php-fpm.service has "After=syslog.target network.target" in the [Unit] section. syslog.target no longer exists since the very old systemd 198 and is a useless ordering that can be removed. See: https://github.com/systemd/systemd/commit/5d4caf565471ff3401bd9b53aa814c8545a18a93 Reproducible: Always Additional Information: php-fpm-8.4.7-1.fc42.x86_64
Fixed in https://src.fedoraproject.org/rpms/php/c/3a8c58a81af1370a996829c109d3f88de0e4cc58?branch=f42 Will be part of 8.4.8 update, planned for next week (Thusday June 5th)
By the way, upstream has a more complete service with hardening options: https://github.com/php/php-src/blob/master/sapi/fpm/php-fpm.service.in (I reported yesterday for KillMode=mixed to be added: https://github.com/php/php-src/issues/18655) The difference that would need adaptation is the addition of RuntimeDirectory=php-fpm, since `pid = /run/php-fpm/php-fpm.pid` is used in /etc/php-fpm.conf, adjusting PIDFile= accordingly. `RuntimeDirectoryMode=` is 0755 by default, so it could be omitted.
> By the way, upstream has a more complete service with hardening options: Yes, I'm aware of these options, but I'm reluctant to apply them Ex: ProtectSystem=full In manual install mode, a webapp will use a single tree with everything inside (sources, config, data...) but a package webapp will put its config in /etc, and may require write access at installation time and we have SElinux which protect /etc content
FEDORA-2025-b2132a69ee (php-8.4.8-1.fc42) has been submitted as an update to Fedora 42. https://bodhi.fedoraproject.org/updates/FEDORA-2025-b2132a69ee
FEDORA-2025-b2132a69ee (php-8.4.8-1.fc42) has been pushed to the Fedora 42 stable repository. If problem still persists, please make note of it in this bug report.