1.6.1/1.7.4 and newer breaks FastCGI
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
| Nginx |
Undecided
|
Unassigned |
Bug Description
The nginx 1.6.1 update (from 1.6.0) breaks fastcgi / php5-fpm by changing the configuration file. The rest is a blank white page and no error messages thrown for any PHP scripts which are requested via nginx.
Using the PPA at: https:/
In 1.6.0 you'd do something like this to use fastcgi / php5-fpm:
location ~ \.php$ {
try_files $uri =404;
include fastcgi_params;
}
However after upgrading to 1.6.1, you need to update the include line to this:
include fastcgi.conf;
This is a massive problem for a patch release. Websites will go offline if anyone does an apt-get update...
Debugging information from my etckeeper log of the update:
Package changes:
-nginx 1.6.0-1+trusty0
-nginx-common 1.6.0-1+trusty0
-nginx-full 1.6.0-1+trusty0
+nginx 1.6.1-2+trusty0
+nginx-common 1.6.1-2+trusty0
+nginx-full 1.6.1-2+trusty0
diff --git a/nginx/
new file mode 100644
index 0000000..ac9ff92
--- /dev/null
+++ b/nginx/
@@ -0,0 +1,25 @@
+
+fastcgi_param SCRIPT_FILENAME $document_
+fastcgi_param QUERY_STRING $query_string;
+fastcgi_param REQUEST_METHOD $request_method;
+fastcgi_param CONTENT_TYPE $content_type;
+fastcgi_param CONTENT_LENGTH $content_length;
+
+fastcgi_param SCRIPT_NAME $fastcgi_
+fastcgi_param REQUEST_URI $request_uri;
+fastcgi_param DOCUMENT_URI $document_uri;
+fastcgi_param DOCUMENT_ROOT $document_root;
+fastcgi_param SERVER_PROTOCOL $server_protocol;
+fastcgi_param HTTPS $https if_not_empty;
+
+fastcgi_param GATEWAY_INTERFACE CGI/1.1;
+fastcgi_param SERVER_SOFTWARE nginx/$
+
+fastcgi_param REMOTE_ADDR $remote_addr;
+fastcgi_param REMOTE_PORT $remote_port;
+fastcgi_param SERVER_ADDR $server_addr;
+fastcgi_param SERVER_PORT $server_port;
+fastcgi_param SERVER_NAME $server_name;
+
+# PHP only, required if PHP was built with --enable-
+fastcgi_param REDIRECT_STATUS 200;
diff --git a/nginx/
index 4ee14e9..71e2c2e 100644
--- a/nginx/
+++ b/nginx/
@@ -1,25 +1,24 @@
-fastcgi_param QUERY_STRING $query_string;
-fastcgi_param REQUEST_METHOD $request_method;
-fastcgi_param CONTENT_TYPE $content_type;
-fastcgi_param CONTENT_LENGTH $content_length;
-fastcgi_param SCRIPT_FILENAME $request_filename;
-fastcgi_param SCRIPT_NAME $fastcgi_
-fastcgi_param REQUEST_URI $request_uri;
-fastcgi_param DOCUMENT_URI $document_uri;
-fastcgi_param DOCUMENT_ROOT $document_root;
-fastcgi_param SERVER_PROTOCOL $server_protocol;
+fastcgi_param QUERY_STRING $query_string;
+fastcgi_param REQUEST_METHOD $request_method;
+fastcgi_param CONTENT_TYPE $content_type;
+fastcgi_param CONTENT_LENGTH $content_length;
-fastcgi_param GATEWAY_INTERFACE CGI/1.1;
-fastcgi_param SERVER_SOFTWARE nginx/$
+fastcgi_param SCRIPT_NAME $fastcgi_
+fastcgi_param REQUEST_URI $request_uri;
+fastcgi_param DOCUMENT_URI $document_uri;
+fastcgi_param DOCUMENT_ROOT $document_root;
+fastcgi_param SERVER_PROTOCOL $server_protocol;
+fastcgi_param HTTPS $https if_not_empty;
-fastcgi_param REMOTE_ADDR $remote_addr;
-fastcgi_param REMOTE_PORT $remote_port;
-fastcgi_param SERVER_ADDR $server_addr;
-fastcgi_param SERVER_PORT $server_port;
-fastcgi_param SERVER_NAME $server_name;
+fastcgi_param GATEWAY_INTERFACE CGI/1.1;
+fastcgi_param SERVER_SOFTWARE nginx/$
-fastcgi_param HTTPS $https if_not_empty;
+fastcgi_param REMOTE_ADDR $remote_addr;
+fastcgi_param REMOTE_PORT $remote_port;
+fastcgi_param SERVER_ADDR $server_addr;
+fastcgi_param SERVER_PORT $server_port;
+fastcgi_param SERVER_NAME $server_name;
# PHP only, required if PHP was built with --enable-
-fastcgi_param REDIRECT_STATUS 200;
+fastcgi_param REDIRECT_STATUS 200;
Let me know what else you need from me.
I'm running Ubuntu Server 14.04 x64.
description: | updated |
Stephen Rees-Carter (valorin) wrote : | #1 |
Thomas Ward (teward) wrote : | #2 |
Here's really what happens with the PPAs, as an FYI.
First, nginx announces a new version release/bump. Second, the PPA gets updated when Debian publishes the new package/packaging. Thirdly, that package is downloaded and rebuilt for Ubuntu Precise/
----------
This is the NEWS entry in Debian for this:
nginx-common (1.6.1-2) unstable; urgency=medium
As of nginx-1.6.1-2 we have synced all configuration files with upstream and
we plan to keep them in sync from now on.
Unfortunately that might break existing configuration for some users. Please
check the matrix below for more information:
File Changes
-----
koi-win whitespace
koi-utf whitespace
mime-types whitespace, changed js/rss mime type,
scgi_params whitespace, added HTTPS
uwsgi_params whitespace, added HTTPS, removed UWSGI_SCHEME
fastcgi_params whitespace, removed SCRIPT_FILENAME
fastcgi.conf new upstream configuration file
Fastcgi configuration issues
=====
nginx shipped a modified `fastcgi_params`, which declared `SCRIPT_FILENAME`
fastcgi_param. This line has now been removed. From now on we are also
shipping fastcgi.conf from the upstream repository, which includes a sane
`SCRIPT_FILENAME` parameter value.
So, if you are using fastcgi_params, you can try switching to fastcgi.conf
or manually set the relevant params.
You might also want to read the documentation section before proceeding.
http://
section: $fastcgi_
------
According to this, this is a sync with upstream changes. Therefore, this needs to be handled at the Debian level, rather than the PPA level. The idea is the PPA(s) are near-identical to Debian with only necessary deltas. This NEWS entry actually seems to suggest that Upstream, that is to say, nginx itself, has provided this change, and therefore this isn't a bug we can "fix". Users will need to update their configurations to match the upstream-provided changes.
Changed in nginx: | |
status: | New → Won't Fix |
Thomas Ward (teward) wrote : | #3 |
Marked "Won't Fix" as this decision was made upstream, and is done in accordance with the NEWS entry detailing that the nginx package in Debian is matching the nginx code/configs from upstream.
Stephen Rees-Carter (valorin) wrote : | #4 |
Frustraiting that this change was made in a patch release, but thank you for spending the time to investigate and explain it
Luckily the fix is easy - and hopefully anyone who is affected can quickly fix things to avoid downtime.
summary: |
- 1.6.1 upgrade breaks fastcgi / php5-fpm with changed config file + 1.6.1/1.7.4 and newer breaks FastCGI |
tags: | added: stable |
tags: | added: mainline ppa |
It looks like this has been introduced as part of this fix:
https:/ /bugs.debian. org/cgi- bin/bugreport. cgi?bug= 718639
" * debian/ conf/fastcgi_ params:
+ Sync with upstream and remove `SCRIPT_FILENAME` parameter.
This change might break fastcgi sites. (Closes: #718639)"
Definitely not something that should be put in a patch release...