What permissions / ownership to set on PHP Sessions Folder when running FastCGI / PHP-FPM (as user "nobody")?

Posted by Professor Frink on Server Fault See other posts from Server Fault or by Professor Frink
Published on 2009-10-02T04:16:37Z Indexed on 2012/04/12 5:32 UTC
Read the original article Hit count: 320

Filed under:
|
|
|

I'm having trouble getting a number of scripts running because PHP-FPM can't write to my session folder:

"2009/10/01 23:54:07 [error] 17830#0: *24 FastCGI sent in stderr: "PHP Warning:
    Unknown: open(/var/lib/php/session/sess_cskfq4godj4ka2a637i5lq41o5, O_RDWR)
    failed: Permission denied (13) in Unknown on line 0
PHP Warning:  Unknown: Failed to write session data (files). Please verify
    that the current setting of session.save_path is correct
    (/var/lib/php/session) in Unknown on line 0" while reading upstream"

Obviously this is a permission issue; my session folder's owner/group is the webserver's user, NGINX. PHP-FPM runs as nobody though, and hence adding it to the nginx group is not so trivial.

A temporary solution is to set the permissions of /var/lib/php/session to 777 - I have a feeling that's not the "best practice" though.

What is the best practice when you need to assign a daemon write access to a folder, but it is running as nobody ?

© Server Fault or respective owner

Related posts about linux

Related posts about security