Opened 10 years ago

Closed 10 years ago

Last modified 10 years ago

#483 closed defect (invalid)

Nginx failed with php5-fpm for new php frameworks

Reported by: AARYAN ADITYA Owned by:
Priority: major Milestone: 1.5
Component: nginx-module Version: 1.5.x
Keywords: Cc:
uname -a: Linux localhost 3.9.3-x86_64-linode33 #1 SMP Mon May 20 10:22:57 EDT 2013 x86_64 x86_64 x86_64 GNU/Linux
nginx -V: nginx version: nginx/1.5.0
TLS SNI support enabled
configure arguments: --prefix=/usr/share/nginx --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-client-body-temp-path=/var/lib/nginx/body --http-fastcgi-temp-path=/var/lib/nginx/fastcgi --http-log-path=/var/log/nginx/access.log --http-proxy-temp-path=/var/lib/nginx/proxy --http-scgi-temp-path=/var/lib/nginx/scgi --http-uwsgi-temp-path=/var/lib/nginx/uwsgi --lock-path=/var/lock/nginx.lock --pid-path=/run/nginx.pid --with-pcre-jit --with-debug --with-http_addition_module --with-http_dav_module --with-http_geoip_module --with-http_gzip_static_module --with-http_image_filter_module --with-http_realip_module --with-http_stub_status_module --with-http_ssl_module --with-http_sub_module --with-http_xslt_module --with-ipv6 --with-mail --with-mail_ssl_module --add-module=/build/buildd/nginx-1.5.0/debian/modules/nginx-auth-pam --add-module=/build/buildd/nginx-1.5.0/debian/modules/nginx-dav-ext-module --add-module=/build/buildd/nginx-1.5.0/debian/modules/nginx-echo --add-module=/build/buildd/nginx-1.5.0/debian/modules/nginx-upstream-fair --add-module=/build/buildd/nginx-1.5.0/debian/modules/ngx_http_substitutions_filter_module

Description

Hi Team,

Today i got a very strange error . In my server i have deployed 3 php web application . which are bult using yii ,laravel php and wordpress frameworks . but one my website is loading very slow which is built with laravel. when i see error log .. for every one minute 2 errors are logged .. same error repeated for whole day. i contacted larvel they confirmed that its problem with nginx .. its not perfectly compiling with php5-fpm . The thing is that when i check load testing .. its noot even accepting 50 requests .

Here is the error info

22014/01/08 19:50:15 [crit] 7546#0: *35180 open() "/var/lib/nginx/fastcgi/9/28/0000000289" failed (13: Permission denied) while reading upstream, client: 50.112.95.211, server: www.domainname.com, request: "GET / HTTP/1.0", upstream: "fastcgi://unix:/var/run/php5-fpm.sock:", host: "www.domainname.com"
2014/01/08 19:50:33 [crit] 7546#0: *35234 open() "/var/lib/nginx/fastcgi/0/29/0000000290" failed (13: Permission denied) while reading upstream, client: 184.73.237.85, server: www.domainname.com, request: "GET / HTTP/1.0", upstream: "fastcgi://unix:/var/run/php5-fpm.sock:", host: "www.domainname.com"
2014/01/08 19:52:15 [crit] 7546#0: *35486 open() "/var/lib/nginx/fastcgi/1/29/0000000291" failed (13: Permission denied) while reading upstream, client: 50.112.95.211, server: www.domainname.com, request: "GET / HTTP/1.0", upstream: "fastcgi://unix:/var/run/php5-fpm.sock:", host: "www.domainname.com"
2014/01/08 19:52:32 [crit] 7546#0: *35599 open() "/var/lib/nginx/fastcgi/2/29/0000000292" failed (13: Permission denied) while reading upstream, client: 184.73.237.85, server: www.domainname.com, request: "GET / HTTP/1.0", upstream: "fastcgi://unix:/var/run/php5-fpm.sock:", host: "www.domainname.com"
2014/01/08 19:54:16 [crit] 7546#0: *36037 open() "/var/lib/nginx/fastcgi/3/29/0000000293" failed (13: Permission denied) while reading upstream, client: 50.112.95.211, server: www.domainname.com, request: "GET / HTTP/1.0", upstream: "fastcgi://unix:/var/run/php5-fpm.sock:", host: "www.domainname.com"

Environment:

Server Software: nginx/1.5.6
operating system: Ubuntu 13.04 (Linux 3.8.0-26-generic)
Fastcgi: php-fpm
php version: PHP 5.5.6-1+debphp.org~raring+2 (cli) (built: Nov 21 2013 14:39:09)
mysql 5.5
laravel : 4.0

wt@localhost:~$ sudo nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful

Here the strange thing is i am not getting any errors for remaining two websites . if this error raised really due to permission problem .. other websites also should report the same error . but they are not reporting anything ...

i even tried this also

sudo chown www-data.www-data /var/lib/nginx

but after this also same error repeated for same website

2014/01/08 20:21:47 [crit] 18283#0: *214 open() "/var/lib/nginx/fastcgi/1/00/0000000001" failed (13: Permission denied) while reading upstream, client: 50.112.95.211, server: www.domainname.com, request: "GET / HTTP/1.0", upstream: "fastcgi://unix:/var/run/php5-fpm.sock:", host: "www.domainname.com"
2014/01/08 20:22:04 [crit] 18283#0: *256 open() "/var/lib/nginx/fastcgi/2/00/0000000002" failed (13: Permission denied) while reading upstream, client: 184.73.237.85, server: www.domainname.com, request: "GET / HTTP/1.0", upstream: "fastcgi://unix:/var/run/php5-fpm.sock:", host: "www.domainname.com"

my nginx configuration:

root@localhost:/# cat /etc/nginx/nginx.conf
# -*- mode: nginx; mode: flyspell-prog; ispell-local-dictionary: "american" -*-

### Very basic Nginx configuration.
user www-data;
worker_processes 1;

#user www-data; worker_processes 1;
#user nginx; worker_processes 1;

worker_rlimit_nofile 8192;

events {
worker_connections 8000;
multi_accept on;
accept_mutex on;
}

error_log /var/log/nginx/error.log;
pid /var/run/nginx.pid;

http {

proxy_connect_timeout 600s;
proxy_send_timeout 600s;
proxy_read_timeout 600s;
fastcgi_send_timeout 600s;
fastcgi_read_timeout 600s;

include /etc/nginx/mime.types;

default_type application/octet-stream;

# Format for our log files
log_format main '$remote_addr - $remote_user [$time_local] $status '
'"$request" $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';

# Click tracking!
access_log /var/log/nginx/access.log main;

# Hide nginx version
server_tokens off;
client_max_body_size 300m;

# ~2 seconds is often enough for HTML/CSS, but connections in
# Nginx are cheap, so generally it's safe to increase it
keepalive_timeout 20;

# You usually want to serve static files with Nginx
sendfile on;

tcp_nopush on; # off may be better for Comet/long-poll stuff
tcp_nodelay off; # on may be better for Comet/long-poll stuff

# Enable Gzip:
gzip on;
gzip_http_version 1.0;
gzip_comp_level 5;
gzip_min_length 512;
gzip_buffers 4 8k;
gzip_proxied any;
gzip_types
# text/html is always compressed by HttpGzipModule
text/css
text/plain
text/x-component
application/javascript
application/json
application/xml
application/xhtml+xml
application/x-font-ttf
application/x-font-opentype
application/vnd.ms-fontobject
image/svg+xml
image/x-icon;

# This should be turned on if you are going to have pre-compressed copies (.gz) of
# static files available. If not it should be left off as it will cause extra I/O
# for the check. It would be better to enable this in a location {} block for
# a specific directory:
# gzip_static on;

gzip_disable "msie6";
gzip_vary on;

include /etc/nginx/sites-enabled/*;
}

my domain configuration :

server {
server_name domainname.com;
rewrite (.*) http://www.domainname.com$1 permanent;
}

server {
#listen 80; ## listen for ipv4; this line is default and implied
#listen [::]:80 default_server ipv6only=on; ## listen for ipv6

root /home/wt/projets/domainname/public/;
index index.php index.html index.htm;

server_name www.domainname.com;

location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ /index.php?$query_string;
}

# pass the PHP scripts to FastCGI server
location ~ \.php$ {
#
# # With php5-cgi alone:
# fastcgi_pass 127.0.0.1:9005;
# # With php5-fpm:
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param PHP_VALUE "newrelic.appname=Greycampu Main site";
}

# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
location ~ /\.ht {
deny all;
}
}

Additional info :

root@localhost:/var/log# ps -ef | grep nginx
root 7545 1 0 16:18 ? 00:00:00 nginx: master process /usr/sbin/nginx
www-data 7546 7545 0 16:18 ? 00:00:28 nginx: worker process
root 17968 17348 0 19:46 pts/1 00:00:00 grep --color=auto nginx

root@localhost:/var/log# ls -l /var/lib/nginx
total 20
drwx------ 2 www-data root 4096 Jan 8 18:48 body
drwx------ 12 www-data root 4096 Sep 19 22:21 fastcgi
drwx------ 2 www-data root 4096 Sep 19 18:14 proxy
drwx------ 2 www-data root 4096 Sep 19 18:14 scgi
drwx------ 2 www-data root 4096 Sep 19 18:14 uwsgi

root@localhost:/var/log# cat /etc/nginx/nginx.conf
# -*- mode: nginx; mode: flyspell-prog; ispell-local-dictionary: "american" -*-

### Very basic Nginx configuration.
user www-data;
worker_processes 1;

root@localhost:/var/log# ls -l /etc/nginx/
total 76
drwxr-xr-x 2 root root 4096 May 28 2013 conf.d
-rw-r--r-- 1 root root 898 Apr 29 2013 fastcgi_params
-rwxr-xr-x 1 root root 2233 Sep 20 12:02 domainname.com
-rw-r--r-- 1 root root 2258 Apr 29 2013 koi-utf
-rw-r--r-- 1 root root 1805 Apr 29 2013 koi-win
-rw-r--r-- 1 root root 2085 Apr 29 2013 mime.types
-rw-r--r-- 1 root root 5287 Apr 29 2013 naxsi_core.rules
-rw-r--r-- 1 root root 287 Apr 29 2013 naxsi.rules
-rw-r--r-- 1 root root 222 Apr 29 2013 naxsi-ui.conf
drwxr-xr-x 7 root root 4096 Sep 19 18:29 nginx-bp
-rw-r--r-- 1 root root 2169 Oct 15 11:54 nginx.conf
-rw-r--r-- 1 root root 131 Apr 29 2013 proxy_params
-rw-r--r-- 1 root root 465 Apr 29 2013 scgi_params
drwxr-xr-x 2 root root 4096 Oct 22 12:18 sites
drwxr-xr-x 2 root root 4096 Sep 19 16:13 sites-available
drwxr-xr-x 2 root root 4096 Jan 8 13:17 sites-enabled
-rw-r--r-- 1 root root 532 Apr 29 2013 uwsgi_params
-rw-r--r-- 1 root root 3071 Apr 29 2013 win-utf

May i know why i am getting this error ? and how to fix this ?

Change History (2)

comment:1 by Maxim Dounin, 10 years ago

Resolution: invalid
Status: newclosed

If you are not sure you've found a bug, please ask for help via mailing list instead.

(Errors logged suggest you have problem with permissions on /var/lib/nginx/fastcgi/*. Note that checking permissions on the /var/lib/nginx/fastcgi alone is not enough, you have to check both higher level directories and the directory contents.)

comment:2 by AARYAN ADITYA, 10 years ago

Dear sir,

at least please let me know .. how to fix the issue

as per domain configuration is user is www-data;

i even tried this also
sudo chown www-data.www-data /var/lib/nginx

but still not fixed .. please let me know how to fix this permission issue

Note: See TracTickets for help on using tickets.