Hi, I recently encountered some permissions trouble with a UNIX domain socket.
I was trying to bind Nginx on PHP-FPM that way to get rid of the TCP socket usually used. PHP-FPM spawned its socket with its user/group set up in its configuration file. I had: - User: www-data - Group: www-data - Mode: 0660 (User + Group have both rw access) The socket read the right user/group owners and the right permissions mode when listed in the filesystem. Nginx spawns its worker processes with the user 'nginx' who belongs to the 'www-data' group. But when Nginx tried to bind on the PHP-FPM socket, it encountered a 'permission denied' error. The only workaround I found was to spawn the PHP-FPM UNIX socket with the 'nginx' user as owner (and thus restricting mode to 0600). The group permissions are now useless. One of my friend told me it was a genuine behavior of Debian but didn't explain it to me. Is he right or was it bullshit? What's wrong? Why can't I use group permissions on my socket? Thanks, --- *B. R.*
