PHP LogoRecently I noticed a few of my servers had stopped serving my sites, with  502 errors being to visitors. I took a look at my site logs and noticed that they were full of the “Permission Denied” errors below:

2014/06/09 09:45:17 [crit] 11453#0: *22 connect() to unix:/var/run/php5-fpm.sock failed (13: Permission denied) while connecting to upstream

A little more investigation and I found that a privilege escalation issue in the PHP default fpm configuration had been found. This had consequently been fixed in the latest releases. But unless a systems administrator is paying attention and knows that changes to the config are required, upgrading the PHP instance leads to a broken web server.

After some looking around the place I found a solution.

Fixing the Issue

To fix simply edit the file:


Go down to around line 44 and you will see a section that looks similar to the following:

; Set permissions for unix socket, if one is used. In Linux, read/write
; permissions must be set in order to allow connections from a web server. Many
; BSD-derived systems allow connections regardless of permissions.
; Default Values: user and group are set as the running user
;                 mode is set to 0666
;listen.owner = www-data
; = www-data
;listen.mode = 0666

Then uncomment the listen.owner and declarations save the file and then restart the php5 service.

service php5-fpm restart

Visit you site in a browser an with any luck your website should be working properly again!

Further Reading:

Original PHP security issue

Discussion about the issue on StackOverflow