Dump Conf from Running Nginx Process

dump conf from running nginx process

As of Nginx 1.9.2 you can dump the Nginx config with the -T flag:

-T — same as -t, but additionally dump configuration files to standard output (1.9.2).

Source: http://nginx.org/en/docs/switches.html

This is not the same as dumping for a specific process. If your Nginx is using a different config file, check the output for ps aux and use whatever it gives as the binary, e.g. if it gives something like

nginx: master process /usr/sbin/nginx -c /some/other/config

you need to run

/usr/sbin/nginx -c /some/other/config -T

If you are not on 1.9.2 yet, you can dump the config with gdb:

• https://serverfault.com/questions/361421/dump-nginx-config-from-running-process

Locate the nginx.conf file my nginx is actually using

Running nginx -t through your commandline will issue out a test and append the output with the filepath to the configuration file (with either an error or success message).

how to take directory access control with nginx conf

ok so here's what you need to do, we need to create separate pools for those 2 websites, pools are located inside /etc/php5/fpm/pool.d/, by default you'll find pool called www.conf, you'll copy that file and create a new pool, then edit the file and rename the [www] to any other name, that's the pool name, and change the listening sock file or port ( which ever you use ).

Then we need to add open_basedir to each pool,

php_admin_value[open_basedir] = /home/wwwroot/aaa.com/

And bbb.com in the other file, then inside the nginx config pass each virtual host to the according pool.

Restore Current sites-available File

First of all before attempting this make sure now you have enough space free on your server and you will need to have sudo rights as well.

Finding the main nginx process

The first thing you need is to find the main process of nginx

$ ps aux | grep nginx
root      3890  0.0  0.1 124972  1424 ?        Ss   06:06   0:00 nginx: master process /usr/sbin/nginx -g daemon on; master_process on;
www-data  3891  0.0  0.3 125332  3128 ?        S    06:06   0:00 nginx: worker process

As you can see my main nginx process is 3890 pid.

Finding the memory map
Next we need to check what memory maps the process is using

$ sudo cat /proc/3890/maps
55698ed20000-55698ee2e000 r-xp 00000000 fc:00 414469                     /usr/sbin/nginx
55698f02e000-55698f030000 r--p 0010e000 fc:00 414469                     /usr/sbin/nginx
55698f030000-55698f04c000 rw-p 00110000 fc:00 414469                     /usr/sbin/nginx
55698f04c000-55698f06c000 rw-p 00000000 00:00 0
556990d72000-556990dd5000 rw-p 00000000 00:00 0                          [heap]
7f4cfa551000-7f4cfa55c000 r-xp 00000000 fc:00 1314482                    ....
7f4d01f70000-7f4d01f71000 rw-p 00000000 00:00 0
7ffde6f5e000-7ffde6f7f000 rw-p 00000000 00:00 0                          [stack]
7ffde6f9a000-7ffde6f9c000 r--p 00000000 00:00 0                          [vvar]
7ffde6f9c000-7ffde6f9e000 r-xp 00000000 00:00 0                          [vdso]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0                  [vsyscall]

Now there will be a lot of output, but don't worry we mainly interested in the [heap] section. The memory is located at 556990d72000-556990dd5000.

Dumping the heap

Now you need to dump the heap. Make sure you have gdb installed. Connect to the process using

$ sudo gdb -p 3890

You will get a (gdb) prompt. Now on this prompt use the addresses that we noted earlier

(gdb) dump memory /tmp/nginx-memory 0x556990d72000 0x556990dd5000

Getting string data out of dump

Now our dump is available at /tmp/nginx-memory, now we need to get string data out of it

$ sudo strings  /tmp/nginx-memory > /tmp/nginx-memory.str

Finding the Nginx Config

Now you have a memory dump. Most configs will have a http { line and now you can test your /tmp/nginx-memory.str for the same

$ grep -A 20 "http {" /tmp/nginx-memory.str
http {
    # Basic Settings
    sendfile on;
    tcp_nopush on;
    tcp_nodelay on;
    keepalive_timeout 65;
    types_hash_max_size 2048;
    # server_tokens off;
    # server_names_hash_bucket_size 64;
    # server_name_in_redirect off;
    include /etc/nginx/mime.types;
    default_type application/octet-stream;
    # SSL Settings
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
    ssl_prefer_server_ciphers on;
    # Logging Settings
    access_log /var/log/nginx/access.log;
    error_log /var/log/nginx/error.log;
    # Gzip Settings
    gzip on;
    gzip_disable "msie6";
--
http {
    # Basic Settings
    sendfile on;
    tcp_nopush on;
    tcp_nodelay on;
    keepalive_timeout 65;
    types_hash_max_size 2048;
    # server_tokens off;
    # server_names_hash_bucket_size 64;
    # server_name_in_redirect off;
    include /etc/nginx/mime.types;
    default_type application/octet-stream;
    # SSL Settings
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
    ssl_prefer_server_ciphers on;
    # Logging Settings
    access_log /var/log/nginx/access.log;
    error_log /var/log/nginx/error.log;
    # Gzip Settings
    gzip on;
    gzip_disable "msie6";

So look into this file carefully and recover you config and create a new one

Accidently Deleted /etc/nginx, anyway to regenerate our custom nginx.conf?

You can run

nginx -T

to see the running config. Note: This only works with version 1.9.2 and above

To check your version use:

nginx -v

If your version is below 1.9.2 you can look at the following post:

https://serverfault.com/questions/361421/dump-nginx-config-from-running-process

---

Related Topics