Ad

Php-fpm Being Run By 2 Users Causing Permission Issues

- 1 answer

my ps aux | grep php-fpm output

root     22583  0.0  0.3 447796 26580 ?        Ss   15:00   0:00 php-fpm: master process (/etc/php/7.3/fpm/php-fpm.conf)
www-data 22605  0.0  0.7 1420740 58344 ?       S    15:00   0:01 php-fpm: pool www
www-data 22608  0.0  0.4 457224 40184 ?        S    15:00   0:00 php-fpm: pool www
ubuntu   23865  0.0  0.0  15184  1044 pts/1    S+   17:08   0:00 grep --color=auto php-fpm

as you can see in the last line php-fpm is ran by ubuntu instead of www-data (I use nginx + php, where nginx user is www-dataWhere I assume my problem lies). So in my application (Laravel based) the log files are being created on behalf of the ubuntu user. When the application is running its throwing permission denied error. Because it can't read the log files.

When I chown the log files to www-data it works fine. But every new log file is owned by the ubuntu user, and then I will have to chown them every day :(. How can I change the user of the php-fpm essentially to fix the permission issues?

Edit: also I have added the ubuntu user to www-data group but still ubuntu can't edit any files owned by www-data

Ad

Answer

You can use setfacl

HTTPDUSER=$(ps axo user,comm | grep -E '[a]pache|[h]ttpd|[_]www|[w]ww-data|[n]ginx' | grep -v root | head -1 | cut -d\  -f1)
sudo setfacl -dR -m u:"$HTTPDUSER":rwX -m u:$(whoami):rwX /log/folder/laravel/project
sudo setfacl -R -m u:"$HTTPDUSER":rwX -m u:$(whoami):rwX /log/folder/laravel/project

See symfony docs: https://symfony.com/doc/3.3/setup/file_permissions.html#using-acl-on-a-system-that-supports-setfacl-linux-bsd

Ad
source: stackoverflow.com
Ad