Problems with session data permissions, multiple UIDs on multiple PHP-FPM pools

Question

I run an nginx server with 40 identical webapps on 40 different ports in 40 different PHP-FPM pools. Each pool is run on a separate user.

My sessions.save_path in php.ini is /tmp/php_sessions. Let's say I first visit http://mywebsite.com:5007. I can observe this file pop up in /tmp/php_sessions:

-rw------- 1 www-data07 www-data07     0 jan.  17 00:35 sess_bb84gmtago2u33g1jmtbhdcu80

Then I visit http://mywebsite.com:5008. In my browser, I can read this error

Warning: Unknown: open(/tmp/php_sessions/sess_bb84gmtago2u33g1jmtbhdcu80, O_RDWR) failed: Permission denied (13) in Unknown on line 0

Warning: Unknown: Failed to write session data (files). Please verify that the current setting of session.save_path is correct (/tmp/php_sessions) in Unknown on line 0

I get that this is because the user www-data08 is trying to write to a file where only www-data07 has write permissions. But why doesn't www-data08 make it's own session data? How can I fix this?

Answer 1

I was slightly fast on the trigger here. In my particular instance, the problem was that all 40 webapps shared the same cookie in my browser. When I moved from port 5007 to port 5008, my browser was trying to continue my session from port 5007, but with a different backend UID.