[英]How to run php-fpm as root
I know the risks about running php-fpm as root.我知道以 root 身份运行 php-fpm 的风险。 However there are situations where one would need to do it, like appliances, accessing operating system resources or even for testing purposes.但是,在某些情况下,人们需要这样做,例如设备、访问操作系统资源,甚至出于测试目的。
I have tried to change the user and group of php-fpm.d/www.conf to root when I restart the php-fpm process it raise an error:当我重新启动 php-fpm 进程时,我试图将 php-fpm.d/www.conf 的用户和组更改为 root,但它引发了一个错误:
Starting php-fpm: [26-Jun-2014 00:39:07] ERROR: [pool www] please specify user and group other than root
[26-Jun-2014 00:39:07] ERROR: FPM initialization failed
[FAILED]
What should I do.我该怎么办。 Anyone help?有人帮忙吗?
See: 看到:
# php-fpm --help
...
-R, --allow-to-run-as-root
Allow pool to run as root (disabled by default)
Just adding -R
(like this ans. suggests) to your command may not work.仅在您的命令中添加-R
(就像这样和建议)可能不起作用。 It depends how your running the command to start php-fpm
.这取决于您如何运行命令来启动php-fpm
。
If you're using service php-fpm restart
and it's using /etc/init.d instead of systemctl
(see here ), then you'll have to add -R to the DAEMON_ARGS
variable located in the /etc/php/<phpversion>/fpm/php-fpm.conf
script.如果您使用service php-fpm restart
并且它使用 /etc/init.d 而不是systemctl
(参见此处),那么您必须将 -R 添加到位于/etc/php/<phpversion>/fpm/php-fpm.conf
的DAEMON_ARGS
变量/etc/php/<phpversion>/fpm/php-fpm.conf
脚本。 (This variable is used in the do_start()
function. See here ). (此变量用于do_start()
函数。请参见此处)。
If it's using systemctl
then you'll have to edit the script used by systemctl
which should be located in /lib/systemd/system/<phpversion>-fpm.service
.如果它使用systemctl
那么你必须编辑systemctl
使用的脚本,它应该位于/lib/systemd/system/<phpversion>-fpm.service
。 Append -R
to the ExcecStart
variable.将-R
附加到ExcecStart
变量。 Then run systemctl daemon-reload
and systemctl start php<version>-fpm
(See here )然后运行systemctl daemon-reload
和systemctl start php<version>-fpm
(见这里)
I used the following questions/answers/resources to help me compile this solution.我使用以下问题/答案/资源来帮助我编译此解决方案。
Update 2018 更新2018年
Running it within a container is a possible valid reason to run php-fpm
as root. 在容器中运行它是以root身份运行php-fpm
的可能正当理由。 It can be done by passing the -R
command line argument to it 可以通过将-R
命令行参数传递给它来完成
Original answer: 原始答案:
However there are situations where one would need to do it, like appliances, accessing operating system resources 但是,有些人需要这样做,例如设备,访问操作系统资源
You never need to do it. 你永远不需要这样做。 That's it. 而已。 If you are managing system resources, grant permissions for the php-fpm user to that resources rather than running the whole process as root. 如果您正在管理系统资源,请将php-fpm用户的权限授予该资源,而不是以root身份运行整个过程。 If your question would be more specific I could show how to do that in a certain situation. 如果您的问题更具体,我可以说明在某种情况下如何做到这一点。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.