我使用Apache2.2和FastCgi来运行PHP代码(使用PHP-fpm)。
我的FCGI配置如下,运行良好:
User apache
Group apache
LoadModule fastcgi_module modules/mod_fastcgi.so
FastCgiIpcDir /var/run/mod_fastcgi
FastCgiConfig -idle-timeout 20 -maxClassProcesses 1
AddHandler php-script .php
Action php-script /php5-fcgi
AddType application/x-httpd-php .php
<Location "/php5-fcgi">
Order Deny,Allow
Deny from all
Allow from env=REDIRECT_STATUS
</Location>
我的虚拟主机配置如下,工作也很好:
<VirtualHost XX.XX.XXX.XXX:80>
DocumentRoot "/srv/apache/test"
ServerName my.domain.com
ErrorLog /srv/apache/test/logs/test.log
DirectoryIndex index.php
LogLevel debug
<Directory "/srv/apache/test/www">
Options +Indexes
Order allow,deny
Allow from all
</Directory>
Alias /php5-fcgi /var/www/cgi-bin/test/php.fcgi
FastCgiExternalServer /var/www/cgi-bin/test/php.fcgi -socket /var/run/php5-fpm.sock -pass-header Authorization -idle-timeout 3600
<Directory "/var/www/cgi-bin/test">
Options +ExecCGI
SetHandler fastcgi-script
Order Deny,Allow
Allow from env=REDIRECT_STATUS
</Directory>
</VirtualHost>
显示了我的测试页面上的phpinfo()。现在我想让它与Apache的Suxec mod一起工作。因此,我在apache配置中添加了以下行:
# Into my virtualhost config
SuexecUserGroup www-test www-test
# Into my fastcgi config
FastCgiWrapper On
然后,我向www-test用户选择我的fcgi脚本(/var/www/cgi-bin/test/php.fcgi)和我的文档根(/srv/apache/test)。
我重新启动httpd和php-fpm服务,刷新我的测试页面,得到一个错误500,日志如下:
==> /var/log/httpd/error_log <==
suexec failure: could not open log file
fopen: Permission denied
[Tue Nov 10 21:35:48 2015] [warn] FastCGI: (dynamic) server "/var/www/cgi-bin/test/php.fcgi" (pid 29704) terminated by calling exit with status '1'
[Tue Nov 10 21:35:53 2015] [warn] FastCGI: (dynamic) server "/var/www/cgi-bin/test/php.fcgi" (uid 505, gid 506) restarted (pid 29711)
==> /srv/apache/test/logs/test.log <==
[Tue Nov 10 21:36:05 2015] [error] [client 90.XXX.30.XX] FastCGI: comm with (dynamic) server "/var/www/cgi-bin/test/php.fcgi" aborted: (first read) idle timeout (20 sec)
[Tue Nov 10 21:36:05 2015] [error] [client 90.XXX.30.XX] FastCGI: incomplete headers (0 bytes) received from server "/var/www/cgi-bin/test/php.fcgi"
你知道我可能错过的配置吗?
编辑:我编辑了一个Vhost指令如下:
FastCgiExternalServer /var/www/cgi-bin/test/php.fcgi -socket /var/run/php5-fpm.sock -pass-header Authorization -user www-test -group www-test
现在我的测试页面正在工作,但我用php执行了一个whoiam命令,得到的是apache用户,而不是我的Suexec用户(www测试)。
你知道我的Suexec配置不起作用的原因吗。
PHP FPM需要配置为使用特定用户。
确保user的池配置中的值与您希望PHP作为Unix用户执行的值相匹配。通常它默认为www-data,但根据您编译PHP的方式,它可能已更改为www-user。