You are not logged in.

#1 2019-11-30 14:05:48

aquilarubra
Member
From: Trieste, Italy
Registered: 2018-11-24
Posts: 17

nginx + php-fpm - file not found, primary script unknown

Hello, I just updated packages and now php-fpm seems not working at all. It gives the errors "File not found" in the browser, and "primary script unknown while reading response header" in the log.

I checked all the bhosts, but they are just fine. I suspect there is some change due to the recent security issue in php-fpm, but I cannot find a reference to fix the issue. Any idea?

Offline

#2 2019-11-30 14:56:57

Trilby
Inspector Parrot
Registered: 2011-11-29
Posts: 22,380
Website

Re: nginx + php-fpm - file not found, primary script unknown

Telling us you looked at the logs is useless, show us.  Saying you checked the bhosts is the same.  Show us.  Post logs, configs, etc, otherwise there is nothing we can offer here but sympathy (and even that's not so likely).  Is this a publicly available server?  Give an example to a failing url.

https://bbs.archlinux.org/viewtopic.php?id=57855

FWIW, I just upgraded my server and have no issues with php-fpm on nginx.

Last edited by Trilby (2019-11-30 14:59:37)


"UNIX is simple and coherent..." - Dennis Ritchie, "GNU's Not UNIX" -  Richard Stallman

Offline

#3 2019-11-30 15:27:08

aquilarubra
Member
From: Trieste, Italy
Registered: 2018-11-24
Posts: 17

Re: nginx + php-fpm - file not found, primary script unknown

Sample page: https://thelord.space/phpinfo.php

access.log:
2019/11/30 16:16:29 [error] 9842#9842: *3 FastCGI sent in stderr: "Primary script unknown" while reading response header from upstream, client: 203.15.17.121, server: thelord.space, request: "GET /phpinfo.php HTTP/2.0", upstream: "fastcgi://127.0.0.1:9000", host: "thelord.space"

error.log:
151.95.156.135 - - [30/Nov/2019:16:16:29 +0100] "GET /phpinfo.php HTTP/2.0" 404 36 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:70.0) Gecko/20100101 Firefox/70.0"

vhost:

       location ~ \.php$ {
                include fastcgi_params;
                access_log /home/thelord.space/logs/access_log;
                error_log /home/thelord.space/logs/error_log;
                fastcgi_param SCRIPT_FILENAME /home/thelord.space/public_html$fastcgi_script_name;
#                fastcgi_param SCRIPT_FILENAME  $document_root$fastcgi_script_name;
#                fastcgi_param SCRIPT_FILENAME  $realpath_root$fastcgi_script_name;
        }

I tried with the different settings for SCRIPT_FILENAME and none seems working. Previously, the server was working with the full path: fastcgi_param SCRIPT_FILENAME /home/thelord.space/public_html$fastcgi_script_name;

The php-fpm error log contains nothing (just the lines when I restart the server).

Obviously, the paths are correct and if I try with user "http", the files are accessible.

Html pages work and Perl works. Only php-fpm seems broken. Php-fpm server runs just fine.

Offline

#4 2019-11-30 16:47:57

Trilby
Inspector Parrot
Registered: 2011-11-29
Posts: 22,380
Website

Re: nginx + php-fpm - file not found, primary script unknown

The title of the thread I linked to is "Post complete logs/output/..."

aquilarubra wrote:

Obviously, the paths are correct and if I try with user "http", the files are accessible.

How/why is this obvious?  What do you mean you try with user "http"?  What do you actually do?  What are (again) the actual commands and output?


"UNIX is simple and coherent..." - Dennis Ritchie, "GNU's Not UNIX" -  Richard Stallman

Offline

#5 2019-11-30 17:00:54

aquilarubra
Member
From: Trieste, Italy
Registered: 2018-11-24
Posts: 17

Re: nginx + php-fpm - file not found, primary script unknown

ls /home/thelord.space/public_html/phpinfo.php shows it exists.

If I "su http", I can run a command such as "php /home/thelord.space/public_html/phpinfo.php" and it displays the expected output. So, the issue is when php goes through php-fpm.

From my tests, $document_root might not be correct. But I have no clue how to debug that.

Offline

#6 2019-11-30 17:03:13

Trilby
Inspector Parrot
Registered: 2011-11-29
Posts: 22,380
Website

Re: nginx + php-fpm - file not found, primary script unknown

Three posts in and you have still failed to provide any of the necessary context despite being explicitly asked twice.  I am unable (and now unwilling) to help.  I'd encourage you to be much more transparent and forthcoming if you want the next forum member who sees this thread to put in any effort to help you.

Last edited by Trilby (2019-11-30 17:05:26)


"UNIX is simple and coherent..." - Dennis Ritchie, "GNU's Not UNIX" -  Richard Stallman

Offline

#7 2019-11-30 17:15:20

aquilarubra
Member
From: Trieste, Italy
Registered: 2018-11-24
Posts: 17

Re: nginx + php-fpm - file not found, primary script unknown

You must be joking, I have answered every question and published my configuration and logs. Get glasses.

Offline

#8 2019-11-30 17:29:30

loqs
Member
Registered: 2014-03-06
Posts: 9,235

Re: nginx + php-fpm - file not found, primary script unknown

Is the system using php-fpm.service ?

Offline

#9 2019-11-30 17:34:32

aquilarubra
Member
From: Trieste, Italy
Registered: 2018-11-24
Posts: 17

Re: nginx + php-fpm - file not found, primary script unknown

Yes. Sorry, I saw I omitted a few lines, as I am doing many tests.

Host configuration:

        location ~ \.php$ {
                fastcgi_split_path_info ^(.+?\.php)(/.*)$;
                if (!-f $document_root$fastcgi_script_name) {
                        return 404;
                }
                # Mitigate https://httpoxy.org/ vulnerabilities
                fastcgi_param HTTP_PROXY "";

                fastcgi_index index.php;
                fastcgi_pass 127.0.0.1:9000;
                include fastcgi_params;
                fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
                access_log /home/thelord.space/logs/access_log;
                error_log /home/thelord.space/logs/error_log;

fastcgi_params file:

fastcgi_param  QUERY_STRING       $query_string;
fastcgi_param  REQUEST_METHOD     $request_method;
fastcgi_param  CONTENT_TYPE       $content_type;
fastcgi_param  CONTENT_LENGTH     $content_length;

fastcgi_param  SCRIPT_FILENAME    $document_root$fastcgi_script_name;
fastcgi_param  SCRIPT_NAME        $fastcgi_script_name;
fastcgi_param  PATH_INFO          $fastcgi_path_info;
fastcgi_param  PATH_TRANSLATED    $document_root$fastcgi_path_info;
fastcgi_param  REQUEST_URI        $request_uri;
fastcgi_param  DOCUMENT_URI       $document_uri;
fastcgi_param  DOCUMENT_ROOT      $document_root;
fastcgi_param  SERVER_PROTOCOL    $server_protocol;

fastcgi_param  GATEWAY_INTERFACE  CGI/1.1;
fastcgi_param  SERVER_SOFTWARE    nginx/$nginx_version;

fastcgi_param  REMOTE_ADDR        $remote_addr;
fastcgi_param  REMOTE_PORT        $remote_port;
fastcgi_param  SERVER_ADDR        $server_addr;
fastcgi_param  SERVER_PORT        $server_port;
fastcgi_param  SERVER_NAME        $server_name;

fastcgi_param  HTTPS              $https if_not_empty;

# PHP only, required if PHP was built with --enable-force-cgi-redirect
fastcgi_param  REDIRECT_STATUS    200;

#fastcgi_param  REQUEST_SCHEME     $scheme;

netstat -pnltu | grep 9000
tcp        0      0 127.0.0.1:9000          0.0.0.0:*               LISTEN      12417/php-fpm: mast

Last edited by aquilarubra (2019-11-30 17:36:40)

Offline

#10 2019-11-30 17:57:16

loqs
Member
Registered: 2014-03-06
Posts: 9,235

Re: nginx + php-fpm - file not found, primary script unknown

https://github.com/php/php-src/commit/4 … 45a203e37f
See the comment above ProtectHome=true

Offline

#11 2019-11-30 18:18:34

aquilarubra
Member
From: Trieste, Italy
Registered: 2018-11-24
Posts: 17

Re: nginx + php-fpm - file not found, primary script unknown

Thanks, that could be the case, as I have a folder outside /home that is partially working. But I edited /etc/systemd/system/multi-user.target.wants/php-fpm.service setting ProtectHome=false, reloaded services, restarted php-fpm, and I still get a 404/file not found error.

Offline

#12 2019-11-30 18:31:36

aquilarubra
Member
From: Trieste, Italy
Registered: 2018-11-24
Posts: 17

Re: nginx + php-fpm - file not found, primary script unknown

Ok, my mistake. It was solved!! Thank you so much.

To recap, I did the following:

1. Set ProtectHome=false in /etc/systemd/system/multi-user.target.wants/php-fpm.service
2. systemctl daemon-reload
3. systemctl restart nginx.service
4. systemctl restart php-fpm.service

Offline

#13 2019-11-30 19:41:55

aquilarubra
Member
From: Trieste, Italy
Registered: 2018-11-24
Posts: 17

Re: nginx + php-fpm - file not found, primary script unknown

Question: I use nextcloud, which stores config files in /etc (/etc/webapps/nextcloud). Now it is not working (after the update above). It gives the error "Cannot write into "config" directory!", despite the directory is writeable.

So, I suspect this depends on the setting ProtectSystem=full in /etc/systemd/system/multi-user.target.wants/php-fpm.service

Any idea? I cannot find the options that can be used instead of "full".

Offline

#14 2019-11-30 22:30:42

Taijian
Member
Registered: 2016-04-10
Posts: 64

Re: nginx + php-fpm - file not found, primary script unknown

OK seems that for nextcloud to keep working, we need both

ProtectSystem=false
CapabilityBoundingSet=CAP_SETGID CAP_SETUID CAP_CHOWN

Otherwise php-fpm will not work.

Offline

#15 2019-11-30 22:36:04

loqs
Member
Registered: 2014-03-06
Posts: 9,235

Re: nginx + php-fpm - file not found, primary script unknown

See https://bugs.archlinux.org/task/64689 for nextcloud
CAP_CHOWN should not be needed with php-fpm 7.4.0-2

Offline

#16 2019-11-30 23:59:55

Taijian
Member
Registered: 2016-04-10
Posts: 64

Re: nginx + php-fpm - file not found, primary script unknown

loqs wrote:

CAP_CHOWN should not be needed with php-fpm 7.4.0-2

Well, for me it complained about not being able to use chown on /run/php-fpm/php-fpm.sock without that CAP. No idea why it needed to do that, though...

Offline

#17 2019-12-01 00:13:05

loqs
Member
Registered: 2014-03-06
Posts: 9,235

Re: nginx + php-fpm - file not found, primary script unknown

@Tainjan that was supposed to be fixed see https://bugs.archlinux.org/task/64683

Offline

#18 2019-12-01 00:14:02

Taijian
Member
Registered: 2016-04-10
Posts: 64

Re: nginx + php-fpm - file not found, primary script unknown

loqs wrote:

@Tainjan that was supposed to be fixed see https://bugs.archlinux.org/task/64683

Yeah, saw that now. I was still working with -1...

Offline

Board footer

Powered by FluxBB