Question

请帮忙。我一直试图在CentOS 6.4上配置FastCGI + php-fpm。最后它正在运行，但Apache日志中存在一些错误。我想了解它们并摆脱它们。这是我在全新安装CentOS（最小）+ MySQL + Apache2 + PHP后所做的事情：

# echo "" > /var/log/httpd/error_log
# service httpd restart
# cat /var/log/httpd/error_log

[Fri Apr 26 05:06:49 2013] [notice] caught SIGTERM, shutting down
[Fri Apr 26 05:06:50 2013] [notice] SELinux policy enabled; httpd running as context unconfined_u:system_r:httpd_t:s0
[Fri Apr 26 05:06:50 2013] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Fri Apr 26 05:06:50 2013] [notice] Digest: generating secret for digest authentication ...
[Fri Apr 26 05:06:50 2013] [notice] Digest: done
[Fri Apr 26 05:06:50 2013] [notice] Apache/2.2.15 (Unix) DAV/2 PHP/5.3.3 mod_ssl/2.2.15 OpenSSL/1.0.0-fips configured -- resuming normal operations

# yum -y install php-fpm
# chkconfig --levels 235 php-fpm on
# service php-fpm start
# /etc/init.d/php-fpm status

php-fpm (pid  1644) running...

# cat /var/log/php-fpm/error.log

[26-Apr-2013 05:07:17] NOTICE: fpm is running, pid 1644
[26-Apr-2013 05:07:17] NOTICE: ready to handle connections

# yum -y install wget make gcc libtool httpd-devel apr-devel apr
# wget http://www.fastcgi.com/dist/mod_fastcgi-current.tar.gz
# tar xf mod_fastcgi-current.tar.gz
# cd mod_fastcgi-2.4.6
# make -f Makefile.AP2 top_dir=/usr/lib/httpd
# cp .libs/mod_fastcgi.so /usr/lib/httpd/modules/

# mv /etc/httpd/conf.d/php.conf /etc/httpd/conf.d/php.conf.disabled

# mkdir /var/www/fastcgi
# cat > /etc/httpd/conf.d/fastcgi.conf <<EOF
# LoadModule fastcgi_module modules/mod_fastcgi.so
# FastCgiWrapper Off
# DirectoryIndex index.php index.html index.shtml index.cgi
# Alias /phpfpm /var/www/fastcgi/phpfpm
# AddType application/x-httpd-php .php
# Action application/x-httpd-php /phpfpm
# FastCgiExternalServer /var/www/fastcgi/phpfpm -host 127.0.0.1:9000 -flush -pass-header Authorization
# EOF

# setsebool httpd_can_network_connect on

# echo "" > /var/log/httpd/error_log
# service httpd restart
# sleep 5
# cat /var/log/httpd/error_log

[Fri Apr 26 05:07:33 2013] [notice] caught SIGTERM, shutting down
[Fri Apr 26 05:07:34 2013] [notice] SELinux policy enabled; httpd running as context unconfined_u:system_r:httpd_t:s0
[Fri Apr 26 05:07:34 2013] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Fri Apr 26 05:07:34 2013] [error] (13)Permission denied: FastCGI: apr_dir_open() failed
[Fri Apr 26 05:07:34 2013] [notice] Digest: generating secret for digest authentication ...
[Fri Apr 26 05:07:34 2013] [notice] Digest: done
[Fri Apr 26 05:07:34 2013] [error] FastCGI: access for server (uid -1, gid -1) failed: read not allowed
[Fri Apr 26 05:07:34 2013] [error] FastCGI: can't create dynamic directory "/etc/httpd/logs/fastcgi/dynamic": access for server (uid -1, gid -1) failed: read not allowed
[Fri Apr 26 05:07:34 2013] [notice] FastCGI: process manager initialized (pid 1841)
[Fri Apr 26 05:07:34 2013] [notice] Apache/2.2.15 (Unix) DAV/2 mod_fastcgi/2.4.6 mod_ssl/2.2.15 OpenSSL/1.0.0-fips configured -- resuming normal operations

# echo "" > /var/log/httpd/error_log
# service httpd restart
# sleep 5
# cat /var/log/httpd/error_log

[Fri Apr 26 05:10:05 2013] [notice] caught SIGTERM, shutting down
[Fri Apr 26 05:10:05 2013] [notice] SELinux policy enabled; httpd running as context unconfined_u:system_r:httpd_t:s0
[Fri Apr 26 05:10:05 2013] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Fri Apr 26 05:10:05 2013] [error] FastCGI: access for server (uid -1, gid -1) failed: read not allowed
[Fri Apr 26 05:10:05 2013] [error] FastCGI: can't create dynamic directory "/etc/httpd/logs/fastcgi/dynamic": access for server (uid -1, gid -1) failed: read not allowed
[Fri Apr 26 05:10:05 2013] [notice] Digest: generating secret for digest authentication ...
[Fri Apr 26 05:10:05 2013] [notice] Digest: done
[Fri Apr 26 05:10:05 2013] [error] FastCGI: access for server (uid -1, gid -1) failed: read not allowed
[Fri Apr 26 05:10:05 2013] [error] FastCGI: can't create dynamic directory "/etc/httpd/logs/fastcgi/dynamic": access for server (uid -1, gid -1) failed: read not allowed
[Fri Apr 26 05:10:05 2013] [notice] FastCGI: process manager initialized (pid 1866)
[Fri Apr 26 05:10:05 2013] [notice] Apache/2.2.15 (Unix) DAV/2 mod_fastcgi/2.4.6 mod_ssl/2.2.15 OpenSSL/1.0.0-fips configured -- resuming normal operations

UPD：
我完全禁用了SELinux（ setenforce 0 ，SELINUX =在/ etc / sysconfig / selinux中禁用），我也禁用了suEXEC（ mv / usr / sbin / suexec /usr/sbin/suexec.disabled 和 chmod 600 /usr/sbin/suexec.disabled ）。这是我得到的：

# echo "" > /var/log/httpd/error_log
# service httpd restart
# sleep 5
# cat /var/log/httpd/error_log

[Tue Apr 30 12:02:52 2013] [notice] caught SIGTERM, shutting down
[Tue Apr 30 12:02:53 2013] [error] FastCGI: access for server (uid -1, gid -1) failed: read not allowed
[Tue Apr 30 12:02:53 2013] [error] FastCGI: can't create dynamic directory "/etc/httpd/logs/fastcgi/dynamic": access for server (uid -1, gid -1) failed: read not allowed
[Tue Apr 30 12:02:53 2013] [notice] Digest: generating secret for digest authentication ...
[Tue Apr 30 12:02:53 2013] [notice] Digest: done
[Tue Apr 30 12:02:53 2013] [error] FastCGI: access for server (uid -1, gid -1) failed: read not allowed
[Tue Apr 30 12:02:53 2013] [error] FastCGI: can't create dynamic directory "/etc/httpd/logs/fastcgi/dynamic": access for server (uid -1, gid -1) failed: read not allowed
[Tue Apr 30 12:02:53 2013] [notice] FastCGI: process manager initialized (pid 1769)
[Tue Apr 30 12:02:53 2013] [notice] Apache/2.2.15 (Unix) DAV/2 mod_fastcgi/2.4.6 mod_ssl/2.2.15 OpenSSL/1.0.0-fips configured -- resuming normal operations

同样的错误。

# ls -ld /etc/httpd/logs/fastcgi/dynamic

drwx------. 2 apache apache 4096 Apr 26 05:07 /etc/httpd/logs/fastcgi/dynamic

# chmod 777 /etc/httpd/logs/fastcgi/dynamic

# echo "" > /var/log/httpd/error_log
# service httpd restart
# sleep 5
# cat /var/log/httpd/error_log

[Tue Apr 30 12:18:44 2013] [notice] caught SIGTERM, shutting down
[Tue Apr 30 12:18:44 2013] [error] FastCGI: access for server (uid -1, gid -1) failed: read not allowed
[Tue Apr 30 12:18:44 2013] [notice] Digest: generating secret for digest authentication ...
[Tue Apr 30 12:18:44 2013] [notice] Digest: done
[Tue Apr 30 12:18:44 2013] [error] FastCGI: access for server (uid -1, gid -1) failed: read not allowed
[Tue Apr 30 12:18:44 2013] [notice] FastCGI: process manager initialized (pid 1888)
[Tue Apr 30 12:18:44 2013] [notice] Apache/2.2.15 (Unix) DAV/2 mod_fastcgi/2.4.6 mod_ssl/2.2.15 OpenSSL/1.0.0-fips configured -- resuming normal operations

还是有些错误。有什么想法吗？

感谢您的关注。最诚挚的问候，Anton Kizernis。

Answer 1

你做了

# chmod 777 /etc/httpd/logs/fastcgi/dynamic

但是，您是否需要为祖父目录设置可读位，并使父目录可写？ E.g。

# chmod -R a+rX /etc/httpd/logs
# chmod -R a+w  /etc/httpd/logs/fastcgi

这对我有用......

Answer 2

您应该禁用selinux安全策略。建议不要将Selinux与Web服务器配合使用。

CentOS 6.4上的Apache2 + FastCGI + php-fpm ==＆gt;工作，但error_log中的错误

2 个答案: