Nginx php-fpm 3 个池中的 1 个不工作:返回 stat() 失败(13:权限被拒绝)

tag-icon tag-icon nginx permissions php-fpm php7 pool
Nginx php-fpm 3 个池中的 1 个不工作:返回 stat() 失败(13:权限被拒绝)

我有 3 个适用于 php7.4-fpm 的 nginx 池 - 系统上的 3 个用户各一个,因为他们有自己的应用程序和文件。这 3 个池的设置完全相同,但最近添加的池存在一些权限问题。

浏览器返回错误 404-未找到。

nginx 日志中返回的错误:

2022/01/18 09:32:16 [crit] 504237#504237:*5120 stat()“/var/www/user3/websites/site.com/index.php”失败(13:权限被拒绝),客户端:XXX.XXX.XXX.XXX,服务器:site.com,请求:“GET / HTTP/2.0”,主机:“site.com”

sudo -u user3 stat /var/www/user3/websites/site.com/index.php

返回

  File: /var/www/user3/websites/site.com/index.php
  Size: 405         Blocks: 8          IO Block: 4096   regular file
Device: 807h/2055d  Inode: 1441895     Links: 1
Access: (0644/-rw-r--r--)  Uid: ( 1003/ user3)   Gid: ( 1003/ user3)
Access: 2022-01-17 20:32:08.081267396 +0000
Modify: 2020-04-26 21:46:41.000000000 +0000
Change: 2022-01-18 09:35:09.129994390 +0000

池配置:

[php7.4-user3]

user = user3
group = user3

listen = 127.0.0.1:9003
listen.owner = nobody
listen.group = nobody
listen.allowed_clients = 127.0.0.1

pm = ondemand
pm.max_children = 24
pm.start_servers = 16
pm.min_spare_servers = 6
pm.max_spare_servers = 24
pm.process_idle_timeout = 900s
pm.max_requests = 55

php_admin_value[error_log] = /var/log/fpm-php7.4.log
php_admin_flag[log_errors] = on
php_admin_value[error_reporting] = E_ALL & ~E_NOTICE & ~E_WARNING & ~E_STRICT & ~E_DEPRECATED

其他池几乎相同,除了池名称、用户和组分别为用户 1、用户 2 并且监听端口不同(例如 9001、9002、9003),因此配置中带有 x。

虚拟主机配置

server {
    server_name site.com   www.site.com;

    access_log /var/log/nginx/site.com.access.log; 
    error_log /var/log/nginx/site.com.error.log;

    root /var/www/user3/websites/site.com;

    index index.php index.html index.htm;

    location / {
      try_files $uri $uri/ /index.php?$args;
    }
    location ~ \.php$ {
      try_files $uri =404;
      include fastcgi_params;
      fastcgi_pass 127.0.0.1:9003;
    }

    listen 443 ssl http2;
    ssl_certificate /etc/letsencrypt/live/site.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/site.com/privkey.pem;
    include /etc/letsencrypt/options-ssl-nginx.conf;
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
}
server {
    if ($host = www.site.com) {
        return 301 https://$host$request_uri;
    }
    if ($host = site.com) {
        return 301 https://$host$request_uri;
    }
    listen XXX.XXX.XXX.XXX:80;
    server_name site.com   www.site.com;
    return 404;
}

我缺少 user3 的什么,所以 nginx 和 fpm 可以工作? user1 和 user2 的相同配置可以正常工作。

答案1

似乎文件夹 /var/www/user3 的权限是 750,而不是 755。现在它可以正常工作了。

相关内容