|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #80669 Can't initgroups() when specifying numeric user
Submitted: 2021-01-25 16:49 UTC Modified: 2021-01-25 17:14 UTC
From: andreas dot ley at kit dot edu Assigned:
Status: Open Package: FPM related
PHP Version: Irrelevant OS: Debian GNU/Linux
Private report: No CVE-ID: None
Have you experienced this issue?
Rate the importance of this bug to you:

 [2021-01-25 16:49 UTC] andreas dot ley at kit dot edu
When using PHP-FPM, you can configure the "user" directive for a pool with either an (alphanumeric) username or a (numeric) uid. However, if you do the latter, initgroups() won't set supplementary groups.

This is due to fpm_unix_init_child() in sapi/fpm/fpm/fpm_unix.c calling "initgroups(wp->config->user, wp->set_gid)".

One possible solution would be changing this to "initgroups(wp->user, wp->set_gid)" which would require to set wp->user from getpwuid(wp->set_uid) in fpm_unix_conf_wp() in the very same file, which currently is only done when is_root is false.

One objection could be that a uid might not be unique, but the same applies to the non-root case. Another possibility then might be an explicit configuration directive for supplementary groups.

If you decide to go for the first solution, I'd volunteer to write a patch for that upon request.


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2021-01-25 17:14 UTC]
-Package: *Configuration Issues +Package: FPM related
PHP Copyright © 2001-2022 The PHP Group
All rights reserved.
Last updated: Sun May 22 11:05:45 2022 UTC