0

I run PHP as FCGI! I'm setting upload_tmp_dir option as value /home/domain.com/tmp. When executed phpinfo() for double-check it's confirmed that the settings above are correct.

Nevertheless, when actual upload in happening, the uploading file is temporarily going to /tmp directory with permissions apache:apache and when the upload is fully finished only then the uploaded file is being moved to the destination directory, which was set in upload_tmp_dir. After file is moved it has proper permissions which are domainowner:domainowner.

What's happening with FCGI as described above is absolutely wrong and different from what mod_php or CGI are doing! mod_php and CGI just start uploading a file directly to the upload_tmp_dir and then just rename the file after upload is finished.

I have few considerable concerns about this as follows:

Imagine, what happens if 20 people, finish uploading a file that is around 2GB, right at the same time? Uploaded files will have to be moved to the home directory from /tmp, creating a lot of useless load on file system! Thus, I thought that moving is much more resourceful rather than just renaming a file in the same directory?! Besides /tmp is mounted as ext3 and home as ext4 and what is even worse that /tmp partition is 16GB of space, which is total disaster from what I have imagined above?

Question:

How to force FCGI to use upload_tmp_dirdirective the same way as CGI or mod_php? I haven't found a documented way to change the temp directory it uses.

Please help!?

Ilia
  • 1,004
  • 1
  • 10
  • 19

2 Answers2

0

It's not absolulutely wrong, there are very big differences between fastCGI and mod_php/cgi - not least the seperation of privileges. With fastCGI, the webserver knows nothing about how PHP is configured.

I thought that moving is much more resourceful rather than just renaming a file in the same directory?!

There's little difference between renaming a file in the same directory and moving a file within the same filesystem. However this is not relevant to the isue you're discussing here. In order for the file to get from Apache to PHP it must go through a socket - hence it's irrelevant if Apache uses a different path than PHP to store the files.

While you could hack the code (might also be possible via the Apache environment) to make the paths the same, doing so would be a very bad idea - since PHP would be trying to write the file while Apache was trying to read from it.

symcbean
  • 19,931
  • 1
  • 29
  • 49
  • CGI has absolutely the same idea of privileges' separation (to run scripts as site owner). FastCGI knows everything about the way PHP is configured! Haven't you heard about wrappers and using directives, e.g.: `export PHPRC` which one on particular let you load user defined `php.ini`? Based on the same idea as CGI, FastCgi uses caching a lot and keeps its instances loaded in memory! On contrary, I still don't understand why FastCGI acts differently in a way of processing temporary uploads? Thanks for you effort, symcbean even though it doesn't answer my question! – Ilia Apr 02 '13 at 18:16
  • No - you're confusing CGI and suexec. – symcbean Apr 02 '13 at 20:50
  • On my server both PHP CGI and PHP FCGI are using the same `exec /usr/bin/php-cgi` and initialize `php.ini` from user dirctory. They say, FastCGI is more effective in terms of speed and consumes less memory. PHP CGI (not FastCGI) starts a separate process for each call to the script, the process FastCGI already running and receiving data for processing. FastCGI caches the data and does not waste system resources to run the new processes? – Ilia Apr 03 '13 at 07:24
0

Just a thought, but have you tried passing TMPDIR=/home/domain.com/tmp to the httpd environment so that mod_fcgid would use that directory to store files instead of /tmp?

Borgboy
  • 131
  • 3