Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:102065 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 27731 invoked from network); 20 Apr 2018 10:04:06 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 20 Apr 2018 10:04:06 -0000 Authentication-Results: pb1.pair.com header.from=jakub.php@gmail.com; sender-id=pass Authentication-Results: pb1.pair.com smtp.mail=jakub.php@gmail.com; spf=pass; sender-id=pass Received-SPF: pass (pb1.pair.com: domain gmail.com designates 209.85.161.181 as permitted sender) X-PHP-List-Original-Sender: jakub.php@gmail.com X-Host-Fingerprint: 209.85.161.181 mail-yw0-f181.google.com Received: from [209.85.161.181] ([209.85.161.181:33196] helo=mail-yw0-f181.google.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id 3A/16-38944-41BB9DA5 for ; Fri, 20 Apr 2018 06:04:04 -0400 Received: by mail-yw0-f181.google.com with SMTP id q12-v6so2571680ywj.0 for ; Fri, 20 Apr 2018 03:04:04 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=M4YQ4AjRkbLUpcyfoSEy17OFWzOKJwVpHCIlEwNhhCs=; b=CryWtg0+kzgtYwElFkWPgnVGcWy06VLWxyeSJklXtJ0cEk7Iu6GDEaZaTPAdkQWQuh /BB3Hep2I4Rne4fRMN3E4Fvn0s05Izmi1FAqeTgQ6lkJJW53/GQHRPrDJ8sELH7l0CvC mCM2wuOk/jC5WgyEZ6xCyw3LgDeqa6ut6iCWBvhWhBbXaU95x0ieOy9zhHTLj9TTYBzj ZTwv38fJueTZdbfyBxSikgPOegpVedLT1U6asG8EpRCxYuZagSkNdBk5UbYqqgbwVvYK yMEMsPQtq0Wej5axWXjxdp/QiKRFDuOfGqt//GdJkDWJI0G7aUNPaFr5t6PGw47HQPEZ YJRw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc; bh=M4YQ4AjRkbLUpcyfoSEy17OFWzOKJwVpHCIlEwNhhCs=; b=Fpr2rJbeqwDkA/5ETsiYXuvIfv6BwRn8tq+tBfPMDZMEaW6/L7HH5Ys2XqV6NYMNIW RvJkE1ge3Oy8pTha0rApBdlYusv63FtEAluMT/NbB1xhFy9RkVp1yQCVyC1M2TI+A5JS Ut9FJ4Vt+jouSGjSPvT/FVLDVTBtxGfSD+JxzXxhnyNuHS54BTQ2B6jdXkgKNiJK/j8C 0I434x75oxft61wUvRV7jdyWhgaVwMOHFBZRr36iZnXgHKQb62yopC2H3OCPp7ItuLLS i46KSnn3IzvYv1pTGxRcK5ZXmLK0B37mXU9Ai+8b759eFG41Qs6tFRnm1hvydQlYQmwZ rk9g== X-Gm-Message-State: ALQs6tCD6H6tCKbGqrQb8b1BKRxEcl2ONv1n+x/vVrqkYMRXFvhB4d24 8l+Zrima8V/PUuIH4x3WvWSJ8aUujgoFpcx5J9c= X-Google-Smtp-Source: AIpwx48GoC6/RD8Siv+Hc64hVFLUqXTKGbHLf93acDFFdyyVCC4BPjMSGKdAJAxzLSBSOivfggPq0tIIegY+YRq8y/Q= X-Received: by 2002:a0d:fec7:: with SMTP id o190-v6mr5319861ywf.470.1524218641625; Fri, 20 Apr 2018 03:04:01 -0700 (PDT) MIME-Version: 1.0 Sender: jakub.php@gmail.com Received: by 10.129.181.6 with HTTP; Fri, 20 Apr 2018 03:04:01 -0700 (PDT) In-Reply-To: References: Date: Fri, 20 Apr 2018 11:04:01 +0100 X-Google-Sender-Auth: 6-ueV8_hz7AqqXD3sELP3fEbhFU Message-ID: To: Dmitry Stogov Cc: PHP internals list Content-Type: multipart/alternative; boundary="000000000000b1b997056a44ce01" Subject: Re: FPM preloading of PHP files From: bukka@php.net (Jakub Zelenka) --000000000000b1b997056a44ce01 Content-Type: text/plain; charset="UTF-8" Hi Dmitry, On Fri, Apr 20, 2018 at 8:54 AM, Dmitry Stogov wrote: > Hi Jakub, > > > I thought about pre-loading explicitly specified files (or directories) on > PHP startup, before forking worker processes. > > As result all pre-loadd files should be available to all workers. Of > course the should be kept in immutable form. > > > This is actually the reason why I'm thinking about the pool manager process in this context. The current FPM architecture would make this quite problematic. Currently the process that would have to preload the file would be a master process because it's the one that forks worker processes. The problem is that many (probably most) configurations have master running as a root and a worker process uses setuid and setgid to set a different user and group after the fork. I think that would be a source of many bug reports if the resources created during preloading could not be accessed by the application (worker executed files) because the permission issue. Also it wouldn't be probably a good idea to give a root access to the preloading as it could have some security implications. That's why I think it would be better to do preloading in a pool manager process that I described before (basically a process with the pool configured user and group that would spawn workers). Cheers Jakub --000000000000b1b997056a44ce01--