php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #73466 systemd option PrivateTmp= having no effect for a pool that is chrooted.
Submitted: 2016-11-05 17:22 UTC Modified: -
Votes:1
Avg. Score:5.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:1 (100.0%)
Same OS:1 (100.0%)
From: psaod8fza9s at gmail dot com Assigned:
Status: Open Package: FPM related
PHP Version: 5.6.27 OS: Debian 8.6
Private report: No CVE-ID: None
 [2016-11-05 17:22 UTC] psaod8fza9s at gmail dot com
Description:
------------
So I created a new pool and chrooted it to /var/www/site1.

# /etc/php5/fpm/pool.d/site1.conf
# ...
chroot = /var/www/site1
chdir = /
# ...


I bind-mounted /tmp to /var/www/site1/tmp.

I changed the systemd service configuration file php5-fpm.service and added "PrivateTmp=true" under "[Service]".

When I start the php5-fpm service I can see that PrivateTmp took effect because there is a folder named /tmp/systemd-private-*-php5-fpm.service-*/

But a scandir("/tmp") lists the content of /tmp, thus PrivateTmp having no effect when chroot= is active.

But when I change the php pool config file and remove the "chroot=" configuration, a scandir("/tmp") lists the content of /tmp/systemd-private-*-php5-fpm.service-*/



Patches

Pull Requests

 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Sat Dec 21 13:01:31 2024 UTC