx 4096 Aug 5 00:05 /var/lib/nginx
This tells you that a possibly non-existant user and group named nginx owns this folder. This prevents file uploading.
Change the folder ownership to the user defined in nginx.conf in this case ec2-user (sudo may not be required).
$ sudo chown -Rf ec2-user:ec2-user /var/lib/nginx
Verify that it actually changed.
$ ls -ld /var/lib/nginx
drwx------ 3 ec2-user ec2-user 4096 Aug 5 00:05 /var/lib/nginx
The permission denied error should now go away. Check the error.log (based on nginx.conf error_log location).
$ sudo nano /opt/nginx/error.log
If that doesn't work you might need to reload nginx and php-fpm.
$ sudo service nginx reload
$ sudo service php-fpm reload
answered Dec 29 '16 at 22:13
nu everestnu everest
51711022
add a comment |
None of the other solutions worked for me, but I found this to work:
$ apt-get install php-pear php5-dev
$ pecl install timezonedb
$ echo 'extension=timezonedb.so'> /etc/php5/mods-available/timezonedb.ini
$ ln -sf /etc/php5/mods-available/timezonedb.ini /etc/php5/conf.d/30-timezonedb.ini
$ service php5-fpm restart
Source
answered May 21 '14 at 11:57
nullvariablenullvariable
1314
Ok, we tried several solutions and this is the one that worked. We dont know why it worked or what the problem was, but it did.
– Neil Masters
Jun 11 '15 at 12:56
add a comment |
I have got the similar problem with file upload. nginx 500 error
2015/07/05 03:50:36 [crit] 3656#0: *7 open() "/var/lib/nginx/tmp/client_body/0000000007" failed (13: Permission denied), client: 10.0.2.2, server: www.test.com, request: "POST /api/v1/users HTTP/1.1", host: "test"
The issue was related to permission only, i just set chmod -R 755 /var/lib/nginx and things worked!
answered Jul 5 '15 at 4:13
Bishwanath JhaBishwanath Jha
111
add a comment |
Just solved my issue with permissions. The easiest way and most simple was to not run php-fpm or nginx as sudo (super user). What you would have to do is:
- chown all log output locations for nginx to yourUserName:yourUserName example:
chown yourUserName:yourUserName /var/log/nginx/error.log - Next update server dir as well example:
chown yourUserName:yourUserName -R /var/www
By not using root i didn't have to change php-fpm user or group or any listening user or groups. Make sure you also comment out nginx.conf 'user' as it will be the current users name.
answered Jul 21 '17 at 20:29
c-l-hc-l-h
1
Please don't post the same answer multiple times. Also, this problem has long been solved.
– Sven♦
Jul 21 '17 at 21:18
add a comment |
Instead of editing permissions on /var/lib/nginx/whatever, wouldn't it make more sense to just tell nginx to use a different path like /tmp/nginx? This fixed the problem for me:
# create the directory
mkdir /tmp/nginx
chown -R nginx.nginx /tmp/nginx (assumes nginx user is named nginx)
chmod -R 700 /tmp/nginx
/tmp/nginx permissions should be 700 preferably (which shouldn't be a problem as long as the owner is the same user specified in /etc/nginx/nginx.conf 'user' directive) or 770 if for some reason you need to have a different file owner and nginx to perform i/o via group permissions. Never seen that but who knows.
On centos7, edit /etc/nginx/nginx.conf to tell nginx to use that new directory for client bodies
...
http
...
client_body_temp_path /tmp/nginx 1 2;
...
and restart nginx (again centos7)
systemctl restart nginx
answered Apr 26 at 4:39
siliconrockstarsiliconrockstar
1364
Never chmod 777 anything. Especially not the cache! Now any local user can rewrite your cache and send potentially malicious data to your users. For uploads, someone could substitute their own upload instead.
– Michael Hampton♦
Apr 26 at 4:51
Jesus dude relax, this build is part of a demo cluster. But good catch for people who might not know better, I'll edit the answer.
– siliconrockstar
Apr 26 at 4:57
add a comment |
Your Answer
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "2"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f501258%2fphp-fpm-gives-permission-denied%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
6 Answers
6
active
oldest
votes
6 Answers
6
active
oldest
votes
active
oldest
votes
active
oldest
votes
I had set the /var/lib/nginx/tmp to ec2-user/ec2-user (i even +777 everything to check)
But ... I also had to set /var/lib/nginx to ec2-user/ec2-user
... after also chown/chgrp the parent nginx folder : no more errors.
Took me some hours...
answered Apr 21 '13 at 1:21
edelwateredelwater
3121311
6
chown -Rf www-data:www-data /var/lib/nginxworked for me. didn't need to chmod anything.
– Chris
Jul 24 '15 at 20:48
checking log files helps always, remember to check them before anything :)
– sorrow poetry
Jul 12 '18 at 22:59
add a comment |
I had set the /var/lib/nginx/tmp to ec2-user/ec2-user (i even +777 everything to check)
But ... I also had to set /var/lib/nginx to ec2-user/ec2-user
... after also chown/chgrp the parent nginx folder : no more errors.
Took me some hours...
answered Apr 21 '13 at 1:21
edelwateredelwater
3121311
6
chown -Rf www-data:www-data /var/lib/nginxworked for me. didn't need to chmod anything.
– Chris
Jul 24 '15 at 20:48
checking log files helps always, remember to check them before anything :)
– sorrow poetry
Jul 12 '18 at 22:59
add a comment |
I had set the /var/lib/nginx/tmp to ec2-user/ec2-user (i even +777 everything to check)
But ... I also had to set /var/lib/nginx to ec2-user/ec2-user
... after also chown/chgrp the parent nginx folder : no more errors.
Took me some hours...
answered Apr 21 '13 at 1:21
edelwateredelwater
3121311
I had set the /var/lib/nginx/tmp to ec2-user/ec2-user (i even +777 everything to check)
But ... I also had to set /var/lib/nginx to ec2-user/ec2-user
... after also chown/chgrp the parent nginx folder : no more errors.
Took me some hours...
answered Apr 21 '13 at 1:21
edelwateredelwater
3121311
answered Apr 21 '13 at 1:21
edelwateredelwater
3121311
answered Apr 21 '13 at 1:21
edelwateredelwater
3121311
answered Apr 21 '13 at 1:21
edelwateredelwater
3121311
3121311
6
chown -Rf www-data:www-data /var/lib/nginxworked for me. didn't need to chmod anything.
– Chris
Jul 24 '15 at 20:48
checking log files helps always, remember to check them before anything :)
– sorrow poetry
Jul 12 '18 at 22:59
add a comment |
6
chown -Rf www-data:www-data /var/lib/nginxworked for me. didn't need to chmod anything.
– Chris
Jul 24 '15 at 20:48
checking log files helps always, remember to check them before anything :)
– sorrow poetry
Jul 12 '18 at 22:59
6
6
chown -Rf www-data:www-data /var/lib/nginx worked for me. didn't need to chmod anything.– Chris
Jul 24 '15 at 20:48
chown -Rf www-data:www-data /var/lib/nginx worked for me. didn't need to chmod anything.– Chris
Jul 24 '15 at 20:48
checking log files helps always, remember to check them before anything :)
– sorrow poetry
Jul 12 '18 at 22:59
checking log files helps always, remember to check them before anything :)
– sorrow poetry
Jul 12 '18 at 22:59
add a comment |
This generally happens. When the user setting in nginx.conf is changed from
user nginx;
to something else. In this case,
user ec2-user ec2-user;
The chmod command is not necessary per Chris's comment, and could open up a security hole.
Solution:
Check the current user and group ownership on /var/lib/nginx.
$ ls -ld /var/lib/nginx
drwx------ 3 nginx nginx 4096 Aug 5 00:05 /var/lib/nginx
This tells you that a possibly non-existant user and group named nginx owns this folder. This prevents file uploading.
Change the folder ownership to the user defined in nginx.conf in this case ec2-user (sudo may not be required).
$ sudo chown -Rf ec2-user:ec2-user /var/lib/nginx
Verify that it actually changed.
$ ls -ld /var/lib/nginx
drwx------ 3 ec2-user ec2-user 4096 Aug 5 00:05 /var/lib/nginx
The permission denied error should now go away. Check the error.log (based on nginx.conf error_log location).
$ sudo nano /opt/nginx/error.log
If that doesn't work you might need to reload nginx and php-fpm.
$ sudo service nginx reload
$ sudo service php-fpm reload
answered Dec 29 '16 at 22:13
nu everestnu everest
51711022
add a comment |
This generally happens. When the user setting in nginx.conf is changed from
user nginx;
to something else. In this case,
user ec2-user ec2-user;
The chmod command is not necessary per Chris's comment, and could open up a security hole.
Solution:
Check the current user and group ownership on /var/lib/nginx.
$ ls -ld /var/lib/nginx
drwx------ 3 nginx nginx 4096 Aug 5 00:05 /var/lib/nginx
This tells you that a possibly non-existant user and group named nginx owns this folder. This prevents file uploading.
Change the folder ownership to the user defined in nginx.conf in this case ec2-user (sudo may not be required).
$ sudo chown -Rf ec2-user:ec2-user /var/lib/nginx
Verify that it actually changed.
$ ls -ld /var/lib/nginx
drwx------ 3 ec2-user ec2-user 4096 Aug 5 00:05 /var/lib/nginx
The permission denied error should now go away. Check the error.log (based on nginx.conf error_log location).
$ sudo nano /opt/nginx/error.log
If that doesn't work you might need to reload nginx and php-fpm.
$ sudo service nginx reload
$ sudo service php-fpm reload
answered Dec 29 '16 at 22:13
nu everestnu everest
51711022
add a comment |
This generally happens. When the user setting in nginx.conf is changed from
user nginx;
to something else. In this case,
user ec2-user ec2-user;
The chmod command is not necessary per Chris's comment, and could open up a security hole.
Solution:
Check the current user and group ownership on /var/lib/nginx.
$ ls -ld /var/lib/nginx
drwx------ 3 nginx nginx 4096 Aug 5 00:05 /var/lib/nginx
This tells you that a possibly non-existant user and group named nginx owns this folder. This prevents file uploading.
Change the folder ownership to the user defined in nginx.conf in this case ec2-user (sudo may not be required).
$ sudo chown -Rf ec2-user:ec2-user /var/lib/nginx
Verify that it actually changed.
$ ls -ld /var/lib/nginx
drwx------ 3 ec2-user ec2-user 4096 Aug 5 00:05 /var/lib/nginx
The permission denied error should now go away. Check the error.log (based on nginx.conf error_log location).
$ sudo nano /opt/nginx/error.log
If that doesn't work you might need to reload nginx and php-fpm.
$ sudo service nginx reload
$ sudo service php-fpm reload
answered Dec 29 '16 at 22:13
nu everestnu everest
51711022
This generally happens. When the user setting in nginx.conf is changed from
user nginx;
to something else. In this case,
user ec2-user ec2-user;
The chmod command is not necessary per Chris's comment, and could open up a security hole.
Solution:
Check the current user and group ownership on /var/lib/nginx.
$ ls -ld /var/lib/nginx
drwx------ 3 nginx nginx 4096 Aug 5 00:05 /var/lib/nginx
This tells you that a possibly non-existant user and group named nginx owns this folder. This prevents file uploading.
Change the folder ownership to the user defined in nginx.conf in this case ec2-user (sudo may not be required).
$ sudo chown -Rf ec2-user:ec2-user /var/lib/nginx
Verify that it actually changed.
$ ls -ld /var/lib/nginx
drwx------ 3 ec2-user ec2-user 4096 Aug 5 00:05 /var/lib/nginx
The permission denied error should now go away. Check the error.log (based on nginx.conf error_log location).
$ sudo nano /opt/nginx/error.log
If that doesn't work you might need to reload nginx and php-fpm.
$ sudo service nginx reload
$ sudo service php-fpm reload
answered Dec 29 '16 at 22:13
nu everestnu everest
51711022
answered Dec 29 '16 at 22:13
nu everestnu everest
51711022
answered Dec 29 '16 at 22:13
nu everestnu everest
51711022
answered Dec 29 '16 at 22:13
nu everestnu everest
51711022
51711022
add a comment |
add a comment |
None of the other solutions worked for me, but I found this to work:
$ apt-get install php-pear php5-dev
$ pecl install timezonedb
$ echo 'extension=timezonedb.so'> /etc/php5/mods-available/timezonedb.ini
$ ln -sf /etc/php5/mods-available/timezonedb.ini /etc/php5/conf.d/30-timezonedb.ini
$ service php5-fpm restart
Source
answered May 21 '14 at 11:57
nullvariablenullvariable
1314
Ok, we tried several solutions and this is the one that worked. We dont know why it worked or what the problem was, but it did.
– Neil Masters
Jun 11 '15 at 12:56
add a comment |
None of the other solutions worked for me, but I found this to work:
$ apt-get install php-pear php5-dev
$ pecl install timezonedb
$ echo 'extension=timezonedb.so'> /etc/php5/mods-available/timezonedb.ini
$ ln -sf /etc/php5/mods-available/timezonedb.ini /etc/php5/conf.d/30-timezonedb.ini
$ service php5-fpm restart
Source
answered May 21 '14 at 11:57
nullvariablenullvariable
1314
Ok, we tried several solutions and this is the one that worked. We dont know why it worked or what the problem was, but it did.
– Neil Masters
Jun 11 '15 at 12:56
add a comment |
None of the other solutions worked for me, but I found this to work:
$ apt-get install php-pear php5-dev
$ pecl install timezonedb
$ echo 'extension=timezonedb.so'> /etc/php5/mods-available/timezonedb.ini
$ ln -sf /etc/php5/mods-available/timezonedb.ini /etc/php5/conf.d/30-timezonedb.ini
$ service php5-fpm restart
Source
answered May 21 '14 at 11:57
nullvariablenullvariable
1314
None of the other solutions worked for me, but I found this to work:
$ apt-get install php-pear php5-dev
$ pecl install timezonedb
$ echo 'extension=timezonedb.so'> /etc/php5/mods-available/timezonedb.ini
$ ln -sf /etc/php5/mods-available/timezonedb.ini /etc/php5/conf.d/30-timezonedb.ini
$ service php5-fpm restart
Source
answered May 21 '14 at 11:57
nullvariablenullvariable
1314
answered May 21 '14 at 11:57
nullvariablenullvariable
1314
answered May 21 '14 at 11:57
nullvariablenullvariable
1314
answered May 21 '14 at 11:57
nullvariablenullvariable
1314
1314
Ok, we tried several solutions and this is the one that worked. We dont know why it worked or what the problem was, but it did.
– Neil Masters
Jun 11 '15 at 12:56
add a comment |
Ok, we tried several solutions and this is the one that worked. We dont know why it worked or what the problem was, but it did.
– Neil Masters
Jun 11 '15 at 12:56
Ok, we tried several solutions and this is the one that worked. We dont know why it worked or what the problem was, but it did.
– Neil Masters
Jun 11 '15 at 12:56
Ok, we tried several solutions and this is the one that worked. We dont know why it worked or what the problem was, but it did.
– Neil Masters
Jun 11 '15 at 12:56
add a comment |
I have got the similar problem with file upload. nginx 500 error
2015/07/05 03:50:36 [crit] 3656#0: *7 open() "/var/lib/nginx/tmp/client_body/0000000007" failed (13: Permission denied), client: 10.0.2.2, server: www.test.com, request: "POST /api/v1/users HTTP/1.1", host: "test"
The issue was related to permission only, i just set chmod -R 755 /var/lib/nginx and things worked!
answered Jul 5 '15 at 4:13
Bishwanath JhaBishwanath Jha
111
add a comment |
I have got the similar problem with file upload. nginx 500 error
2015/07/05 03:50:36 [crit] 3656#0: *7 open() "/var/lib/nginx/tmp/client_body/0000000007" failed (13: Permission denied), client: 10.0.2.2, server: www.test.com, request: "POST /api/v1/users HTTP/1.1", host: "test"
The issue was related to permission only, i just set chmod -R 755 /var/lib/nginx and things worked!
answered Jul 5 '15 at 4:13
Bishwanath JhaBishwanath Jha
111
add a comment |
I have got the similar problem with file upload. nginx 500 error
2015/07/05 03:50:36 [crit] 3656#0: *7 open() "/var/lib/nginx/tmp/client_body/0000000007" failed (13: Permission denied), client: 10.0.2.2, server: www.test.com, request: "POST /api/v1/users HTTP/1.1", host: "test"
The issue was related to permission only, i just set chmod -R 755 /var/lib/nginx and things worked!
answered Jul 5 '15 at 4:13
Bishwanath JhaBishwanath Jha
111
I have got the similar problem with file upload. nginx 500 error
2015/07/05 03:50:36 [crit] 3656#0: *7 open() "/var/lib/nginx/tmp/client_body/0000000007" failed (13: Permission denied), client: 10.0.2.2, server: www.test.com, request: "POST /api/v1/users HTTP/1.1", host: "test"
The issue was related to permission only, i just set chmod -R 755 /var/lib/nginx and things worked!
answered Jul 5 '15 at 4:13
Bishwanath JhaBishwanath Jha
111
answered Jul 5 '15 at 4:13
Bishwanath JhaBishwanath Jha
111
answered Jul 5 '15 at 4:13
Bishwanath JhaBishwanath Jha
111
answered Jul 5 '15 at 4:13
Bishwanath JhaBishwanath Jha
111
111
add a comment |
add a comment |
Just solved my issue with permissions. The easiest way and most simple was to not run php-fpm or nginx as sudo (super user). What you would have to do is:
- chown all log output locations for nginx to yourUserName:yourUserName example:
chown yourUserName:yourUserName /var/log/nginx/error.log - Next update server dir as well example:
chown yourUserName:yourUserName -R /var/www
By not using root i didn't have to change php-fpm user or group or any listening user or groups. Make sure you also comment out nginx.conf 'user' as it will be the current users name.
answered Jul 21 '17 at 20:29
c-l-hc-l-h
1
Please don't post the same answer multiple times. Also, this problem has long been solved.
– Sven♦
Jul 21 '17 at 21:18
add a comment |
Just solved my issue with permissions. The easiest way and most simple was to not run php-fpm or nginx as sudo (super user). What you would have to do is:
- chown all log output locations for nginx to yourUserName:yourUserName example:
chown yourUserName:yourUserName /var/log/nginx/error.log - Next update server dir as well example:
chown yourUserName:yourUserName -R /var/www
By not using root i didn't have to change php-fpm user or group or any listening user or groups. Make sure you also comment out nginx.conf 'user' as it will be the current users name.
answered Jul 21 '17 at 20:29
c-l-hc-l-h
1
Please don't post the same answer multiple times. Also, this problem has long been solved.
– Sven♦
Jul 21 '17 at 21:18
add a comment |
Just solved my issue with permissions. The easiest way and most simple was to not run php-fpm or nginx as sudo (super user). What you would have to do is:
- chown all log output locations for nginx to yourUserName:yourUserName example:
chown yourUserName:yourUserName /var/log/nginx/error.log - Next update server dir as well example:
chown yourUserName:yourUserName -R /var/www
By not using root i didn't have to change php-fpm user or group or any listening user or groups. Make sure you also comment out nginx.conf 'user' as it will be the current users name.
answered Jul 21 '17 at 20:29
c-l-hc-l-h
1
Just solved my issue with permissions. The easiest way and most simple was to not run php-fpm or nginx as sudo (super user). What you would have to do is:
- chown all log output locations for nginx to yourUserName:yourUserName example:
chown yourUserName:yourUserName /var/log/nginx/error.log - Next update server dir as well example:
chown yourUserName:yourUserName -R /var/www
By not using root i didn't have to change php-fpm user or group or any listening user or groups. Make sure you also comment out nginx.conf 'user' as it will be the current users name.
answered Jul 21 '17 at 20:29
c-l-hc-l-h
1
answered Jul 21 '17 at 20:29
c-l-hc-l-h
1
answered Jul 21 '17 at 20:29
c-l-hc-l-h
1
answered Jul 21 '17 at 20:29
c-l-hc-l-h
1
1
Please don't post the same answer multiple times. Also, this problem has long been solved.
– Sven♦
Jul 21 '17 at 21:18
add a comment |
Please don't post the same answer multiple times. Also, this problem has long been solved.
– Sven♦
Jul 21 '17 at 21:18
Please don't post the same answer multiple times. Also, this problem has long been solved.
– Sven♦
Jul 21 '17 at 21:18
Please don't post the same answer multiple times. Also, this problem has long been solved.
– Sven♦
Jul 21 '17 at 21:18
add a comment |
Instead of editing permissions on /var/lib/nginx/whatever, wouldn't it make more sense to just tell nginx to use a different path like /tmp/nginx? This fixed the problem for me:
# create the directory
mkdir /tmp/nginx
chown -R nginx.nginx /tmp/nginx (assumes nginx user is named nginx)
chmod -R 700 /tmp/nginx
/tmp/nginx permissions should be 700 preferably (which shouldn't be a problem as long as the owner is the same user specified in /etc/nginx/nginx.conf 'user' directive) or 770 if for some reason you need to have a different file owner and nginx to perform i/o via group permissions. Never seen that but who knows.
On centos7, edit /etc/nginx/nginx.conf to tell nginx to use that new directory for client bodies
...
http
...
client_body_temp_path /tmp/nginx 1 2;
...
and restart nginx (again centos7)
systemctl restart nginx
answered Apr 26 at 4:39
siliconrockstarsiliconrockstar
1364
Never chmod 777 anything. Especially not the cache! Now any local user can rewrite your cache and send potentially malicious data to your users. For uploads, someone could substitute their own upload instead.
– Michael Hampton♦
Apr 26 at 4:51
Jesus dude relax, this build is part of a demo cluster. But good catch for people who might not know better, I'll edit the answer.
– siliconrockstar
Apr 26 at 4:57
add a comment |
Instead of editing permissions on /var/lib/nginx/whatever, wouldn't it make more sense to just tell nginx to use a different path like /tmp/nginx? This fixed the problem for me:
# create the directory
mkdir /tmp/nginx
chown -R nginx.nginx /tmp/nginx (assumes nginx user is named nginx)
chmod -R 700 /tmp/nginx
/tmp/nginx permissions should be 700 preferably (which shouldn't be a problem as long as the owner is the same user specified in /etc/nginx/nginx.conf 'user' directive) or 770 if for some reason you need to have a different file owner and nginx to perform i/o via group permissions. Never seen that but who knows.
On centos7, edit /etc/nginx/nginx.conf to tell nginx to use that new directory for client bodies
...
http
...
client_body_temp_path /tmp/nginx 1 2;
...
and restart nginx (again centos7)
systemctl restart nginx
answered Apr 26 at 4:39
siliconrockstarsiliconrockstar
1364
Never chmod 777 anything. Especially not the cache! Now any local user can rewrite your cache and send potentially malicious data to your users. For uploads, someone could substitute their own upload instead.
– Michael Hampton♦
Apr 26 at 4:51
Jesus dude relax, this build is part of a demo cluster. But good catch for people who might not know better, I'll edit the answer.
– siliconrockstar
Apr 26 at 4:57
add a comment |
Instead of editing permissions on /var/lib/nginx/whatever, wouldn't it make more sense to just tell nginx to use a different path like /tmp/nginx? This fixed the problem for me:
# create the directory
mkdir /tmp/nginx
chown -R nginx.nginx /tmp/nginx (assumes nginx user is named nginx)
chmod -R 700 /tmp/nginx
/tmp/nginx permissions should be 700 preferably (which shouldn't be a problem as long as the owner is the same user specified in /etc/nginx/nginx.conf 'user' directive) or 770 if for some reason you need to have a different file owner and nginx to perform i/o via group permissions. Never seen that but who knows.
On centos7, edit /etc/nginx/nginx.conf to tell nginx to use that new directory for client bodies
...
http
...
client_body_temp_path /tmp/nginx 1 2;
...
and restart nginx (again centos7)
systemctl restart nginx
answered Apr 26 at 4:39
siliconrockstarsiliconrockstar
1364
Instead of editing permissions on /var/lib/nginx/whatever, wouldn't it make more sense to just tell nginx to use a different path like /tmp/nginx? This fixed the problem for me:
# create the directory
mkdir /tmp/nginx
chown -R nginx.nginx /tmp/nginx (assumes nginx user is named nginx)
chmod -R 700 /tmp/nginx
/tmp/nginx permissions should be 700 preferably (which shouldn't be a problem as long as the owner is the same user specified in /etc/nginx/nginx.conf 'user' directive) or 770 if for some reason you need to have a different file owner and nginx to perform i/o via group permissions. Never seen that but who knows.
On centos7, edit /etc/nginx/nginx.conf to tell nginx to use that new directory for client bodies
...
http
...
client_body_temp_path /tmp/nginx 1 2;
...
and restart nginx (again centos7)
systemctl restart nginx
answered Apr 26 at 4:39
siliconrockstarsiliconrockstar
1364
edited Apr 26 at 4:59
answered Apr 26 at 4:39
siliconrockstarsiliconrockstar
1364
answered Apr 26 at 4:39
siliconrockstarsiliconrockstar
1364
answered Apr 26 at 4:39
siliconrockstarsiliconrockstar
1364
1364
Never chmod 777 anything. Especially not the cache! Now any local user can rewrite your cache and send potentially malicious data to your users. For uploads, someone could substitute their own upload instead.
– Michael Hampton♦
Apr 26 at 4:51
Jesus dude relax, this build is part of a demo cluster. But good catch for people who might not know better, I'll edit the answer.
– siliconrockstar
Apr 26 at 4:57
add a comment |
Never chmod 777 anything. Especially not the cache! Now any local user can rewrite your cache and send potentially malicious data to your users. For uploads, someone could substitute their own upload instead.
– Michael Hampton♦
Apr 26 at 4:51
Jesus dude relax, this build is part of a demo cluster. But good catch for people who might not know better, I'll edit the answer.
– siliconrockstar
Apr 26 at 4:57
Never chmod 777 anything. Especially not the cache! Now any local user can rewrite your cache and send potentially malicious data to your users. For uploads, someone could substitute their own upload instead.
– Michael Hampton♦
Apr 26 at 4:51
Never chmod 777 anything. Especially not the cache! Now any local user can rewrite your cache and send potentially malicious data to your users. For uploads, someone could substitute their own upload instead.
– Michael Hampton♦
Apr 26 at 4:51
Jesus dude relax, this build is part of a demo cluster. But good catch for people who might not know better, I'll edit the answer.
– siliconrockstar
Apr 26 at 4:57
Jesus dude relax, this build is part of a demo cluster. But good catch for people who might not know better, I'll edit the answer.
– siliconrockstar
Apr 26 at 4:57
add a comment |
Thanks for contributing an answer to Server Fault!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f501258%2fphp-fpm-gives-permission-denied%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
1
is selinux enabled ? run getenforce or cat /selinux/enforce if is not 0 is enabled
– silviud
Apr 20 '13 at 23:48
1
What's the rest of your nginx configuration?
– Michael Hampton♦
Apr 20 '13 at 23:51
1
your socket from log file is /tmp/php-fpm.sock but you changed /var/lib/nginx/tmp - did you do chroot in nginx ?
– silviud
Apr 20 '13 at 23:51
1
send the output from the command mount
– silviud
Apr 21 '13 at 0:12
1
also look that all directories in your home ... see serverfault.com/questions/170192/…
– silviud
Apr 21 '13 at 0:50