Recently I noticed a few of my servers had stopped serving my sites, with 502 errors being to visitors. I took a look at my site logs and noticed that they were full of the “Permission Denied” errors below:
2014/06/09 09:45:17 [crit] 11453#0: *22 connect() to unix:/var/run/php5-fpm.sock failed (13: Permission denied) while connecting to upstream
A little more investigation and I found that a privilege escalation issue in the PHP default fpm configuration had been found. This had consequently been fixed in the latest releases. But unless a systems administrator is paying attention and knows that changes to the config are required, upgrading the PHP instance leads to a broken web server.
After some looking around the place I found a solution. To fix simply edit the file:
/etc/php5/fpm/pool.d/www.conf
Go down to around line 44 and you will see a section that looks similar to the following:
; Set permissions for unix socket, if one is used. In Linux, read/write
; permissions must be set in order to allow connections from a web server. Many
; BSD-derived systems allow connections regardless of permissions.
; Default Values: user and group are set as the running user
; mode is set to 0666
;listen.owner = www-data
;listen.group = www-data
;listen.mode = 0666
Then uncomment the listen.owner and listen.group declarations save the file and then restart the php5 service.
service php5-fpm restart
Visit you site in a browser an with any luck your website should be working properly again!
Further Reading: