php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #73466 systemd option PrivateTmp= having no effect for a pool that is chrooted.
Submitted: 2016-11-05 17:22 UTC Modified: -
Votes:1
Avg. Score:5.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:1 (100.0%)
Same OS:1 (100.0%)
From: psaod8fza9s at gmail dot com Assigned:
Status: Open Package: FPM related
PHP Version: 5.6.27 OS: Debian 8.6
Private report: No CVE-ID: None
View Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: psaod8fza9s at gmail dot com
New email:
PHP Version: OS:

 

 [2016-11-05 17:22 UTC] psaod8fza9s at gmail dot com 
Description:
------------
So I created a new pool and chrooted it to /var/www/site1.

# /etc/php5/fpm/pool.d/site1.conf
# ...
chroot = /var/www/site1
chdir = /
# ...


I bind-mounted /tmp to /var/www/site1/tmp.

I changed the systemd service configuration file php5-fpm.service and added "PrivateTmp=true" under "[Service]".

When I start the php5-fpm service I can see that PrivateTmp took effect because there is a folder named /tmp/systemd-private-*-php5-fpm.service-*/

But a scandir("/tmp") lists the content of /tmp, thus PrivateTmp having no effect when chroot= is active.

But when I change the php pool config file and remove the "chroot=" configuration, a scandir("/tmp") lists the content of /tmp/systemd-private-*-php5-fpm.service-*/

Patches

Pull Requests
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Sat Dec 21 17:01:58 2024 UTC