Hello Mattias,
I just dealt with this question moments ago. I am running ubuntu 16.04 lts.
I had to modify the pool file: /etc/php/7.0/fpm/pool.d/www.conf
The lines in question are:
user =
group =
listen.owner =
listen.group =
The last two lines are for unix domain sockets.
This is the easiest if you are only serving one domain.
I still have to do some research into multiple virtual domains each with their
own user, but I expect in that case to have one listening php-fpm port per
user. I would probably then reserve the www.conf file for the main apache
configurations assuming I was running phpmyadmin or something, and create new
pool files of <username>.conf each.
—jason
Jason Brooks Systems Administrator
eROI Performance is Art.
m: 505 nw couch #300 w: eroi.com <http://eroi.com/>
t: 503.290.3105 f: 503.228.4249
fb: fb.com/eROI <http://www.facebook.com/eROI>
> On Dec 29, 2016, at 10:35 AM, Matthias Leopold <[email protected]>
> wrote:
>
> Hi,
>
> I hope this is an appropriate place for my question (also sent it to CentOS
> list):
>
> I'd like to know how others handle the setup of Apache httpd and PHP-FPM when
> the PHP-FPM user is different from the webserver user. This is the case in
> the default configuration of IUS PHP-FPM packages (not in stock CentOS/RHEL).
> So I have httpd running as 'apache' and PHP running as 'php-fpm'. I'm aware
> of special use cases where a configurable PHP user is a nice feature, but how
> do i handle filesystem setup for this default configuration in a pretty and
> secure way? Do people use it like that or do they change PHP-FPM user back to
> 'apache' (like in RH packages)? All of the setups i tried (eg. using ACLs)
> don't really look "pretty" and "robust", something I'd like to have when
> using "default" configurations. I hope I'm not thinking too complicated...
>
> Thanks for feedback
> matthias
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [email protected]
> For additional commands, e-mail: [email protected]
>
