PHP upgrade always breaks session folder permissions

Every time I upgrade php (via yum upgrade) on my CentOS box, my /var/lib/session folder ownership becomes root:apache with 600 permissions. I use nginx as my web server. This breaks my site and prevents sessions from being stored.

The fix is simply to chown nginx:nginx the folder. But I have to manually do this every time yum updates php.

I imagine the problem stems from the fact that when I initially set the box up I ran apache. Where can I change this config to "nginx" to fix this issue? I had a look in php.ini but couldn't see anything relevant in there. The session directory is specified, but nothing about the user.


The best way is to use a different session directory for each user/pool.

In php-fpm.d/www.conf (already altered to change the user), and as explained in the comment.

user = foo

; Set session path to a directory owned by process user
php_value[session.save_handler] = files
php_value[session.save_path]    = /var/lib/php/foo/session
php_value[soap.wsdl_cache_dir]  = /var/lib/php/foo/wsdlcache

Thus, these new directories won't be changed on next update.

BTW, there is absolutely no need to change the user, you can use nginx and keep fpm running as apache (especially as most of packaged web applications rely on this)