FS#64693 - [php] php-fpm needs CAP_CHOWN
Attached to Project:
Arch Linux
Opened by Marius (Martchus) - Saturday, 30 November 2019, 14:36 GMT
Last edited by Doug Newgard (Scimmia) - Saturday, 30 November 2019, 14:39 GMT
Opened by Marius (Martchus) - Saturday, 30 November 2019, 14:36 GMT
Last edited by Doug Newgard (Scimmia) - Saturday, 30 November 2019, 14:39 GMT
|
Details
Description:
The php-fpm service file needs CAP_CHOWN and fails otherwise with: ``` [ERROR] [pool www] failed to chown() the socket '/run/php-fpm/php-fpm.sock': Operation not permitted (1) ``` Changing the ownership of `/run/php-fpm` manually to `http:http` doesn't help and only leads to: ``` [ERROR] unable to bind listening socket for address '/run/php-fpm/php-fpm.sock': Permission denied (13) ``` Changing `CapabilityBoundingSet` like in the workaround mentioned above would fix this issue. Additional info: * package version(s): php 7.4.0-1 and php 7.4.0-2 Steps to reproduce: Just start the php-fpm service via the systemd unit file provided by the php 7.4.0-2 package. The journal contains the mentioned log messages. Workaround: `systemctl edit php-fpm`, add ``` [Service] CapabilityBoundingSet=CAP_SETGID CAP_SETUID CAP_CHOWN ``` save and quit. |
This task depends upon
Closed by Doug Newgard (Scimmia)
Saturday, 30 November 2019, 14:39 GMT
Reason for closing: Duplicate
Additional comments about closing: FS#64683
Saturday, 30 November 2019, 14:39 GMT
Reason for closing: Duplicate
Additional comments about closing: