Might be a silly question (if the answer is just plain "yes").
But I also want to ask for thoughts on best practices.
I'm running php-fpm connected to apache with a unix socket. I followed various instructions and the final bug I fixed was that the socket was not being created with the user and group (_www) which was needed to allow apache to access it and so I was getting "service unavailable". Now everything works. I have to use sudo to start php-fpm or the socket is not created with the right user and group (instead, the running user, so creating a socket file which apache cannot read).
I am wondering if there is another way to set up users and permissions for this, to avoid the use of sudo. What was and is strange is that there seem to be people doing this without using sudo (if I'm correct: please correct me if this is not possible), and I wonder how.
Wondered if there is a more artful and/or security conscious way to do this that I'm missing, or any other thoughts about best practices or options.
UPDATE: From the php-fpm docs on the httpd wiki:
"If apache and php-fpm run as the same user (not necessary or recommended)..."
So how to not run them as the same user? Currently, checking via activity monitor on mac, I have: a parent fpm process as root, with children as _www, and the same for httpd, (a parent process as root and multiple children as _www) (won't let me post second image showing this due to not having 10 reputation).
