Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: Unable to launch php-fpm.service 'Permission denied - Unable to read php-fpm.conf'

  1. #1

    Default Unable to launch php-fpm.service 'Permission denied - Unable to read php-fpm.conf'

    When I run `sudo systemctl start php-fpm.service`, I get the following error msg.
    Code:
    • May1222:32:26 localhost.localdomain systemd[1]:StartingThe PHP FastCGIProcessManager...
    • May1222:32:26 localhost.localdomain php-fpm[31129]:[12-May-202122:32:26] ERROR: failed to open configuration file>
    • May1222:32:26 localhost.localdomain php-fpm[31129]:[12-May-202122:32:26] ERROR: failed to load configuration file>
    • May1222:32:26 localhost.localdomain php-fpm[31129]:[12-May-202122:32:26] ERROR: FPM initialization failed
    • May1222:32:26 localhost.localdomain systemd[1]: php-fpm.service:Main process exited, code=exited, status=78/CONFIG
    • May1222:32:26 localhost.localdomain systemd[1]: php-fpm.service:Failedwith result 'exit-code'.
    • May1222:32:26 localhost.localdomain systemd[1]:Failed to start The PHP FastCGIProcessManager.
    • ~
    I have checked the permission on php-fpm.conf:
    Code:
    ls -l /etc/php8/fpm/php-fpm.conf
    -rwxrw-r-- 1 root root 5324 May 12 22:26 /etc/php8/fpm/php-fpm.conf

  2. #2
    Join Date
    Oct 2014
    Location
    Rotterdam
    Posts
    475

    Default Re: Unable to launch php-fpm.service 'Permission denied - Unable to read php-fpm.conf'

    I see two options for the error:
    1. The configuration file can be opened but the content is not valid
    2. Another configuration file then /etc/php8/fpm/php-fpm.conf is used

    You can issue "sudo systemctl cat php-fpm.service" to check which command is executed with the argument and try executing that on the command prompt. What does that give?

  3. #3

    Default Re: Unable to launch php-fpm.service 'Permission denied - Unable to read php-fpm.conf'

    Here the content of php-fpm.service :
    Code:
    # /etc/systemd/system/php-fpm.service# It's not recommended to modify this file in-place, because it
    # will be overwritten during upgrades.  If you want to customize,
    # the best way is to use the "systemctl edit" command.
    
    
    [Unit]
    Description=The PHP FastCGI Process Manager
    After=network.target
    Before=apache2.service nginx.service lighttpd.service
    
    
    [Service]
    User=root
    Type=notify
    ExecStart=/usr/sbin/php-fpm --nodaemonize --fpm-config /etc/php8/fpm/php-fpm.co>
    ExecReload=/bin/kill -USR2 $MAINPID
    
    
    # Set up a new file system namespace and mounts private /tmp and /var/tmp direc>
    # so this service cannot access the global directories and other processes cann>
    # access this service's directories.
    PrivateTmp=true
    
    
    # Mounts the /usr, /boot, and /etc directories read-only for processes invoked >
    ProtectSystem=full
    
    
    # Sets up a new /dev namespace for the executed processes and only adds API pse>
    # such as /dev/null, /dev/zero or /dev/random (as well as the pseudo TTY subsys>
    # but no physical devices such as /dev/sda.
    PrivateDevices=true
    
    
    # Explicit module loading will be denied. This allows to turn off module load a>
    # operations on modular kernels. It is recommended to turn this on for most ser>
    # do not need special file systems or extra kernel modules to work.
    ProtectKernelModules=true
    
    
    # Kernel variables accessible through /proc/sys, /sys, /proc/sysrq-trigger, /pr>
    # /proc/acpi, /proc/timer_stats, /proc/fs and /proc/irq will be made read-only >
    # of the unit. Usually, tunable kernel variables should only be written at boot>
    # sysctl.d(5) mechanism. Almost no services need to write to these at runtime; >
    # recommended to turn this on for most services.
    ProtectKernelTunables=true
    
    
    # The Linux Control Groups (cgroups(7)) hierarchies accessible through /sys/fs/>
    # made read-only to all processes of the unit. Except for container managers no>
    # require write access to the control groups hierarchies; it is hence recommend>
    # for most services
    ProtectControlGroups=true
    
    
    # Any attempts to enable realtime scheduling in a process of the unit are refus>
    RestrictRealtime=true
    
    
    # Restricts the set of socket address families accessible to the processes of t>
    # Protects against vulnerabilities such as CVE-2016-8655
    RestrictAddressFamilies=AF_INET AF_INET6 AF_NETLINK AF_UNIX
    
    
    # Takes away the ability to create or manage any kind of namespace
    RestrictNamespaces=true
    
    
    [Install]
    WantedBy=multi-user.target
    Following your toughts I have tried anoher configuration for php-fpm.conf from the Internet :
    https://gist.github.com/sotarok/2767859

    This does not work neither.

  4. #4
    Join Date
    Oct 2014
    Location
    Rotterdam
    Posts
    475

    Default Re: Unable to launch php-fpm.service 'Permission denied - Unable to read php-fpm.conf'

    Good to have the contents of php-fpm.service

    Can you execute, on the console, as root, what is after "ExecStart=" and share the output?

  5. #5

    Default Re: Unable to launch php-fpm.service 'Permission denied - Unable to read php-fpm.conf'

    Here the reply of `sudo /usr/sbin/php-fpm --nodaemonize --fpm-config /etc/php8/fpm/php-fpm.conf`
    Code:
    [14-May-2021 12:48:55] ERROR: failed to open configuration file '/etc/php8/fpm/php-fpm.conf': Permission denied (13)
    [14-May-2021 12:48:55] ERROR: failed to load configuration file '/etc/php8/fpm/php-fpm.conf'
    [14-May-2021 12:48:55] ERROR: FPM initialization failed
    Thank you very much for your help \o/

  6. #6
    Join Date
    Oct 2014
    Location
    Rotterdam
    Posts
    475

    Default Re: Unable to launch php-fpm.service 'Permission denied - Unable to read php-fpm.conf'

    Okay, so the problem is accessing /etc/php8/fpm/php-fpm.conf (as root) but according to you first post it owned by root and everybody has read access.

    Quite mysterious, searching for the error I found https://serverfault.com/questions/50...mission-denied.

    Can you check if one of the solutions listed there works for you?

  7. #7

    Default Re: Unable to launch php-fpm.service 'Permission denied - Unable to read php-fpm.conf'

    I finally achieve starting this service by downgrading to php7-fpm.
    It works now.
    The bug isn't resolved...

    Thank you very much for your help, and time.

  8. #8

    Default Re: Unable to launch php-fpm.service 'Permission denied - Unable to read php-fpm.conf'

    I have been having this problem since PHP 8.x was added to the repository, php 7.x works fine.
    I finally had to resort to using Apache, which does not require php-fpm, for all my openSuSE TW servers...
    I have no problem using NGiNX and php-fpm 8.x with openSuSE Leap.
    But, openSuSE TW will not run php-fpm 8.x...
    [18-May-2021 13:58:55] ERROR: failed to open configuration file '/etc/php8/fpm/php-fpm.conf': Permission denied (13)

    Seems to be a bug no-one is catching, because no-one is using it, yet?

    I usually wait a few months and these kinds of problems go away or a work around is found.

    Not this one, 6 months and no fix or work around see on the web, and this is the first mention, I've found.

    Thanks, for all your hard work!

  9. #9
    Join Date
    Oct 2014
    Location
    Rotterdam
    Posts
    475

    Default Re: Unable to launch php-fpm.service 'Permission denied - Unable to read php-fpm.conf'

    Quote Originally Posted by ewmadrid View Post
    Seems to be a bug no-one is catching, because no-one is using it, yet?
    At least two people did catch it I am reasonable sure quite some others that did not report it just like you did until now ;-)

    I think more can be tried/debugged but you can also created a bug at https://bugzilla.opensuse.org

  10. #10

    Default Re: Unable to launch php-fpm.service 'Permission denied - Unable to read php-fpm.conf'

    Quote Originally Posted by marel View Post
    At least two people did catch it I am reasonable sure quite some others that did not report it just like you did until now ;-)

    I think more can be tried/debugged but you can also created a bug at https://bugzilla.opensuse.org

    Bug submitted:

    https://bugzilla.opensuse.org/show_bug.cgi?id=1186267

    Thanks.

Page 1 of 2 12 LastLast

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •