• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

Issue php-fpm.sock permission issue

tkalfaoglu

tkalfaoglu

Silver Pleskian
When I reboot the server, all PHP sites display an error "service unavailable" and this in the error_log:

[Sat Jul 14 12:34:28.480024 2018] [proxy:error] [pid 3061:tid 140100046333696] (13)Permission denied: AH02454: FCGI: attempt to connect to Unix domain socket /var/www/vhosts/system/kalfaoglu.com/php-fpm.sock (*) failed


I have to manually do a
find /var/www/vhosts -name php-fpm.sock -exec chmod 666 {} \;
every time to get it the sites to work again.

How to fix this so that the sock file gets created with the correct access mode?
Thanks, -turgut
 
Did you check that the PHP-FPM service is up after a reboot? It might not be an issue with file permissions, but an issue with the service not starting.
 
when i do the chmod the problem goes away. therefore I assume it has to do with the permissions and not the service itself

Sent from my MHA-L29 using Tapatalk
 
It is not likely that a software changes the permissions of all sockets upon a reboot unless the service itself has an issue. For that reason I assumed that the service is not starting after reboot.

Anyway, for your solution please do not set the permissions to 0666, because that will allow anyone to access the socket of every domain, but change it to 0660 instead.

Permissions of the socket file are defined by settings in the individual php-fpm configuration files of the respective domain. The socket is opened by the service with the permissions that are defined in those files. Check your php-fpm.conf file setting, for example for the OS vendor PHP /etc/php-fpm.d/<your-domain.com>.conf or for example for Plesk PHP 7.2 /opt/plesk/php/7.2/etc/php-fpm.d/<your-domain.com>.conf. The socket definition part should look like this:
Code: 
listen = php-fpm.sock
listen.owner = root
listen.group = psaserv
listen.mode = 0660

Are owner and group correct on your individual domain socket files? For example /var/www/vhosts/system/<your-domain.com>/php-fpm.sock should look like this:
Code: 
srw-rw---- 1 root   psaserv    0 MM DD HH:ii php-fpm.sock
 
Thank you; I checked all the php-fpm.conf files and they already all have what you quoted for listen.owner, group and mode.
I will comment out the find command I put in rc.local and reboot the server.. to see how it does..
My gut feeling is that whatever server is invoved, is not running neither as root or psaserv..

BRB..
 
After a reboot, I'm getting the dreaded 503 Service Temporarily Unavailable error.
The domain's hosting settings show: PHP 7.0.30, ... Run PHP as FPM Application served by Apache.
the domain in question has a fancy vhost.conf; perhaps that's causing the problems, for example
it shows if mod_ruid is defined, then
RUidGid kalfaoglu psacln
RGroups psacln

I checked and mod_ruid package is installed. Should it be? Shall I remove it?
 
You must log in or register to reply here.

Similar threads

F
Issue php-fm issue after plesk component updgrade
Replies
4
Views
797
Kaspar
K
P
Issue Switching from FCGI to PHP-FPM fails
Replies
2
Views
2K
Peter99
P
D
Issue 503 error when using www prefix as preferred url - php-fpm socket error
Replies
7
Views
2K
Peter Debik
P
B
Resolved 503 error after changing php_handler_id for site
Replies
6
Views
2K
bbeckford
B
Y
Resolved LightSpeed - FPM application served by Apache uses wrong PHP Version
Replies
2
Views
1K
yogi70
Y
Back
Top