nginx+php-fpm(chroot)。未指定输入文件

tag-icon tag-icon php nginx php-fpm chroot
nginx+php-fpm(chroot)。未指定输入文件

操作系统:Centos PHP:5.5.6 Nginx:1.4.4

Nginx 配置

server {
listen 80;
server_name example.ltd;

root /srv/example.ltd/www;
index index.php;
access_log /srv/example.ltd/logs/nginx-main.log main;
error_log /srv/example.ltd/logs/nginx-error.log warn;

autoindex on;

location / {
    try_files $uri $uri/ /index.php;
}

location ~ \.php$ {

fastcgi_pass unix:/srv/example.ltd/tmp/example.ltd.sock;
    fastcgi_index index.php;
    fastcgi_param SCRIPT_NAME /www$fastcgi_script_name;
    fastcgi_param PATH_INFO $fastcgi_path_info;
    fastcgi_param SERVER_NAME $host;
    fastcgi_param SCRIPT_FILENAME /www$fastcgi_script_name;
    include fastcgi_params;
}

}

php-fpm 池配置

[example.ltd]
listen = /srv/example.ltd/tmp/example.ltd.sock
listen.allowed_clients = 127.0.0.1
listen.owner = example.ltd
listen.group = example.ltd
listen.mode = 0660
user = example.ltd
group = example.ltd
pm = dynamic
pm.max_children = 50
pm.start_servers = 5
pm.min_spare_servers = 5
pm.max_spare_servers = 35
pm.max_requests = 50
request_slowlog_timeout = 60
chroot = /srv/example.ltd
chdir = /www
catch_workers_output = yes
security.limit_extensions = .php .php3 .php4 .php5
env[HOSTNAME] = example.ltd
env[TMP] = /srv/example.ltd/tmp
env[TMPDIR] = /srv/example.ltd/tmp
env[TEMP] = /srv/example.ltd/tmp
php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i [email protected]
php_admin_value[error_log] = /srv/example.ltd/logs/php-fpm-error.log
slowlog = /srv/example.ltd/logs/php-fpm-slow.log
php_admin_flag[log_errors] = on
php_flag[display_errors] = on
php_value[session.save_handler] = files
php_value[session.save_path] = /srv/example.ltd/sessions
php_value[soap.wsdl_cache_dir] = /srv/example.ltd/wsdlcache
php_admin_value[disable_functions] = dl,exec,passthru,shell_exec,system,proc_open,popen,curl_exec,curl_multi_exec
php_admin_value[open_basedir] = /srv/example.ltd:/usr/share/nginx/html

ls -la 来自 /srv

drwxrwx---  8 example.ltd example.ltd 4096 Dec  2 11:57 example.ltd

ps 辅助 | grep 示例.ltd

500      23102  0.0  2.7 702936  7304 ?        S    13:38   0:00 php-fpm: pool example.ltd
500      23103  0.0  2.7 702936  7308 ?        S    13:38   0:00 php-fpm: pool example.ltd
500      23104  0.0  2.7 702936  7304 ?        S    13:38   0:00 php-fpm: pool example.ltd
500      23105  0.0  2.7 702936  7304 ?        S    13:38   0:00 php-fpm: pool example.ltd
500      23106  0.0  2.7 702936  7340 ?        S    13:38   0:00 php-fpm: pool example.ltd

id 示例.ltd

uid=500(example.ltd) gid=500(example.ltd) groups=500(example.ltd),499(nginx)

nginx 标识

uid=498(nginx) gid=499(nginx) groups=499(nginx),500(example.ltd)

我有错误:

Unable to open primary script: /www/index.php (No such file or directory)

我尝试在 nginx 配置文件中进行更改

fastcgi_param SCRIPT_FILENAME /www$fastcgi_script_name;


fastcgi_param SCRIPT_FILENAME $fastcgi_script_name;

也可以尝试:

fastcgi_param SCRIPT_FILENAME www$fastcgi_script_name;

但有错误:

Unable to open primary script: /index.php (No such file or directory)

ps 静态文件在 nginx 下工作,php 脚本不工作

我究竟做错了什么?

答案1

在 php-fpm 池上

你应该有

prefix = /srv/example.ltd

然后修复一些与 chroot 相关的路径

chroot = $prefix
listen = tmp/example.ltd.sock
chdir = /
# yes, this is in /srv/example.ltd/tmp
env[TMP] = /tmp
env[TMPDIR] = /tmp
env[TEMP] = /tmp
php_admin_value[error_log] = /logs/php-fpm-error.log
php_value[session.save_path] = /srv/example.ltd/sessions
php_value[soap.wsdl_cache_dir] = /wsdlcache
# only paths INSIDE your chroot
php_admin_value[open_basedir] = /www:/lib
# same here, only INSIDE
php_value[include_path] =".:/www:/www/include:/lib"
# this one does not use the chroot
slowlog = /srv/example.ltd/logs/php-fpm-slow.log

对于 sendmail_path,我很确定这不会起作用,您将需要在 chroot 中使用实用程序、库和设备,通常对于 chrooted php-fpm,您最好在 TCP/IP 上使用 SMTP 而不是 sendmail。

在 nginx 端似乎没问题,你fastcgi_pass unix:$document_root/../tmp/example.ltd.sock;也可以使用它。以下是我这边的情况:

fastcgi_split_path_info ^(.+\.php)(/.+)$
fastcgi_param SCRIPT_FILENAME /www$fastcgi_script_name;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_param DOCUMENT_ROOT /www;
fastcgi_param HOME /www;
fastcgi_param PATH_TRANSLATED /www$fastcgi_path_info;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param HOSTNAME $server_name;
fastcgi_param  QUERY_STRING       $query_string;
fastcgi_param  CONTENT_TYPE       $content_type;
fastcgi_param  CONTENT_LENGTH     $content_length;
fastcgi_param  REQUEST_URI        $request_uri;
fastcgi_param  DOCUMENT_URI       $document_uri;
fastcgi_param  SERVER_PROTOCOL    $server_protocol;
fastcgi_param  GATEWAY_INTERFACE  CGI/1.1;
fastcgi_param  SERVER_SOFTWARE    nginx/$nginx_version;
fastcgi_param  CONTENT_TYPE       $content_type;
fastcgi_param  CONTENT_LENGTH     $content_length;
fastcgi_param  REMOTE_PORT        $remote_port;
fastcgi_param  SERVER_ADDR        $server_addr;
fastcgi_param  SERVER_PORT        $server_port;
fastcgi_param  SERVER_NAME        $server_name;
fastcgi_param  REDIRECT_STATUS    200;

答案2

@regilero:您的设置 php-fpm 的示例不起作用,同样的事情,它正在寻找以下脚本:

根/srv/example.ltd/www;

不在

文档根目录/www;

相关内容