Nginx 502 Bad Gateway error after updating Ubuntu 12.04

Today I updated my Ubuntu Server to 12.04.5 LTS (release 12.04, codename: precise), and got “502 Bad Gateway” on all my websites.

I checked Nginx log files and found that Nginx cannot open the socket created by PHP-FPM:

2014/09/11 19:01:03 [crit] 2741#0: *107 connect() to unix:/var/run/www-devnote.sock failed (13: Permission denied) while connecting to upstream, client: XXX.XX.X.XX, server: ~^(www\.)?(?<domain>.+)$, request: “GET /2014/04/using-a-wpf-control-in-a-mfc-application/ HTTP/1.1”, upstream: “fastcgi://unix:/var/run/www-devnote.sock:”, host: “”

So I reconfigure my PHP-FPM to create sockets under www-data user (initially they was created as root by default) by adding file socket-owner.conf to /etc/php5/fpm directory containing the following:

; Set permissions for unix socket, if one is used. In Linux, read/write
; permissions must be set in order to allow connections from a web server. Many
; BSD-derived systems allow connections regardless of permissions.
; Default Values: user and group are set as the running user
;                 mode is set to 0660
listen.owner = www-data = www-data
listen.mode = 0660

and including it to all pool.d/* files as follows:


user = nobody
group = site1

listen = /var/run/www-site1.sock

pm = ondemand

pm.max_children = 10
pm.start_servers = 0
pm.min_spare_servers = 0
pm.max_spare_servers = 4

chdir = /

I did not investigate what has been changed in Ubuntu, but looks like new version of Ubuntu does not allow Nginx workers running under www-data to access the sockets created as root with 0660 (srw-rw—-) permissions. To list my sockets I used the following command:

ll /var/run/www-*

Leave a Reply

Your email address will not be published. Required fields are marked *