27

I'm running LEMP with PHP7.0.

I've got this in my server block

fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;

But when I open the site, it returns a 502 Bad Gateway. Below is the error log.

*1 connect() to unix:/var/run/php/php7.0-fpm.sock failed (13: Permission denied) while connecting to upstream, client: xxx.xxx.xxx.xxx, server: example.com, request: "GET / HTTP1.1", upstream: "fsatcgi://unix:/var/run/php/php7.0-fpm.sock:", host: "example.com"

It says Permission Denied. What's wrong here? I've checked but I can't seem to find what needs to be given what kind of permission.

Thank you.

julio
  • 894
  • 1
  • 9
  • 13

5 Answers5

40

I got it working.

The php user was www-data but the nginx user was nginx.

Check php here: /etc/php/7.0/fpm/pool.d/www.conf

listen.owner = www-data
listen.group = www-data
listen.mode = 0660

Nginx user was at /etc/nginx/nginx.conf

This guided me: https://stackoverflow.com/questions/23443398/nginx-error-connect-to-php5-fpm-sock-failed-13-permission-denied

julio
  • 894
  • 1
  • 9
  • 13
  • 12
    You can change nginx to use _www-data_ user, or, as I did, add _nginx_ user to the _www-data_ group using `sudo usermod -a -G www-data nginx` – chech Jan 04 '17 at 23:27
8

I have fixed same issue by taking following steps.

Open your www.conf files (Example : sudo nano /etc/php-fpm.d/www.conf) Lastly, find the lines that set the listen.owner and listen.group and change their values from "nobody" to "nginx":

listen.owner = nginx
listen.group = nginx
listen.mode = 0660

Lastly, find the lines that set the user and group and change their values from "apache" to "nginx":

user = nginx
group = nginx

Restart php-fpm (sudo service php-fpm restart)

Nanhe Kumar
  • 409
  • 4
  • 6
2
vim /etc/php-fpm.d/www.conf
change in this way
;listen.owner = root
;listen.group = root
;listen.owner = nobody
;listen.group = nobody

listen.owner = nginx
listen.group = nginx 

service php-fpm restart
service nginx restart

CentOS release 6.9 (Final)

Gabo Ram
  • 31
  • 1
  • 2
    Welcome on the site! It is an unexplained config snippet, I can't see how would it answer the question. – peterh Apr 27 '17 at 00:36
0

Please NOTICE (at least in centos 8) the user who you are assigning listen.owner and other stuff to it MUST be in the same POOL with the user for example given I am the foo user

[www] # WRONG | IN MY CASE I WAS UNDER www POOL SO IT WASNT WORKING FOR ME.
[foo] # CORRECT | THE POOL AND THE USER MATCHES.

listen.owner = foo
listen.group = foo
listen.mode = 0660
user = foo
group = foo

I dont know if there's a global pool but after hours of searching I finlly did it.

0

Make sure the user for the run nginx-process has permission for access to php-fpm socket.

So there is my configuration on the AWS.

I guess run php-process and nginx-pool as your user, not as root user.

php-socket-own

nginx-config-user-run-pool

Dylan Ngo
  • 1
  • 2