Sisir Adhikari Posted April 23, 2020 Posted April 23, 2020 My users are having this problem. It is weird because the site was working last night. connect() to unix:/var/run/1-pronob-xxxx.com-php-fpm.socket failed (13: Permission denied) while connecting to upstream The result of groups www-data www-data : www-data froxlorlocal xxxx xxxx xxxx xxxx xxxx pronob www-data is successfully added to the group of the user. So, no issue there. Permission of socket file seems to be okay too. cd/var/run ls -l srw-rw---- 1 pronob pronob 0 Apr 23 07:22 1-pronob-xxxx.com-php-fpm.socket How to further troubleshot this issue?
0 d00p Posted April 24, 2020 Posted April 24, 2020 Looks all good from here. Users are correct. Ownership is correct. Most likely, if it's only very limited and temporary (1 or 2 requests) then possibly it's just a php-fpm restart or similar.
0 d00p Posted April 23, 2020 Posted April 23, 2020 Hard to get anything out of this, please provide logs, vhost-config, pool-configs, list of the customers docroot/domain docroot, etc. regarding this domain and customer
0 Sisir Adhikari Posted April 23, 2020 Author Posted April 23, 2020 Sorry, it seems all of the site having issues now. error is the same. When I change ownership of socket files to www-data:www-data sites are working. I am looking further into this. Will post more soon.
0 d00p Posted April 23, 2020 Posted April 23, 2020 Then you clearly configured something wrong - fpm runs with the customers users, the socket should NOT belong to www-data
0 Sisir Adhikari Posted April 23, 2020 Author Posted April 23, 2020 2 minutes ago, d00p said: the socket should NOT belong to www-data They do not, their ownership belongs to users. I was saying when I "change" socket file ownership to www-data sites are back up.
0 d00p Posted April 23, 2020 Posted April 23, 2020 yes and what I meant with "the socket should NOT belong to www-data" was that this behaviour is clearly wrong if it works after chown'ing to www-data
0 Sisir Adhikari Posted April 23, 2020 Author Posted April 23, 2020 The problem seem to be fixed itself after a cron run. Still don't have any clue what happened.
0 Sisir Adhikari Posted April 24, 2020 Author Posted April 24, 2020 Getting the problem again very randomly. No clue why this is happening. 2020/04/24 07:34:58 [crit] 1049#1049: *56685 connect() to unix:/var/run/1-pronob-xxxx.com-php-fpm.socket failed (13: Permission denied) while connecting to upstream, client: 162.158.207.135, server: xxxxx.com, request: "GET /%e0%a6%b0%e0%a6%be%e0%a6%a8%e0%a6%be%e0%a6%aa%e0%a7%8d%e0%a6%b2%e0%a6%be%e0%a6%9c%e0%a6%be-%e0%a6%86%e0%a6%b9%e0%a6%a4%e0%a6%a6%e0%a7%87%e0%a6%b0-%e0%a6%b8%e0%a7%81%e0%a6%9a%e0%a6%bf%e0%a6%95%e0%a6%bf/ HTTP/1.1", upstream: "fastcgi://unix:/var/run/1-pronob-xxxx.com-php-fpm.socket:", host: "xxxxx.com", referrer: "http://m.facebook.com/"
0 d00p Posted April 24, 2020 Posted April 24, 2020 On 4/23/2020 at 9:41 AM, d00p said: Hard to get anything out of this, please provide logs, vhost-config, pool-configs, list of the customers docroot/domain docroot, etc. regarding this domain and customer
0 Sisir Adhikari Posted April 24, 2020 Author Posted April 24, 2020 Where do I find pool config? Below list of configs and logs as requested. Vhost Config for site: server { listen 173.82.54.45:443 ssl; server_name xxxx.com www.xxxx.com; ssl_protocols TLSv1 TLSv1.2 TLSv1.3; ssl_ciphers ECDH+AESGCM:ECDH+AES256:!aNULL:!MD5:!DSS:!DH:!AES128; ssl_prefer_server_ciphers off; ssl_session_tickets on; ssl_session_cache shared:SSL:10m; ssl_certificate /etc/ssl/froxlor-custom/xxxx.com.crt; ssl_certificate_key /etc/ssl/froxlor-custom/xxxx.com.key; add_header Strict-Transport-Security "max-age=0"; ssl_stapling on; ssl_stapling_verify on; ssl_trusted_certificate /etc/ssl/froxlor-custom/xxxx.com.crt; include /etc/apache2/conf-enabled/acme.conf; access_log /var/customers/logs/pronob-access.log combined; error_log /var/customers/logs/pronob-error.log error; root /var/customers/webs/pronob/xxxx.com/; location / { index index.php index.html index.htm; try_files $uri $uri/ @rewrites; } location @rewrites { rewrite ^ /index.php last; } location ~ ^(.+?\.php)(/.*)?$ { try_files /0f6cdec4d4006fb06b92f065192e2d00.htm @php; } location @php { try_files $1 =404; include /etc/nginx/fastcgi_params; fastcgi_split_path_info ^(.+?\.php)(/.*)$; fastcgi_param SCRIPT_FILENAME $request_filename; fastcgi_param PATH_INFO $2; fastcgi_param HTTPS on; fastcgi_pass unix:/var/run/1-pronob-xxxx.com-php-fpm.socket; fastcgi_index index.php; } } $ ls -l /var/customers/webs/pronob -rw-r--r-- 1 pronob pronob 6422 Mar 8 06:44 index.html drwxr-xr-x 10 pronob pronob 4096 Apr 24 14:16 odhikarbd.com drwxr-xr-x 2 pronob pronob 4096 Apr 18 18:50 pronob.server.vimohost.com drwxr-xr-x 2 pronob pronob 4096 Apr 24 00:01 webalize $ ls -la /var/customers/webs/pronob/odhikarbd.com drwxr-xr-x 10 pronob pronob 4096 Apr 24 14:16 . drwxr-xr-x 5 pronob pronob 4096 Apr 18 20:30 .. -rw-r--r-- 1 pronob pronob 227 Apr 18 20:16 active.php drwxr-xr-x 2 pronob pronob 4096 Apr 18 20:16 cgi-bin -rw-r--r-- 1 pronob pronob 53 Apr 18 20:16 google86cdd11e02e76bd5.html -rw-r--r-- 1 pronob pronob 743 Apr 18 20:16 .htaccess__67c55ca-18180332 -rw-r--r-- 1 pronob pronob 405 Apr 18 20:16 index.php -rw-r--r-- 1 pronob pronob 19915 Apr 18 20:16 license.txt drwxr-xr-x 2 pronob pronob 4096 Apr 18 20:16 .quarantine -rw-r--r-- 1 pronob pronob 7278 Apr 18 20:16 readme.html drwxr-xr-x 2 pronob pronob 4096 Apr 18 20:16 .tmb drwxr-xr-x 3 pronob pronob 4096 Apr 18 20:16 .well-known -rw-r--r-- 1 pronob pronob 6912 Apr 18 20:16 wp-activate.php drwxr-xr-x 9 pronob pronob 4096 Apr 18 20:16 wp-admin -rw-r--r-- 1 pronob pronob 351 Apr 18 20:16 wp-blog-header.php -rw-r--r-- 1 pronob pronob 2275 Apr 18 20:16 wp-comments-post.php -rw------- 1 pronob pronob 2882 Apr 18 20:38 wp-config.php -rw-r--r-- 1 pronob pronob 2913 Apr 18 20:16 wp-config-sample.php drwxr-xr-x 10 pronob pronob 4096 Apr 24 14:29 wp-content -rw-r--r-- 1 pronob pronob 3940 Apr 18 20:16 wp-cron.php drwxr-xr-x 21 pronob pronob 12288 Apr 18 20:16 wp-includes -rw-r--r-- 1 pronob pronob 2496 Apr 18 20:16 wp-links-opml.php -rw-r--r-- 1 pronob pronob 3300 Apr 18 20:16 wp-load.php -rw-r--r-- 1 pronob pronob 47874 Apr 18 20:16 wp-login.php -rw-r--r-- 1 pronob pronob 8501 Apr 18 20:16 wp-mail.php -rw-r--r-- 1 pronob pronob 19396 Apr 18 20:16 wp-settings.php -rw-r--r-- 1 pronob pronob 31111 Apr 18 20:16 wp-signup.php drwxr-xr-x 4 pronob pronob 4096 Apr 21 13:55 wp-snapshots -rw-r--r-- 1 pronob pronob 4755 Apr 18 20:16 wp-trackback.php -rw-r--r-- 1 pronob pronob 3133 Apr 18 20:16 xmlrpc.php
0 d00p Posted April 24, 2020 Posted April 24, 2020 Pool config is in /etc/php/[version optionally]/fpm/pool.d/
0 Sisir Adhikari Posted April 24, 2020 Author Posted April 24, 2020 PHP FPM 7.2 Pool config ;PHP-FPM configuration for "odhikarbd.com" created on 2020.04.24 07:35:03 [odhikarbd.com] listen = /var/run/1-pronob-odhikarbd.com-php-fpm.socket listen.owner = pronob listen.group = pronob listen.mode = 0660 user = pronob group = pronob pm = dynamic pm.max_children = 5 pm.start_servers = 2 pm.min_spare_servers = 1 pm.max_spare_servers = 3 pm.max_requests = 0 ;chroot = /var/customers/webs/pronob/odhikarbd.com/ security.limit_extensions = .php env[PATH] = /usr/local/bin:/usr/bin:/bin env[TMP] = /var/customers/tmp/pronob/ env[TMPDIR] = /var/customers/tmp/pronob/ env[TEMP] = /var/customers/tmp/pronob/ php_admin_value[session.save_path] = /var/customers/tmp/pronob/ php_admin_value[upload_tmp_dir] = /var/customers/tmp/pronob/ php_admin_flag[allow_url_fopen] = On php_admin_flag[allow_url_include] = Off php_value[auto_append_file] = php_value[auto_prepend_file] = php_value[default_charset] = "UTF-8" php_flag[asp_tags] = Off php_admin_value[disable_functions] = pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,curl_multi_exec,exec,parse_ini_file,passthru,popen,proc_close,proc_get_status,proc_nice,proc_open,proc_terminate,shell_exec,show_source,system php_flag[display_errors] = Off php_flag[display_startup_errors] = Off php_admin_flag[enable_dl] = Off php_value[error_reporting] = E_ALL & ~E_DEPRECATED & ~E_STRICT & ~E_NOTICE php_admin_flag[expose_php] = Off php_admin_flag[file_uploads] = On php_flag[html_errors] = On php_admin_flag[ignore_repeated_errors] = Off php_admin_flag[ignore_repeated_source] = Off php_value[include_path] = ".:/usr/share/php/:/usr/share/php5/" php_flag[log_errors] = On php_admin_flag[log_errors] = On php_value[log_errors_max_len] = 1024 php_flag[mail.add_x_header] = Off php_value[max_execution_time] = 30 php_admin_value[max_input_time] = 60 php_admin_value[memory_limit] = 128M php_admin_value[output_buffering] = 4096 php_admin_value[post_max_size] = 16M php_admin_value[precision] = 14 php_admin_flag[register_argc_argv] = Off php_admin_flag[report_memleaks] = On php_admin_value[sendmail_path] = "/usr/sbin/sendmail -t -i -f xxxx@gmail.com" php_value[session.auto_start] = 0 php_value[session.cookie_domain] = php_value[session.cookie_lifetime] = 0 php_value[session.cookie_path] = / php_admin_value[session.gc_divisor] = 1000 php_admin_value[session.gc_probability] = 0 php_value[session.name] = PHPSESSID php_value[session.serialize_handler] = php php_flag[session.use_cookies] = 1 php_flag[short_open_tag] = On php_value[upload_max_filesize] = 32M php_admin_value[variables_order] = "GPCS" php_admin_value[opcache.restrict_api] = "/var/customers/webs/pronob/odhikarbd.com/"
0 Sisir Adhikari Posted April 24, 2020 Author Posted April 24, 2020 My client also reported few 522 errors from cloudflare as well. So, could it be php-fpm hanging generating gateway timeout?
0 d00p Posted April 24, 2020 Posted April 24, 2020 Well the configs are generated and then the fpm daemon is just being reloaded, so this is a tiny second if at all downtime. Maybe it's cloudflare <> your host?
0 Sisir Adhikari Posted April 24, 2020 Author Posted April 24, 2020 Can not be cloudflare but this client have good traffic in his site. Is there a way I can increase php-fpm processes for a single domain?
0 d00p Posted April 24, 2020 Posted April 24, 2020 Sure, you can adjust the used process-manager (pm) and the corresponding settings regarding child-processes etc., just go to your fpm-versions/php-confgurations
0 Sisir Adhikari Posted April 24, 2020 Author Posted April 24, 2020 Thank you for your support! I will change if necessery. Most concerning thing is the permission error right now. I will wait for next 24 hours to see if this problem persists.
Question
Sisir Adhikari
My users are having this problem. It is weird because the site was working last night.
The result of
groups www-data www-data : www-data froxlorlocal xxxx xxxx xxxx xxxx xxxx pronobwww-data is successfully added to the group of the user. So, no issue there. Permission of socket file seems to be okay too.
cd/var/run ls -l srw-rw---- 1 pronob pronob 0 Apr 23 07:22 1-pronob-xxxx.com-php-fpm.socketHow to further troubleshot this issue?
17 answers to this question
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now