问题描述
我在Ngnix上运行的PHP应用程序(贝加尔湖)有问题.该应用程序对其配置文件之一没有(较长)写入权限.升级PHP后,可能会发生此问题.
I have a problem with a PHP application (Baikal) that runs on Ngnix. The application has no (longer) write permissions for one of its config files. The problem might have occured after upgrading PHP.
以下是有关我的设置的一些信息:
Here is some information about my setup:
- 操作系统:Arch Linux
- Nginx版本:1.16.1
- Nginx用户:http
- PHP版本:7.4.1
- 应用程序:贝加尔湖0.4.6
- Nginx配置:
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name –––––––––;
root /usr/share/webapps/baikal/html;
index index.php;
include include/ssl.conf;
include include/letsencrypt.conf;
rewrite ^/.well-known/caldav /dav.php redirect;
rewrite ^/.well-known/carddav /dav.php redirect;
charset utf-8;
location ~ /(\.ht|Core|Specific) {
deny all;
return 404;
}
location ~ ^(.+\.php)(.*)$ {
try_files $fastcgi_script_name =404;
include /etc/nginx/fastcgi_params;
fastcgi_split_path_info ^(.+\.php)(.*)$;
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
}
}
应用程序报告文件 Specific/config.php 不可写.完整路径为/usr/share/webapps/baikal/Specific/config.php .
我已将文件的权限设置为777,以进行测试;没有成功.我测试了PHP函数is_writable
.它为该文件返回false
. fopen
说文件系统是只读的(不是).
The application reports that the file Specific/config.php is not writable. Full path is /usr/share/webapps/baikal/Specific/config.php.
I have set the permissions of the file to 777 for testing purposes; without success. I tested the PHP function is_writable
. It returns false
for that file. fopen
says that the filesystem is read-only (it is not).
我已经阅读了很多有关SELinux防止写操作的信息,但是正如我所说的,我使用的不是Arch Linux,而是SELinux.
我认为这与以下事实有关:不允许PHP在Nginx中设置的根目录之外进行写操作,但是我无法将其修复.
I have read a lot about SELinux preventing write operations, but as I said, I use Arch Linux which is no SELinux.
I think it has something to do with the fact that PHP is not allowed to write outside the root directory set in Nginx, but I can't get it fixed.
有人可以帮忙吗?
非常感谢
Can anybody help?
Thanks a lot
推荐答案
好的,钉牢了.哎呀.
从PHP 7.4开始,PHP-FPM通过挂载只读的,/boot
和/etc
目录来保护系统.
As of PHP 7.4 PHP-FPM protects the system by mounting /usr
, /boot
, and /etc
directories read-only.
此,而这个问题使我想到了只移动应用程序的解决方案/usr
的文件夹不在现场.
This post and this issue led me to solution to just move the application folder outsite of /usr
.
这篇关于Nginx和PHP:没有写权限的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!