Jump to content
Froxlor Forum
  • 0

Permissions of configuration alias-folder of php-fpm


jBOKA

Question

Hi,

 

I just set up Froxlor to work with php-fpm.

I'm using pretty much the standard configuration.

 

Debian Jessie

Froxlor ver 0.9.35.1-1

PHP 5.6

 

My pool-config lies in

/etc/php5/fpm/pool.d
since I'm using Debian Jessie, all other configuration values are set to default.

 

Therefore the configuration alias-directory of php-fpm is set to

/var/www/php-fpm/

 

My Problem is, that froxlor creates/changes the subdirectories (e.g. /var/www/php-fpm/username) on every master cronjob to owner root:root with permissions 750. This way I get this error on access in the users custom error log from apache stating

(13)Permission denied: [client 77.181.66.50:49690] AH00035: access to /fastcgiphp/index.php denied (filesystem path '/var/www/php-fpm/username/domain.com') because search permissions are missing on a component of the path, referer: http://domain.com/

 

Right now I fixed it by adding a

chmod o+x /var/www/php-fpm/*
to the webserver restart script, that I have configured.

 

Is this due to a misconfiguration or a bug?

 

Regards

jBOKA

 

 

Link to comment
Share on other sites

11 answers to this question

Recommended Posts

So, how can I debug this?

I mean, if permission 750 is correct for /var/www/php-fpm/*

what does this mean for that error? Should I post anything else, or is there mybe a way to get more information on that error?

 

/EDIT:
Just read the Unix permission basics again.

This is the situation:

 

 drwxr-xr-x root    root    /
 drwxr-xr-x root    root    var
 drwxr-xr-x root    root    www
 drwxr-xr-x root    root    php-fpm
 drwxrwx--- root    root    user
 drwxrwx--- user    user    domain.com

There's no way for the user to read the files in the user folder without the x-permission. How should this all work? I mean it's definitely Froxlor who changes the permission (tried it with the master cron). Why is that and what would the misconfiguration be?

Link to comment
Share on other sites

Sorry, I should have emphasized that I meant "froxlor user accounts", the accounts created by froxlor for the customers.

I can login and ssh into the machine using the user credentials from the database (when ftp_users.shell set to '/bin/bash').

 

This is what makes me assume libnss-mysql is working properly.

 

Can you tell me if the created permission are correct? If so, how would the 'user' accout be able to access the mentioned folders/files?

Link to comment
Share on other sites

From the beginning:

 

My Problem is, that froxlor creates/changes the subdirectories (e.g. /var/www/php-fpm/username) on every master cronjob to owner root:root with permissions 750. This way I get this error on access in the users custom error log from apache stating

 

Froxlor does not create/change anything in /var/www/php-fpm/username as this directory is just used as alias (hence the setting-name 'Alias Directory'). Everything create/changed there is caused by fpm and/or apache.

 

So to cut things short:

 

- nopaste vhost of domain

- nopaste fpm pool-config of domain

- show us your fpm-setting (SQL: select * from panel_settings where settinggroup = 'phpfpm';)

Link to comment
Share on other sites

/var/www/php-fpm is not the issue, its the subfolders

 

drwxr-xr-x root    root    /
 drwxr-xr-x root    root    var
 drwxr-xr-x root    root    www
 drwxr-xr-x root    root    php-fpm
 drwxrwx--- root    root    user
 drwxrwx--- user    user    domain.com

 

I use chmod on /var/www/php-fpm/*

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...