@jussimannisto I have found how to workaround this

systemctl edit php8.4-fpm

enter this below and save

[Service]
ReadWritePaths=/etc/alternatives

you can then reboot or restart service, apparently ProtectSystem=full prevents service units from writing to /etc/, and in this case socket helper tries to write to /etc/alternatives.

Try it and let me know!

P.S. Anyone that knows somebody in Ubuntu or Ondrej ( i am not sure who is responsible for this ) please inform them

@jussimannisto I confirm your issue, today after upgrade of php mainly, that default php-fpm.sock file is not persisting after reboot. It looks like systemd startup file for php-fpm was changed, adding additional parameters for securing the system like:

ProtectSystem=full
PrivateDevices=true
ProtectKernelModules=true
ProtectKernelTunables=true
ProtectControlGroups=true
RestrictRealtime=true
RestrictAddressFamilies=AF_INET AF_INET6 AF_NETLINK AF_UNIX
RestrictNamespaces=true

so when it boots for some reason the socket helper used in the systemd service file, doesn't recreated the default php-fpm.sock

Let me know if you have found a way to fix this, it seems some package either on alternatives or from Ondrej's PPA

Contact me to try to resolve this together, as it is making me bigger issues on my production servers.