Nginx和PHP:没有写权限 [英] Nginx and PHP: no write permissions

问题描述

我在Ngnix上运行的PHP应用程序(贝加尔湖)有问题.该应用程序对其配置文件之一没有(较长)写入权限.升级PHP后，可能会发生此问题.

I have a problem with a PHP application (Baikal) that runs on Ngnix. The application has no (longer) write permissions for one of its config files. The problem might have occured after upgrading PHP.

以下是有关我的设置的一些信息:

Here is some information about my setup:

• 操作系统:Arch Linux
• Nginx版本:1.16.1
• Nginx用户:http
• PHP版本:7.4.1
• 应用程序:贝加尔湖0.4.6
• Nginx配置:

    server {
       listen              443 ssl http2;
       listen              [::]:443 ssl http2;
       server_name         –––––––––;
       root                /usr/share/webapps/baikal/html;
       index               index.php;
       include             include/ssl.conf;
       include             include/letsencrypt.conf;

       rewrite ^/.well-known/caldav /dav.php redirect;
       rewrite ^/.well-known/carddav /dav.php redirect;
       charset utf-8;

       location ~ /(\.ht|Core|Specific) {
          deny all;
          return 404;
       }

       location ~ ^(.+\.php)(.*)$ {
          try_files $fastcgi_script_name =404;
          include        /etc/nginx/fastcgi_params;
          fastcgi_split_path_info  ^(.+\.php)(.*)$;
          fastcgi_pass   unix:/var/run/php-fpm/php-fpm.sock;
          fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
          fastcgi_param  PATH_INFO        $fastcgi_path_info;
       }
    }

应用程序报告文件 Specific/config.php 不可写.完整路径为/usr/share/webapps/baikal/Specific/config.php .
我已将文件的权限设置为777，以进行测试；没有成功.我测试了PHP函数is_writable.它为该文件返回false. fopen说文件系统是只读的(不是).

The application reports that the file Specific/config.php is not writable. Full path is /usr/share/webapps/baikal/Specific/config.php.
I have set the permissions of the file to 777 for testing purposes; without success. I tested the PHP function is_writable. It returns false for that file. fopen says that the filesystem is read-only (it is not).

我已经阅读了很多有关SELinux防止写操作的信息，但是正如我所说的，我使用的不是Arch Linux，而是SELinux.
我认为这与以下事实有关:不允许PHP在Nginx中设置的根目录之外进行写操作，但是我无法将其修复.

I have read a lot about SELinux preventing write operations, but as I said, I use Arch Linux which is no SELinux.
I think it has something to do with the fact that PHP is not allowed to write outside the root directory set in Nginx, but I can't get it fixed.

有人可以帮忙吗?
非常感谢

Can anybody help?
Thanks a lot

推荐答案

好的，钉牢了.哎呀.

从PHP 7.4开始，PHP-FPM通过挂载只读的<​​c3>，/boot和/etc目录来保护系统.

As of PHP 7.4 PHP-FPM protects the system by mounting /usr, /boot, and /etc directories read-only.

此问题使我想到了只移动应用程序的解决方案/usr的文件夹不在现场.

This post and this issue led me to solution to just move the application folder outsite of /usr.

这篇关于Nginx和PHP:没有写权限的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！