How to Solve phpMyadmin session_start(): Permission denied (13) nginx Centos 7

This article explained how to solving phpmyadmin session_start(): Permission denied (13) nginx server in centos 7 ( RHEL 7 ).

Prerequisites

To follow everything in this problem solving case you must logged in to centos 7 virtual machine instance (VPS) via SSH and logged in as root either everything will not working as i mentioned here.

Let's do it. Start to recovery session_start(): Permission denied (13).

The problem has been logged as tail -s 50 from log file here :
[root@amazon html]# tail -s 10 /var/log/nginx/error.log
#2 /usr/share/phpMyAdmin/index.php(12): require_once('/usr/share/phpM...')
#3 {main}
  thrown in /usr/share/phpMyAdmin/libraries/core.lib.php on line 245" while reading response header from upstream, client: 121.100.17.194, server: thebilogi.tk, request: "GET /phpMyAdmin/ HTTP/1.1", upstream: "fastcgi://127.0.0.1:9000", host: "thebilogi.tk"
2017/12/13 09:21:52 [error] 22589#0: *55 FastCGI sent in stderr: "PHP message: PHP Fatal error:  Uncaught Error: Call to undefined function __() in /usr/share/phpMyAdmin/libraries/core.lib.php:245
Stack trace:
#0 /usr/share/phpMyAdmin/libraries/session.inc.php(100): PMA_fatalError('Error during se...')
#1 /usr/share/phpMyAdmin/libraries/common.inc.php(350): require('/usr/share/phpM...')
#2 /usr/share/phpMyAdmin/index.php(12): require_once('/usr/share/phpM...')
#3 {main}
  thrown in /usr/share/phpMyAdmin/libraries/core.lib.php on line 245" while reading response header from upstream, client: 121.100.17.194, server: thebilogi.tk, request: "GET /cilumbu/ HTTP/1.1", upstream: "fastcgi://127.0.0.1:9000", host: "thebilogi.tk"

when i dig more deep to root directory find the phpmyadmin permission is set to root while the public nginx permission set to nginx

[root@amazon html]# ls -l
lrwxrwxrwx. 1 root  root    21 Dec 13 09:20 cilumbu -> /usr/share/phpMyAdmin

First, I would check that your phpmyadmin installation has the proper permissions (should be owned by www-data / (nginx / proper web user)  / if it's not). It sounds like the server-side files written for the php session cannot be properly written. I've encountered something similar before and before digging deeper I would recommend doing a reboot of your droplet / virtual machine instance. Temporary files in /tmp are cleared out on reboot and this would likely be the cleanest way to resolve this problem. I would then review file permissions and check your log files for any other potential errors that could point to an underlying cause.

[root@amazon html]# chmod 644 phpMyAdmin
[root@amazon html]# chown -Rf nginx:nginx phpMyAdmin
[root@amazon html]# ls -l
lrwxrwxrwx. 1 nginx nginx   21 Dec 13 09:20 cilumbu -> /usr/share/phpMyAdmin
[root@amazon html]# systemctl restart nginx
[root@amazon html]# systemctl restart php-fpm

God Dammm it! No Luck! #huh the browser say 403 Forbidden jutsu #haha #lol
[root@amazon html]# tail -s 50 /var/log/nginx/error.log
2017/12/13 09:36:53 [error] 24452#0: *1 "/usr/share/nginx/html/cilumbu/index.html" is forbidden (13: Permission denied), client: 121.100.17.194, server: thebilogi.tk, request: "GET /cilumbu/ HTTP/1.1", host: "thebilogi.tk"
2017/12/13 09:36:56 [error] 24452#0: *1 "/usr/share/nginx/html/cilumbu/index.html" is forbidden (13: Permission denied), client: 121.100.17.194, server: thebilogi.tk, request: "GET /cilumbu/ HTTP/1.1", host: "thebilogi.tk"
I think the error is just like before in my browse file and open file 13: denied permission then i trying to do the same think. Then check again for log
[root@amazon html]# tail -s 50 /var/log/nginx/error.log
2017/12/13 09:36:53 [error] 24452#0: *1 "/usr/share/nginx/html/cilumbu/index.html" is forbidden (13: Permission denied), client: 121.100.17.194, server: thebilogi.tk, request: "GET /cilumbu/ HTTP/1.1", host: "thebilogi.tk"
2017/12/13 09:36:56 [error] 24452#0: *1 "/usr/share/nginx/html/cilumbu/index.html" is forbidden (13: Permission denied), client: 121.100.17.194, server: thebilogi.tk, request: "GET /cilumbu/ HTTP/1.1", host: "thebilogi.tk"
Confuse about everything running and scheduling task i activate audit system for php and family

[root@amazon share]# grep php /var/log/audit/audit.log | audit2allow -M mypol
******************** IMPORTANT ***********************
To make this policy package active, execute:

semodule -i mypol.pp

[root@amazon share]# semodule -i mypol.pp

The problem solving task not end here, then i chown the php session, wsdlcache, and opcache path to root:root
Before
[root@amazon share]# ls -l /var/lib/php
total 0
drwxrwx---. 2 root apache 6 Dec  1 13:02 opcache
drwxrwx---. 2 root apache 6 Dec  1 13:02 session
drwxrwx---. 2 root apache 6 Dec  1 13:02 wsdlcache
[root@amazon share]# chown -R root:root /var/lib/php/opcache
[root@amazon share]# chown -R root:root /var/lib/php/session
[root@amazon share]# chown -R root:root /var/lib/php/wsdlcache

After
[root@amazon share]# ls -l /var/lib/php
total 0
drwxrwx---. 2 root apache 6 Dec  1 13:02 opcache
drwxrwx---. 2 root apache 6 Dec  1 13:02 session
drwxrwx---. 2 root apache 6 Dec  1 13:02 wsdlcache
Finish setup permission to root and root group user but the error permission denied still exist. What wrong? #huh

The Last Try Was Succesfully Solve session_start(): Permission denied (13)

Somehow, i was forgotten about file and folder owner, just start the whole system and not doing any audit for file and folder fix permission. My concern always for website speed test which is equivalent with succesfully proxy & caching then forward web data to backend and comeback to browser in a few milisecond.

Yes, i was try all method and succesfully leas conn to sent all whole header and body www data to browser and communicate all of them in maximum 468 milisecond. #wow right?

very fast dynamic website
very fast dynamic website

For dynamic website receiving and sending data for thus speed is very clever webmaster. lets see in the future, are there any change? I try the big G website speed in every country, the speed result is 2 second and always in that range, superb! Loading big data and serving million user, google can serve browser in just 2 second. Amazing big G!

To solve the  session_start(): Permission denied (13) the main context of problem is in pooler user. If you using pfp-fpm as fast-cgi processor like me make sure the user seting in www.conf and in the file permission for session path is correct.

If you sing username nginx or www-data make sure for ww.conf using that then the file owner is the same as.

Verify who user can using php-fpm and write access for php-fpm process
[root@amazon html]
# nano /etc/php-fpm.d/www.conf
[nginx]
as mentiond before the user owner for session file is root with user group is  also root, to fix permission and session writed in the right path change filw ower to nginx as referr in www.conf

[root@amazon]# chown -Rf nginx:nginx /var/lib/php/opcache
[root@amazon]# chown -Rf nginx:nginx /var/lib/php/session
[root@amazon]# chown -Rf nginx:nginx /var/lib/php/wsdlcache
Then restart php-fpm, and nginx service
[root@amazon]# systemctl restart nginx
[root@amazon]# systemctl restart php-fpm

refresh your browser (for chrome will automatic refresh) and you see, the login screen appear with no error and session data has been writed to right path.

What if all the mentioned step doesn;t solve the problem?
here is the last, yes, mosty, last action you must do after this no more action or command avaiable xxd :)
Log on to your server SSH Cli as sudoer or root then type and enter :

[root@amazon]# chgrp nginx -R /var/lib/php/session

refresh your browser and ...

That all how to solve session_start(): Permission denied (13). The main issue is file owner and php-fpm config setting. In the future, make sure both setting up with right permission. Either, your server will sent the data with plushing load time.

0 Response to "How to Solve phpMyadmin session_start(): Permission denied (13) nginx Centos 7"

Post a Comment