Bug 507406
Summary: | Wrong permissions/ownership on /var/lib/php | |||
---|---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Herr Irrtum <wolfram.zieger+fedora> | |
Component: | lighttpd | Assignee: | Matthias Saou <matthias> | |
Status: | CLOSED WONTFIX | QA Contact: | Fedora Extras Quality Assurance <extras-qa> | |
Severity: | medium | Docs Contact: | ||
Priority: | low | |||
Version: | 11 | CC: | fedora, jamundso, jorton, matthias, rpm, silfreed | |
Target Milestone: | --- | |||
Target Release: | --- | |||
Hardware: | All | |||
OS: | Linux | |||
Whiteboard: | ||||
Fixed In Version: | Doc Type: | Bug Fix | ||
Doc Text: | Story Points: | --- | ||
Clone Of: | ||||
: | 515169 (view as bug list) | Environment: | ||
Last Closed: | 2009-12-08 18:37:09 UTC | Type: | --- | |
Regression: | --- | Mount Type: | --- | |
Documentation: | --- | CRM: | ||
Verified Versions: | Category: | --- | ||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
Cloudforms Team: | --- | Target Upstream Version: | ||
Embargoed: | ||||
Bug Depends On: | ||||
Bug Blocks: | 515169 |
Description
Herr Irrtum
2009-06-22 16:43:33 UTC
We can't flip about the ownership of the directory post-installation, it would get reset on each upgrade. Solutions are: 1) use an ACL on the directory. 2) have lighttpd package a separate directory, and have it's invocation of php use that. Since (1) is not possible AFAIK, (2) is the only solution and it'll have to be done within the lighttpd package. (In reply to comment #0) > - - mysql as webserver Or, specifically "as sql server"... > Install a PHP program that includes session management i.e. phpMyAdmin from > <http://www.phpmyadmin.net/home_page/downloads.php> under > /var/www/lighttpd/phpmybehind (no, don't use YUM for it, I did not test this) Not installing via yum invalidates any "more general workaround". > Expected results: > ---------------- > phpMyAdmin (or another php sessions software) working at least, not showing > stupid error messages telling you to check the logs (logs say nothing under > lighty btw.) [...] > To avoid such conflicts it would make much more sense to create a webservice > group like "www" or "www-data" or "www-server" like debian, ubuntu and even > suse are doing. Any webapplication (like php or lighttpd) should create and use > files with this group as owner. True, and see below. (In reply to comment #1) > We can't flip about the ownership of the directory post-installation, it would > get reset on each upgrade. Solutions are: > > 1) use an ACL on the directory. > > 2) have lighttpd package a separate directory, and have it's invocation of php > use that. > > Since (1) is not possible AFAIK, (2) is the only solution and it'll have to be > done within the lighttpd package. 3) Use /usr/sbin/alternatives and coordinate all "www-server" packages accordingly. [might as well proactively morph that to www-server80, www-server443, etc. 'cuz you just don't know right now...] From the Apache perspective: 1. yum install phpMyAdmin [unless lighttpd (or XYZ server) satisfies "httpd" requirement, which seems unlikely.] 2. Try http://localhost/phpMyAdmin/setup/ [actually documented under phpMyAdmin's Quick Install 4.] 3. Note error stuff. I agree that this is a cross-package problem not just a "lighttpd" or "nginx" problem. If we actually want to fix this we might want to recommend a feature for F13 since there will need to be a flag day where all the permissions get switched. Indeed, I'm definitely not going to be making isolated changes to the lighttpd package just to hack around this. It's a more global problem, but I completely disagree with having a common group for all web servers, as it makes much more sense to try and keep multiple web servers on the same system from "sharing" data, that would be a step back in the direction of having all daemons running as "nobody". I solve the initially reported problem on a regular basis when juggling with apache, lighttpd and nginx : Just create a new directory and point the php.ini you use for your backend to it for sessions. You can also consider using something like memcache or sharedance for storing sessions. Now that I think of it : The future versions of lighttpd (starting with 1.5) will no longer automatically fork the php processes, you'll need to use spawn-fcgi "manually" (i.e. as a separate service). That's where you have it run as the user you want (nor apache nor lighttpd), use the php.ini you want and store the sessions inside the directory of your choice. HTH. |