Z-Push 2.4.0 - nginx configuration file

@milauria there are quite some pull requests attached to the ticket I’ve linked you. if you login at jira.z-hub.io then you can see all the changes that have been done.

Now that Z-push 2.4 has been released as official … I may suggest that when installing the z-push-config-nginx module the following permissions are also set during installation:

/var/lib/z-push/* must be owned by nginx : z-push (not apache:z-push)
/etc/logrotate.d/z-push.lr should remove “create apache apache”

I am running on Centos 7 with Nginx

Hi, thanks for the report. I’ve created an issue for it https://jira.z-hub.io/browse/ZP-1375
I am not sure why we didn’t see this/create the ticket before, but we will fix asap.

Cheers, Sebastian

@milauria we have fixed ZP-1375 and it’s released in Z-Push 2.4.1 beta1.
Could you try to install/update to this version and report back? Thank you!

With the Z-Push 2.4.1 beta1 installed I see that now the logrotate contains “create root z-push” which also does not work for me.

I need to be “create nginx z-push” to make let z-push write its log file … or just delete the “create” statement so that it inherits the permission from its folder

Basically to make it work I need both /var/log/z-push and /var/lib/z-push to be owned by the “nginx” user

Hi milauria,

are there any errors? z-push group does have the right permissions for both folders, doesn’t it?


Hi manfred,
seems to be the file owner the problem, not the file group

The /var/lib/z-push owner needs to be “nginx”. The z-push install I think defaults the owner as “root” and in that case I get the below fatal error. After I did the “chown nginx” the error went away.

[FATAL] Exception: (FatalMisconfigurationException) - Not possible to write to the configured state directory.
[FATAL] FatalMisconfigurationException: Not possible to write to the configured state directory. - code: 0 - file: /usr/share/z-push/lib/default/filestatemachine.php:63

Similarly /var/log/z-push needs to owned by nginx AND needs to be writable only by the user.
The error I get: “parent directory has insecure permissions (It’s world writable or writable by group which is not “root”)”
I also removed altogether the “create” statement in the z-push.lr so that every new log is created with the same folder permission


Hi milauria,

could you post the output of

groups nginx


With the current spec file configuration it’s not so trivial to change the ownership to user nginx. That’s why we introduced the z-push group which has the right permissions.


groups nginx
nginx : nginx z-push

thanks for looking into this

Just to report that I have installed 2.4.1 final and all works fine with the only modification needed for the /var/log that I had to change as follow:

drwxr-x—. 2 nginx z-push 4096 Apr 11 19:21 z-push