If php.ini is incorrect, php-frm starts without warning with default values

oerdnj / deb.sury.org

Public bugreports for anything ppa:ondrej/*

821 stars 27 forks source link

If php.ini is incorrect, php-frm starts without warning with default values #456

Open selivan opened 8 years ago

selivan commented 8 years ago

OS: Ubuntu 14.04.Trusty PHP: php7.0-fpm 7.0.10-2+deb.sury.org~trusty+1

If /etc/php/7.0/fpm/php.ini has syntax error, php7.0-fom starts silently (!! no error messages even in logs), but uses default values.

This is not packaging error, because php-fpm starts with this config, just displays error to console. But this error can lead to severe operational and security problems, because it goes unnoticed.

I suppose to check syntax before starting php:

/usr/sbin/php-fpm7.0 --fpm-config /etc/php/7.0/fpm/php-fpm.conf --test 2>&1 | grep 'syntax error'

This is ugly kludge, but it will prevent severe problems for many people.

selivan commented 8 years ago

Here is how upstart script will look like:

# php7.0-fpm - The PHP FastCGI Process Manager

description "The PHP 7.0 FastCGI Process Manager"
author "Ondřej Surý <ondrej@debian.org>"

start on runlevel [2345]
stop on runlevel [016]

# you can uncomment this with recent upstart
# reload signal USR2

pre-start script
mkdir -p /run/php
chmod 0755 /run/php
chown www-data:www-data /run/php
if /usr/sbin/php-fpm7.0 --fpm-config /etc/php/7.0/fpm/php-fpm.conf --test 2>&1 | grep 'syntax error'; then
    exit 1
fi
end script

respawn
exec /usr/sbin/php-fpm7.0 --nodaemonize --fpm-config /etc/php/7.0/fpm/php-fpm.conf

selivan commented 8 years ago

And here is solution from standard ubuntu php5-fpm package:

/etc/init/php5-fpm.conf:

...
pre-start exec /usr/lib/php5/php5-fpm-checkconf

/usr/lib/php5/php5-fpm-checkconf:

#!/bin/sh
set -e
errors=$(/usr/sbin/php5-fpm --fpm-config /etc/php5/fpm/php-fpm.conf -t 2>&1 | grep "\[ERROR\]" || true);
if [ -n "$errors" ]; then
    echo "Please fix your configuration file..."
    echo $errors
    exit 1
fi
exit 0

For PHP 7 it does not work on this type of errors:

root@xenial:~# /usr/sbin/php-fpm7.0 --fpm-config  /etc/php/7.0/fpm/php-fpm.conf --test
PHP:  syntax error, unexpected '(' in /etc/php/7.0/fpm/php.ini on line 6
[14-Sep-2016 14:24:46] NOTICE: configuration file /etc/php/7.0/fpm/php-fpm.conf test is successful

root@xenial:~# /usr/lib/php/php7.0-fpm-checkconf; echo $?
0

But at least they tried.

selivan commented 8 years ago

Same bug reported for ubuntu package: https://bugs.launchpad.net/ubuntu/+source/php7.0/+bug/1623540