3

There is PHP-FPM and OPCache (downloaded and compiled from php.net)

opcache.enable = 1
opcache.use_cwd = 1
zend_extension=opcache.so

php-fpm profiles run in chroot, i.e. /home/user1/www/index.php -> /www/index.php, /home/user2/www/index.php -> /www/index.php, what index.php see in both cases.

  • user1 have installed WordPress. user2 have custom index.php.

  • user1's index.php was executed before user2's index.php.

In such case, when I'm calling index.php from user2 folder, I see compiled output of index.php from user1 folder.

Current solution. I can run different PHPs per user or I must kill my beautiful structure /home/user1/www to /home/user1/user1www/ cause OPcache need to see differ paths. Or I disable OPcache, but it affect perfomance.

Is there a way to keep /home/user1/www, /home/user2/www, etc and let OPcache work correctly?

Improve this question

2 Answers 2

Reset to default
5

This is famous bug: https://bugs.php.net/bug.php?id=69090 which was present for years. But not anymore.

So, update your PHP version, and add this to php.ini:

opcache.validate_root=1

This will make cache keys unique per user, so even if there are two /htdocs/wp-config.php in two different chroot's, from now they will get two different cache entries.

Improve this answer
1
  • Great news sir!
    – nikitasius
    Commented Oct 18, 2017 at 13:53
0

No, you need to have unique paths inside the chroot to achieve your goal. This issue happens because the whole PHP-FPM worker is working inside the chroot, but it is using a global OPCache. Inside the chroot it simply cannot see anything else than /www in the beginning of the filename.

This could be fixed in the PHP codebase by using both pool name and filename as the cache key. However, since chroot is a special case, it hasn't been implemented as far as I know.

When I was implementing chroot PHP-FPM for one project, I made a structure like:

/srv/www/domain.com/domain.com/docroot

Where the chroot directory was /srv/www/domain.com. This way there is always an unique identifier inside the chroot for the filename so that cache key collisions do not happen.

Improve this answer
3
  • Now that I looked more closely at it, there has been discussion about this issue in PHP bug tracker: bugs.php.net/bug.php?id=69090. There has been a patch, but I don't know which PHP version has included the patch. The thread also reveals that the shared OPCache is a security issue.
    – Tero Kilkanen
    Commented Jul 14, 2017 at 23:59
  • yep, i've seen many issues in the web. It's why i asked here.
    – nikitasius
    Commented Jul 15, 2017 at 11:28
  • I will mark your answer as a solution, because.. there is no solution for chroot instead of unique patched inside chroot area. Hope PHP devs will fix it.
    – nikitasius
    Commented Jul 15, 2017 at 11:29

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .