Permissions of /run/php-fpm/www.sock getting reset to root when php-fpm restarts after fixing AH02454 permission denied error

httpd php-fpm

I am migrating to a new server to upgrade my internals and I have encountered this error when standing up my apache and PHP

[Fri Apr 09 16:51:26.243820 2021] [proxy:error] [pid 31179:tid 140021109556992] (13)Permission denied: AH02454: FCGI: attempt to connect to Unix domain socket /run/php-fpm/www.sock (*) failed
[Fri Apr 09 16:51:26.243868 2021] [proxy_fcgi:error] [pid 31179:tid 140021109556992] [client 47.213.222.69:56165] AH01079: failed to make connection to backend: httpd-UDS

The /run/php-fpm/www.sock file does exist, but it has root:root permissions. My webserver runs under a user that is not the default apache (the user is sites)

After much searching I found this article PHP-FPM - Error 503 - Attempt to connect to Unix domain socket failed and discovered that the /run/php-fpm/www.sock file needs to be chowed to the same user that runs httpd. So I did $chown sites: /run/php-fpm/www.sock and everything started working.

However, if the php-fpm service is restarted the permissions revert to root:root and PHP pages return 503

So I checked in /etc/php-fpm.d/www.conf and updated the lines:

user = sites
group = apache
 .
 .
 .
listen.owner = sites
listen.group = apache

I chowned the www.sock file again, but when the php-fpm service is restarted it still reverts the permissions of the www.sock file back to root:root

So I am stumped, and there seems to be very little information about this error to be found in my searching. And I know that with the chown command I can resolve the issue, however if my server ever needs to be restarted in the future, I doubt I will remember to do that unless I add an @reboot cron or something, but I shouldn't have to do that. I must be missing some configuration somewhere, I just can't find it.

My system information: Centos 8 Stream, PHP 7.2.24, Apache 2.4.37


I've got the same issue, my config file /etc/php-fpm.d/www.conf was correct as yours.

I solved the issue when i see my php-fpm.service was started as root.

I edit the file /usr/lib/systemd/system/php-fpm.service and add :

[service]
User=youruser
Group=YourGroup

Also check permissions on all path you see in file : /etc/php-fpm.conf, for exemple the log file.

Related

Google Cloud routing with VPCs peered in a partially connected mesh topology
arch linux on zfs root cannot configure grub on bios
Can I tail the log on a Cisco Router?
Change permissions for named volumes in Docker
Alias to SQLEXPRESS
rsync - report only uploaded files [closed]
Apache Tomcat chokes after 300 connections
No tun device in lxc guest for openvpn
How to fix "unable to qualify my own domain name (myhost) -- using short name"?
How to find the service principal assigned to a newly created AKS cluster?
Using Linux IPTables, How to block torrents or any P2P protocols?
Returning "200 OK" in Apache on HTTP OPTIONS requests