# Help with messed up permissions..



## kutchbhi (Mar 26, 2019)

My nginx and php-frm were working fine. Till I installed sudo and tried to add my user to sudoers group. now php-fpm throws permission errors. Commands:

```
#install sudo
pkg install sudo

#attempt to add to sudo
su - ; visudo ; Added line "username All=(ALL) ALL" . This didn't help

#attempt to add to sudo again:
"sudo pw usermod -G wheel -n username". Then "sudo pw usermod -g username -G wheel -n username" . Then added "%freekhill ALL=(ALL) ALL" visudo .
"sudo ls" works.

#restart services throws error
service php-fpm stop ->  "php_fpm not running? (check /var/run/php-fpm.pid)."
service php-fpm start ->  "Another FPM instance seems to already listen on /var/run/php-fpm.sock"  .

/var/run/php-fpm.sock is defiend in the php-fpm conf file. Not sure where the pid file is coming from...
```
Help please..

Edit: 
I may have also screwed up www user permissions: hp-fpm isn't able to read/write the file  /var/run/php-fpm.pid?

```
srw-rw----  1 www  www  0 Mar 26 16:59 /var/run/php-fpm.pid
```


```
"sudo -u www rm /var/run/php-fpm.pid"  # rm: /var/run/php-fpm.pid: Permission denied
```


----------



## SirDice (Mar 26, 2019)

Your sudo(8) escapades have nothing to do with your PHP issues.

To fix the PID problem, stop the service. Kill it if you have to. When it's stopped check if the PID file is still there, remove it if it's left over. The PID file is created by the rc(8) script and will get the proper permissions when you start the service again. Start the service normally, don't start it as the www user. The user change is already taken care of by the rc(8) script.


----------



## kutchbhi (Mar 26, 2019)

Found the problem. Not solution. www user can't access 777 folder


```
ls -la /var/www/folder/
total 14
drwxrwxrwx  2  user wheel   3 Mar 26 16:27 .
drwxrwxrwx  9 user wheel  11 Mar 26 16:27 ..
-rwxrwxrwx  1  user wheel   2 Mar 26 16:27 index.php
```

But


```
sudo -u www cd /var/www/folder
cd: /var/www/folder : Permission denied
```


----------



## kutchbhi (Mar 26, 2019)

Solution:

Set www as owner: `chown -R :www /var/www/`
Add user to www group: `pw group mod www -m freekhill`
Set permission:  `chmod -R 774 /var/www/`


----------



## tommiie (Mar 26, 2019)

The 'www' user is used to run the Apache HTTP or nginx daemon and should _not_ own any files. That's a security risk. The files should be owned by other users, e.g. user 'root' and group 'http_admins'.


----------

