我将nginx更新到1.4.7,将php更新到5.5.12,之后我得到了502错误。在我更新之前,一切都很好。
nginx-error.log
2014/05/03 13:27:41 [crit] 4202#0: *1 connect() to unix:/var/run/php5-fpm.sock failed (13: Permission denied) while connecting to upstream, client: xx.xxx.xx.xx, server: localhost, request: "GET / HTTP/1.1", upstream: "fastcgi://unix:/var/run/php5-fpm.sock:", host: "xx.xx.xx.xx"
nginx.conf
user www www;
worker_processes 1;
location / {
root /usr/home/user/public_html;
index index.php index.html index.htm;
}
location ~ [^/]\.php(/|$) {
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /usr/home/user/public_html$fastcgi_script_name;
include fastcgi_params;
}
我今天更新了我的机器(更新了PHP),运行Ubuntu 14.04,再次得到这个错误。分发配置文件/etc/php5/fpm/pool.d/www.conf很好,目前不需要任何更改。
我发现以下错误:
dmesg | grep php
[...]
[ 4996.801789] traps: php5-fpm[23231] general protection ip:6c60d1 sp:7fff3f8c68f0 error:0 in php5-fpm[400000+800000]
[ 6788.335355] traps: php5-fpm[9069] general protection ip:6c5d81 sp:7fff98dd9a00 error:0 in php5-fpm[400000+7ff000]
奇怪的是,我在这台机器上运行了两个使用PHP-FPM的网站,其中一个运行正常,另一个(一个Tiny Tiny RSS安装)给了我一个502,这两个网站之前都运行正常。
我比较了这两个配置文件,发现fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;受影响的站点缺失。
两个配置文件现在都包含以下块,并再次正常运行:
location ~ \.php$ {
fastcgi_pass unix:/var/run/php5-fpm.sock;
include /etc/nginx/snippets/fastcgi-php.conf;
}
更新
值得注意的是,Ubuntu提供了两个fastcgi相关的参数文件和一个配置片段,这是在Vivid和PPA版本中提供的。相应更新了解决方案。
fastcgi参数文件的Diff:
$ diff -up fastcgi_params fastcgi.conf
--- fastcgi_params 2015-07-22 01:42:39.000000000 +0200
+++ fastcgi.conf 2015-07-22 01:42:39.000000000 +0200
@@ -1,4 +1,5 @@
+fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
/etc/nginx/snippets/fastcgi-php.conf中的配置片段
# regex to split $uri to $fastcgi_script_name and $fastcgi_path
fastcgi_split_path_info ^(.+\.php)(/.+)$;
# Check that the PHP script exists before passing it
try_files $fastcgi_script_name =404;
# Bypass the fact that try_files resets $fastcgi_path_info
# see: http://trac.nginx.org/nginx/ticket/321
set $path_info $fastcgi_path_info;
fastcgi_param PATH_INFO $path_info;
fastcgi_index index.php;
include fastcgi.conf;
除了在你的php配置中扩大权限,你可以改变你的nginx配置中指定的用户。
在上面的nginx.conf摘录的第一行,用户和组分别被指定为www和www。
user www www;
同时,你的php配置可能会指定一个用户和一组www-data:
listen.owner = www-data
listen.group = www-data
你可以将nginx.conf中的这一行更改为以下任何一行:
user www-data www;
user www-data www-data; # or any group, really, since you have the user matching
user www www-data; # requires that your php listen.mode gives rw access to the group
