If you are running PHP applications on a Linux server, you may encounter a problem with the ownership of the /run/php directory. This directory is used by PHP-FPM, a service that manages FastCGI processes for PHP. By default, this directory is owned by the root user and the root group, which means that only the root user can write to it. However, some PHP applications may need to write to this directory, such as WordPress or Laravel, which use the /run/php/php-fpm.sock file to communicate with PHP-FPM. If these applications are running under a different user or group, they will not be able to access this file and may fail to work properly.
One way to solve this problem is to change the ownership of the /run/php directory to match the user and group of your PHP applications. For example, if your PHP applications are running under the www-data user and group, you can use the following command to change the ownership of /run/php:
sudo chown -R www-data:www-data /run/php
This command will recursively change the owner and group of /run/php and all its subdirectories and files to www-data. However, this solution is not permanent, because every time you restart the PHP-FPM service, the ownership of /run/php will be reset to root:root. This means that you will have to run the chown command again after every reboot or service restart, which can be tedious and inconvenient.
How to Make the Ownership Change Permanent
To make the ownership change permanent, you need to modify the configuration file of PHP-FPM. This file is usually located at /etc/php/7.4/fpm/php-fpm.conf, where 7.4 is the version of PHP that you are using. You can use any text editor to open this file, such as nano:
sudo nano /etc/php/7.4/fpm/php-fpm.conf
In this file, you need to find the following lines:
; Unix user/group of processes ; Note: The user is mandatory. If the group is not set, the default user's group ; will be used. ; RPM: apache Choosed to be able to access some dir as httpd user = www-data ; RPM: Keep a group allowed to write in log dir. group = www-data
These lines define the user and group that PHP-FPM will use to run its processes. By default, they are set to www-data, which is the same as your PHP applications. However, these settings only affect the processes, not the files and directories that they create or access. To change that, you need to add two more lines below these lines:
listen.owner = www-data listen.group = www-data
These lines define the owner and group of the socket file that PHP-FPM uses to listen for requests from web servers or applications. By setting them to www-data, you are telling PHP-FPM to create and use the socket file with the same ownership as your PHP applications. This way, your PHP applications will be able to access and write to the socket file without any permission issues.
After adding these lines, save and close the file by pressing Ctrl+O and Ctrl+X. Then restart the PHP-FPM service by running:
sudo systemctl restart php7.4-fpm
Now, if you check the ownership of /run/php, you should see that it has been changed to www-data:www-data:
ls -l /run/php total 4 -rw-r--r-- 1 www-data www-data 5 Apr 5 16:25 php7.4-fpm.pid srw-rw---- 1 www-data www-data 0 Apr 5 16:25 php7.4-fpm.sock
And if you restart the service again or reboot your server, you should see that the ownership remains unchanged. This means that you have successfully made the ownership change permanent.
Why do I need to change the ownership of /run/php?
You need to change the ownership of /run/php if your PHP applications need to write to this directory or access the socket file that PHP-FPM uses. For example, WordPress or Laravel use this socket file to communicate with PHP-FPM and execute PHP scripts. If your PHP applications are running under a different user or group than root, they will not be able to access or write to this file and may fail to work properly.
What are the risks of changing the ownership of /run/php?
Changing the ownership of /run/php may expose your server to some security risks if you do not follow some best practices. For example, if you set the owner and group of /run/php to a user or group that has more privileges than necessary, such as root, you may allow malicious users or applications to access or modify this directory or the socket file and compromise your server. Therefore, you should always use the least privileged user and group that can run your PHP applications, such as www-data.
How can I revert the ownership change of /run/php?
If you want to revert the ownership change of /run/php, you need to edit the PHP-FPM configuration file again and remove or comment out the listen.owner and listen.group lines that you added. Then restart the PHP-FPM service and run the chown command with root:root as the owner and group:
sudo nano /etc/php/7.4/fpm/php-fpm.conf # Remove or comment out these lines # listen.owner = www-data # listen.group = www-data sudo systemctl restart php7.4-fpm sudo chown -R root:root /run/php
This will restore the default ownership of /run/php to root:root.
This article is for informational purposes only and does not constitute professional advice. You should always consult a qualified expert before making any changes to your server configuration or settings. We are not responsible for any damages or losses that may result from following this article. Use this article at your own risk.