Nginx

Chroot 不適用於 php-fpm

  • February 26, 2017

我應該在我的站點上為我的 ftp 目錄使用 chroot:我的 php-fpm.conf:

[mysite.com]
listen = /var/run/php7-fpm-chroot-filemanager.sock
chroot = /var/www/mysite.com/fileman
chdir = /
user = filemanuser
group = filemangroup
pm = dynamic
pm.max_children = 5
pm.start_servers = 2
pm.min_spare_servers = 1
pm.max_spare_servers = 3

我的 nginx.conf 部分:

   location ~* /fileman/(.+\.php)$
   {

           root /var/www/mysite.com/;
           include /etc/nginx/fastcgi_params;
           if (!-f /var/www/mysite.com$fastcgi_script_name) {
                   return 405;
           }
           fastcgi_index index.php;
           fastcgi_pass unix:/var/run/php7-fpm-chroot-filemanager.sock
           fastcgi_param SCRIPT_FILENAME /var/www/mysite.com$fastcgi_script_name;
   }

重新啟動服務後,我在頁面上看到:

File not found. 

在nginx的日誌中:

2017/02/24 20:12:22 [error] 18390#18390: *108 FastCGI sent in stderr: "Primary script unknown" while reading response header from upstream, client: 192.168.110.25, server: www.mysite.com, request: "GET /fileman/index.php HTTP/1.1", upstream: "fastcgi://unix:/var/run/php7-fpm-chroot-filemanager.sock:", host: "www.mysite.com"

沒有 chroot 選項,一切正常。我哪裡有錯誤?請幫忙。

使用File not foundPrimary script unknown,查看SCRIPT_FILENAME變數。

該變數將腳本的路徑名傳遞給php-fpm. 在php-fpmchroot 環境中執行時,路徑名必須相對於 chroot 目錄。

您已經使用location指令中的正則表達式擷取了大部分修改後的路徑名。

例如:

location ~* ^/fileman(/.+\.php)$
{
   root /var/www/mysite.com;
   try_files $uri =405;

   include /etc/nginx/fastcgi_params;
   fastcgi_param SCRIPT_FILENAME $1;
   fastcgi_pass unix:/var/run/php7-fpm-chroot-filemanager.sock
}

引用自:https://serverfault.com/questions/834809