Bug 1146552
| Summary: | yum update may break PHP Session Directory | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 6 | Reporter: | Andreas Schnederle-Wagner <schnederle> |
| Component: | php | Assignee: | Remi Collet <rcollet> |
| Status: | CLOSED NOTABUG | QA Contact: | BaseOS QE - Apps <qe-baseos-apps> |
| Severity: | low | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 6.5 | CC: | jorton, schnederle |
| Target Milestone: | rc | ||
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2014-10-30 22:59:06 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
Andreas Schnederle-Wagner
2014-09-25 13:44:28 UTC
If you don't use standard User/group, you should not use standard directories. This bug mostly don't exists in RHEL - 7 as session path is now defined per SAPI and documented about ownership In /etc/php.ini ; RPM note : session directory must be owned by process owner ; for mod_php, see /etc/httpd/conf.d/php.conf ; for php-fpm, see /etc/php-fpm.d/*conf ;session.save_path = "/tmp" In /etc/httpd/conf.d/php.conf php_value session.save_handler "files" php_value session.save_path "/var/lib/php/session" In /etc/php-fpm.d/www.conf ; Set session path to a directory owned by process user php_value[session.save_handler] = files php_value[session.save_path] = /var/lib/php/session Same configuration can be used in RHEL-6 So If you need to change User/Group, simple solution is to also change directory. In httpd.conf: User foo In php.conf php_value session.save_path "/var/lib/php/foo-session" And you can create as much as directories as needed if you run various httpd instance, using a different account for each. As these directories are not managed by RPM, it won't be changed during update. You are right with the own Session Directories - on our own Servers we already do it like this. But as we are a Hosting Company with lot's of Customer Servers (where we only do Emergency Updates) we can't (should not) modify their Configurations ... And I don't see any reason why the RPM Package should modify an already existing Directory ... chances that something breaks are just too big ... (Google Search for this rises lot's of Threads about this Problem) Propably it would be the best to don't touch the Directory if it's already existing ... The behaviour described here is not a bug, as Remi says, the packages are working as designed. This issue only affects configurations which have been modified from the default. There is really nothing we can do in an RHEL6 update here to change this, sorry. Well - the Question than should be: Why are they designed that way? It's not doing any good recreating an already existing Directory - but it may/will break any custom configurations where Apache isn't running the standard-user/group ... Or can anyone explain me what advantages one get by recreating the already existing Directory? (I would be really interested in what thought behind this behavior lies) Maybe you can help me understand this behaviour. Thank you |