Jump to content
Froxlor Forum
  • 0

Permissions of configuration alias-folder of php-fpm


jBOKA

Question

Posted

Hi,

 

I just set up Froxlor to work with php-fpm.

I'm using pretty much the standard configuration.

 

Debian Jessie

Froxlor ver 0.9.35.1-1

PHP 5.6

 

My pool-config lies in

/etc/php5/fpm/pool.d
since I'm using Debian Jessie, all other configuration values are set to default.

 

Therefore the configuration alias-directory of php-fpm is set to

/var/www/php-fpm/

 

My Problem is, that froxlor creates/changes the subdirectories (e.g. /var/www/php-fpm/username) on every master cronjob to owner root:root with permissions 750. This way I get this error on access in the users custom error log from apache stating

(13)Permission denied: [client 77.181.66.50:49690] AH00035: access to /fastcgiphp/index.php denied (filesystem path '/var/www/php-fpm/username/domain.com') because search permissions are missing on a component of the path, referer: http://domain.com/

 

Right now I fixed it by adding a

chmod o+x /var/www/php-fpm/*
to the webserver restart script, that I have configured.

 

Is this due to a misconfiguration or a bug?

 

Regards

jBOKA

 

 

11 answers to this question

Recommended Posts

Posted

So, how can I debug this?

I mean, if permission 750 is correct for /var/www/php-fpm/*

what does this mean for that error? Should I post anything else, or is there mybe a way to get more information on that error?

 

/EDIT:
Just read the Unix permission basics again.

This is the situation:

 

 drwxr-xr-x root    root    /
 drwxr-xr-x root    root    var
 drwxr-xr-x root    root    www
 drwxr-xr-x root    root    php-fpm
 drwxrwx--- root    root    user
 drwxrwx--- user    user    domain.com

There's no way for the user to read the files in the user folder without the x-permission. How should this all work? I mean it's definitely Froxlor who changes the permission (tried it with the master cron). Why is that and what would the misconfiguration be?

Posted

the froxlor user is LOCAL, libnss-mysql is used to read the customers users from the database, completely different thing

Posted

Sorry, I should have emphasized that I meant "froxlor user accounts", the accounts created by froxlor for the customers.

I can login and ssh into the machine using the user credentials from the database (when ftp_users.shell set to '/bin/bash').

 

This is what makes me assume libnss-mysql is working properly.

 

Can you tell me if the created permission are correct? If so, how would the 'user' accout be able to access the mentioned folders/files?

Posted

From the beginning:

 

My Problem is, that froxlor creates/changes the subdirectories (e.g. /var/www/php-fpm/username) on every master cronjob to owner root:root with permissions 750. This way I get this error on access in the users custom error log from apache stating

 

Froxlor does not create/change anything in /var/www/php-fpm/username as this directory is just used as alias (hence the setting-name 'Alias Directory'). Everything create/changed there is caused by fpm and/or apache.

 

So to cut things short:

 

- nopaste vhost of domain

- nopaste fpm pool-config of domain

- show us your fpm-setting (SQL: select * from panel_settings where settinggroup = 'phpfpm';)

Posted

/var/www/php-fpm is not the issue, its the subfolders

 

drwxr-xr-x root    root    /
 drwxr-xr-x root    root    var
 drwxr-xr-x root    root    www
 drwxr-xr-x root    root    php-fpm
 drwxrwx--- root    root    user
 drwxrwx--- user    user    domain.com

 

I use chmod on /var/www/php-fpm/*

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...