当我在 debian wheezy apache2.2 上启用 php-fpm chroot 时页面显示“找不到文件”

tag-icon tag-icon apache-2.2 debian php-fpm fastcgi chroot
当我在 debian wheezy apache2.2 上启用 php-fpm chroot 时页面显示“找不到文件”

我为用户“bob”设置了一个 chroot jail。bob 位于 /var/jails/bob

Bob 有一个网站,位于 /var/jails/bob/bobssite.com/public_html

到目前为止一切似乎都正常,包括该进程正在使用 bob 的 uid 运行(使用 php“exec('whoami')”检查),也就是说,直到我在 bob 的站点的 php5-fpm 配置文件中设置 chroot(/etc/php5/fpm/pool.d/bobssite.com.conf):

    [bobssite.com]

    ; Per pool prefix
    ; It only applies on the following directives:
    ; - 'slowlog'
    ; - 'listen' (unixsocket)
    ; - 'chroot'
    ; - 'chdir'
    ; - 'php_values'
    ; - 'php_admin_values'
    ; When not set, the global prefix (or /usr) applies instead.
    ; Note: This directive can also be relative to the global prefix.
    ; Default Value: none
    ;prefix = /var/jails/bob/$pool/public_html/

    user = bob
    group = webjail
    listen = /var/run/php5-fpm_bobssite.com.sock

    listen.owner = www-data
    listen.group = www-data

    pm = dynamic
    pm.max_children = 5
    pm.start_servers = 2
    pm.min_spare_servers = 1
    pm.max_spare_servers = 3

    ; Chroot to this directory at the start. This value must be defined as an
    ; absolute path. When this value is not set, chroot is not used.
    ; Note: you can prefix with '$prefix' to chroot to the pool prefix or one
    ; of its subdirectories. If the pool prefix is not set, the global prefix
    ; will be used instead.
    ; Note: chrooting is a great security feature and should be used whenever 
    ;       possible. However, all PHP paths will be relative to the chroot
    ;       (error_log, sessions.save_path, ...).
    ; Default Value: not set

    chroot = /var/jails/bob/bobssite.com/public_html
    chdir = /

现在,当注释掉上面的 chroot 时,一切都正常了。如果我将其设置为 /var/jails/bob/notbobssite,php5-fpm 不会重新启动/工作,因为它是无效路径。如果我将其设置为当前设置的值,当我访问该页面时,我会收到“文件未找到”的信息,并且这在我的 error.log 中

    [Thu Oct 16 10:46:39 2014] [error] [client myip] FastCGI: server "/usr/lib/cgi-bin/php5-fcgi_bobssite.com" stderr: Primary script unknown
    [Thu Oct 16 10:46:39 2014] [debug] mod_deflate.c(700): [client myip] Zlib: Compressed 16 to 24 : URL /php5-fcgi/user.php

那么这是怎么回事呢?我猜调试行包含答案,但我搞不懂?

这是我的 Apache 虚拟主机配置文件:

    <VirtualHost *:80>
    ServerAdmin [email protected]
    ServerName bobssite.com
    ServerAlias www.bobssite.com
    DocumentRoot /var/jails/bob/bobssite.com/public_html/ 
    ErrorLog /var/jails/bob/bobssite.com/error.log
    CustomLog /var/jails/bob/bobssite.com/access.log combined

   <IfModule mod_fastcgi.c>
     AddType application/x-httpd-fastphp5 .php
     Action application/x-httpd-fastphp5 /php5-fcgi
     Alias /php5-fcgi /usr/lib/cgi-bin/php5-fcgi_bobssite.com
     FastCgiExternalServer /usr/lib/cgi-bin/php5-fcgi_bobssite.com -socket /var/run/php5-fpm_bobssite.com.sock -pass-header Authorization
   </IfModule>

   </VirtualHost>

相关内容