dump conf from running nginx process
As of Nginx 1.9.2 you can dump the Nginx config with the -T
flag:
-T
— same as-t
, but additionally dump configuration files to standard output (1.9.2).
Source: http://nginx.org/en/docs/switches.html
This is not the same as dumping for a specific process. If your Nginx is using a different config file, check the output for ps aux
and use whatever it gives as the binary, e.g. if it gives something like
nginx: master process /usr/sbin/nginx -c /some/other/config
you need to run
/usr/sbin/nginx -c /some/other/config -T
If you are not on 1.9.2 yet, you can dump the config with gdb:
- https://serverfault.com/questions/361421/dump-nginx-config-from-running-process
Locate the nginx.conf file my nginx is actually using
Running nginx -t
through your commandline will issue out a test and append the output with the filepath to the configuration file (with either an error or success message).
how to take directory access control with nginx conf
ok so here's what you need to do, we need to create separate pools for those 2 websites, pools are located inside /etc/php5/fpm/pool.d/
, by default you'll find pool called www.conf
, you'll copy that file and create a new pool, then edit the file and rename the [www]
to any other name, that's the pool name, and change the listening sock file or port ( which ever you use ).
Then we need to add open_basedir
to each pool,
php_admin_value[open_basedir] = /home/wwwroot/aaa.com/
And bbb.com
in the other file, then inside the nginx config pass each virtual host to the according pool.
Restore Current sites-available File
First of all before attempting this make sure now you have enough space free on your server and you will need to have sudo rights as well.
Finding the main nginx process
The first thing you need is to find the main process of nginx
$ ps aux | grep nginx
root 3890 0.0 0.1 124972 1424 ? Ss 06:06 0:00 nginx: master process /usr/sbin/nginx -g daemon on; master_process on;
www-data 3891 0.0 0.3 125332 3128 ? S 06:06 0:00 nginx: worker process
As you can see my main nginx process is 3890
pid.
Finding the memory map
Next we need to check what memory maps the process is using
$ sudo cat /proc/3890/maps
55698ed20000-55698ee2e000 r-xp 00000000 fc:00 414469 /usr/sbin/nginx
55698f02e000-55698f030000 r--p 0010e000 fc:00 414469 /usr/sbin/nginx
55698f030000-55698f04c000 rw-p 00110000 fc:00 414469 /usr/sbin/nginx
55698f04c000-55698f06c000 rw-p 00000000 00:00 0
556990d72000-556990dd5000 rw-p 00000000 00:00 0 [heap]
7f4cfa551000-7f4cfa55c000 r-xp 00000000 fc:00 1314482 ....
7f4d01f70000-7f4d01f71000 rw-p 00000000 00:00 0
7ffde6f5e000-7ffde6f7f000 rw-p 00000000 00:00 0 [stack]
7ffde6f9a000-7ffde6f9c000 r--p 00000000 00:00 0 [vvar]
7ffde6f9c000-7ffde6f9e000 r-xp 00000000 00:00 0 [vdso]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall]
Now there will be a lot of output, but don't worry we mainly interested in the [heap]
section. The memory is located at 556990d72000-556990dd5000
.
Dumping the heap
Now you need to dump the heap. Make sure you have gdb
installed. Connect to the process using
$ sudo gdb -p 3890
You will get a (gdb)
prompt. Now on this prompt use the addresses that we noted earlier
(gdb) dump memory /tmp/nginx-memory 0x556990d72000 0x556990dd5000
Getting string data out of dump
Now our dump is available at /tmp/nginx-memory
, now we need to get string data out of it
$ sudo strings /tmp/nginx-memory > /tmp/nginx-memory.str
Finding the Nginx Config
Now you have a memory dump. Most configs will have a http {
line and now you can test your /tmp/nginx-memory.str
for the same
$ grep -A 20 "http {" /tmp/nginx-memory.str
http {
# Basic Settings
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
# server_tokens off;
# server_names_hash_bucket_size 64;
# server_name_in_redirect off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
# SSL Settings
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
# Logging Settings
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
# Gzip Settings
gzip on;
gzip_disable "msie6";
--
http {
# Basic Settings
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
# server_tokens off;
# server_names_hash_bucket_size 64;
# server_name_in_redirect off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
# SSL Settings
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
# Logging Settings
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
# Gzip Settings
gzip on;
gzip_disable "msie6";
So look into this file carefully and recover you config and create a new one
Accidently Deleted /etc/nginx, anyway to regenerate our custom nginx.conf?
You can run
nginx -T
to see the running config. Note: This only works with version 1.9.2 and above
To check your version use:
nginx -v
If your version is below 1.9.2 you can look at the following post:
https://serverfault.com/questions/361421/dump-nginx-config-from-running-process
Related Topics
Perl Fails to Set Locale Even Though It Is Installed
Merge Files with Bash by Primary Key
Rename Part of File Name Based on Exact Match in Contents of Another File
How to Connect a Shell to a Pseudo Tty
Bash Script to Find and Display Oldest File
Python Socket.Error: [Errno 13] Permission Denied
Monitoring Pthread Context Switching
Add Blank Line Between Lines from Different Groups
Execute Command Line and Return Command Output
Best Posix Way to Determine If a Filesystem Is Mounted Read Only
How to Link to Shared Lib from Shared Lib with Relative Path