3

Nginx is currently set to run as the user "nginx":

[root@localhost whmcs]# grep user /etc/nginx/nginx.conf
user nginx;

PHP-FPM is set to run as the "nginx" user too:

[root@localhost whmcs]# grep '^user\|^group' /etc/php-fpm.d/www.conf
user = nginx
group = nginx

They are definitely running as the "nginx" user:

[root@localhost whmcs]# ps aux | grep nginx | grep -v grep
nginx     55067  0.0  0.2 355128  9568 ?        S    15:54   0:00 php-fpm: pool www
nginx     55068  0.0  0.3 359488 13976 ?        S    15:54   0:00 php-fpm: pool www
nginx     55069  0.0  0.2 355128  9596 ?        S    15:54   0:00 php-fpm: pool www
nginx     55070  0.0  0.3 359508 13952 ?        S    15:54   0:00 php-fpm: pool www
nginx     55071  0.0  0.3 358712 13200 ?        S    15:54   0:00 php-fpm: pool www
nginx     55229  0.0  0.3 358456 12896 ?        S    15:54   0:00 php-fpm: pool www
root      62624  0.0  0.0  60572  1288 ?        Ss   16:15   0:00 nginx: master process /usr/sbin/nginx
nginx     62625  0.0  0.0  63096  2688 ?        S    16:15   0:00 nginx: worker process
nginx     62626  0.0  0.0  63096  2204 ?        S    16:15   0:00 nginx: worker process
nginx     62628  0.0  0.0  63096  2204 ?        S    16:15   0:00 nginx: worker process
nginx     62629  0.0  0.0  63096  2204 ?        S    16:15   0:00 nginx: worker process

PHP-FPM too:

[root@localhost whmcs]# ps aux | grep php-fpm | grep -v grep
root      55064  0.0  0.2 352152 11584 ?        Ss   15:54   0:00 php-fpm: master process (/etc/php-fpm.conf)
nginx     55067  0.0  0.2 355128  9568 ?        S    15:54   0:00 php-fpm: pool www
nginx     55068  0.0  0.3 359488 13976 ?        S    15:54   0:00 php-fpm: pool www
nginx     55069  0.0  0.2 355128  9596 ?        S    15:54   0:00 php-fpm: pool www
nginx     55070  0.0  0.3 359508 13952 ?        S    15:54   0:00 php-fpm: pool www
nginx     55071  0.0  0.3 358712 13200 ?        S    15:54   0:00 php-fpm: pool www
nginx     55229  0.0  0.3 358456 12896 ?        S    15:54   0:00 php-fpm: pool www

My www folder for that domain is /var/www/whmcs and it's owned by "nginx":

[root@localhost www]# pwd
/var/www
[root@localhost www]# ls -lah | grep whmcs
drwxr-xr-x. 19 nginx nginx 4.0K Feb  7 16:15 whmcs

There doesn't seem to be anything relevant in /var/log/php-fpm/error.log or /var/log/nginx/error.log.

My installation for WHMCS on that domain still gives an error "Cannot write to web folder".

I have also disabled SELinux.

Can someone please give me some insight as to why this might be happening?

ADDITIONAL INFO BELOW

EDIT: Peculiarly, it doesn't work even if I change the permissions for /var/www/whmcs recursively to 777.

EDIT 2: I gave shell login to the "nginx" user. It CAN create files in the /var/www/whmcs folder when logged in with it. Error on the page still the same though.

EDIT 3: Ownership and permission info requested by user @ezra-s:

[root@localhost var]# namei -mxo /var/www/whmcs
f: /var/www/whmcs
 Dr-xr-xr-x root  root  /
 drwxr-xr-x root  root  var
 drwxr-xr-x root  root  www
 drwxr-xr-x nginx nginx whmcs

EDIT 4: @Orphans, I don't seem to have /etc/php*/fpm/pool/conf.d/${CONFFILE}. This is all my /etc/php* files on CentOS 6.7:

[root@localhost etc]# find /etc/php*
/etc/php.d
/etc/php.d/curl.ini
/etc/php.d/fileinfo.ini
/etc/php.d/json.ini
/etc/php.d/phar.ini
/etc/php.d/zip.ini
/etc/php.d/pdo.ini
/etc/php.d/pdo_sqlite.ini
/etc/php.d/sqlite3.ini
/etc/php.d/mysql.ini
/etc/php.d/mysqli.ini
/etc/php.d/pdo_mysql.ini
/etc/php.d/ioncube.ini
/etc/php.d/gd.ini
/etc/php-fpm.conf
/etc/php-fpm.d
/etc/php-fpm.d/www.conf
/etc/php.ini

Also here is the virtualhost file for the domain (I'm using a hosts file to access it):

[root@localhost etc]# cat /etc/nginx/sites-available/whmcs.com.conf 
server {
    listen 80;

    root /var/www/whmcs;
    index index.php;

    server_name whmcs.com www.whmcs.com;

    location / {
        try_files $uri $uri/ =404;
    }
    error_page 404 /404.html;
    error_page 500 502 503 504 /50x.html;
    location = /50x.html {
        root /usr/share/nginx/whmcs;
    }

    location ~ \.php$ {
        try_files $uri =404;
        fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
        fastcgi_index index.php;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;
    }

}
Neekoy
  • 269
  • 1
  • 6
  • 14
  • Is /var and /var/www readable by the nginx user? – mzhaase Feb 07 '17 at 14:34
  • Yes, both of them are with 755 permissions. – Neekoy Feb 07 '17 at 14:36
  • run this: "namei -mx /var/www/whmcs" show the output – Daniel Ferradal Feb 07 '17 at 14:37
  • @ezra-s I added the info you requested in the OP under EDIT 3. It all seems fine. – Neekoy Feb 07 '17 at 14:40
  • apologies, if you can add the "o" parameter to see the owners even better :) – Daniel Ferradal Feb 07 '17 at 14:45
  • check /etc/php*/fpm/pool/conf.d/${CONFFILE} And also provide us with the virtualhost. – Orphans Feb 07 '17 at 14:46
  • @ezra-s I edited the OP with the output of "namei -mxo". – Neekoy Feb 07 '17 at 14:57
  • @Orphans I added EDIT 4 to the OP for you. – Neekoy Feb 07 '17 at 14:57
  • Certainly it all looks good, if not SELinux or something of the likes, not sure what it may be, check php-fpm error logs and such to see, if none increase logging and see, worth checking /etc/php-fpm.d/www.conf which is the actual pool working – Daniel Ferradal Feb 07 '17 at 15:01
  • What does /etc/php-fpm.d/www.conf say? – Orphans Feb 07 '17 at 15:02
  • @Orphans - here is a pastebin of the content http://pastebin.com/raw/hi8yWLT5 - It's all default, except for the user and group that I changed to "nginx". – Neekoy Feb 07 '17 at 15:09
  • Try define openbasedir – Orphans Feb 07 '17 at 15:19
  • 1
    php_admin_value[open_basedir] = /PATH/TO/DOCUMENTROOT/:/tmp:/usr/bin – Orphans Feb 07 '17 at 15:24
  • And I wonder why, noone has asked about any logs :P – Orphans Feb 07 '17 at 15:26
  • I added php_admin_value[open_basedir] = /var/www/whmcs/:/tmp:/usr/bin to /etc/php-fpm.d/www.conf. Restarted PHP-FPM - no errors, but the issue still occurs. Also, I mentioned in the OP that there's nothing relevant in the PHP-FPM/Nginx logs :( – Neekoy Feb 07 '17 at 15:28
  • Try to comment "listen.owner = nobody" and "listen.group = nobody", remove them from the pool and try again. – Orphans Feb 07 '17 at 15:50
  • @Orphans, okay so in an act of desperation I moved the installation and www folder to /home/username/. Initially it didn't work but this time I could see an error for basedir in the PHP-FPM logs, so when I added that path to open_basedir, it started working. I'm still not sure why it didnt work for /var/www/ when the setup is identical there, but it works now. Thanks for your time mate, I appreciate it :) – Neekoy Feb 07 '17 at 18:57
  • 1
    You should add your solution as an answer also. :) – Orphans Feb 08 '17 at 07:36
  • This is a web hosting control panel, and they make non-standard changes to the system, so we cannot know what is the reason for this behavior. You can expect more issues if you try to customize the setup. – Tero Kilkanen Feb 09 '17 at 10:42

1 Answers1

6

Check your selinux settings. You might need to run:

$ sudo restorecon -R /var/www/whmcs
$ sudo setsebool -P httpd_unified 1

Reference: https://magento.stackexchange.com/a/72271/469

Joe Constant
  • 161
  • 1
  • 4