5

I'm trying to change the owner/group of the PHP-FPM socket file.

My www.conf contains:

[www]

...

listen = /run/php-fpm/www.sock
listen.owner = ben
listen.group = ben
listen.mode = 0660

Upon restarting php-fpm, www.sock is still owned by root:root.

If I change the socket file location, or the listen.mode, the socket file changes accordingly. However, listen.owner and listen.group seem to be blatantly ignored.

Why is that?

BenMorel
  • 4,507
  • 10
  • 57
  • 85
  • Please post your full php-fpm config to pastebin, since some config directives can override each-other. – Stone Sep 17 '19 at 13:41
  • Thank you, reviewing it while posting to pastebin made me actually read every configuration option, and I found out about `listen.acl_users`. See my answer below! – BenMorel Sep 17 '19 at 14:09

1 Answers1

12

Got it. The issue was listen.acl_users (emphasis mine):

When POSIX Access Control Lists are supported you can set them using these options, value is a comma separated list of user/group names. When set, listen.owner and listen.group are ignored.

Solution: comment out this line:

;listen.acl_users = apache,nginx
Eddie C.
  • 535
  • 1
  • 3
  • 12
BenMorel
  • 4,507
  • 10
  • 57
  • 85
  • Thanks for the tip on that, this saved me some time. Another lesson in reading ALL the documentation for what you're doing! – gillytech Feb 23 '20 at 19:07