You are correct, all the logging is done by root, so it would be a lot better to remove the %attr macro and leave that directory to default, or whatever is later set by the system admin.
The problem is that in /etc/php-fpm.d/www.conf at the end of the file php error_log is set to that same directory: php_admin_value[error_log] = /var/log/php-fpm/www-error.log and this logging is done by the php-fpm worker processes, which are run by a none root user (this is set to apache in www.conf), which is probably the reason why the owner of /var/log/php-fpm/ is set to apache. So this is a problem. Why is 'php_admin_value[error_log]' even set in www.conf by default? It would probably be easier to comment that and add a comment that the directory should belong to the process user. Also why are any 'php_(admin_)value' even set, why not leave those to the admin to decide in either php.ini, or wherever. I'm especially talking about setting session handler and path: ; Set session path to a directory owned by process user php_value[session.save_handler] = files php_value[session.save_path] = /var/lib/php/session Anyway, I would recommend to comment all 'php_(admin_)value' and even change the error_log to a different directory like /var/log/php/www- error.log, since those are not php-fpm errors, but actually php errors. I would set the file like this: ;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f [email protected] ;php_flag[display_errors] = off ; Set error_log directory to a path owned by process user ;php_admin_value[error_log] = /var/log/php/www-error.log ;php_admin_flag[log_errors] = on ;php_admin_value[memory_limit] = 128M ; Set session path to a directory owned by process user ;php_value[session.save_handler] = files ;php_value[session.save_path] = /var/lib/php/session -- You received this bug notification because you are a member of IUS Core Development, which is subscribed to IUS Community Project. https://bugs.launchpad.net/bugs/1312972 Title: php54-fpm "warning: user apache does not exist - using root" Status in IUS Community Project: In Progress Bug description: If you install/upgrade php54-fpm and Apache is not installed (which is usually the case if you are using Nginx), the php54-fpm prints this warning: "warning: user apache does not exist - using root" What I noticed is that this sets the owner of /var/log/php-fpm directory to owner root and 770 mode: $ ls -ld /var/log/php-fpm/ drwxrwx---. 2 root root 4096 Apr 4 15:58 /var/log/php-fpm/ This is a problem because php-fpm cannot write anything into that directory because of this. And the biggest problem is that if you set permissions and owner to the user which runs php-fpm (which is nginx in my case) after the package is upgraded, it overwrites those permission again. This same thing happens with php55u-fpm. To manage notifications about this bug go to: https://bugs.launchpad.net/ius/+bug/1312972/+subscriptions _______________________________________________ Mailing list: https://launchpad.net/~ius-coredev Post to : [email protected] Unsubscribe : https://launchpad.net/~ius-coredev More help : https://help.launchpad.net/ListHelp
