PHP-FPM is not working as expected

oguzy's picture


I am using Debian Squeeze and set up PHP-FPM with fastcgi. I have several virtual hosts defined on the same host. I defined chroot for each pool configuration but somehow it is possible to change directory and go above the root directory definition at the pool conf.

disable_functions at the conf file is not working as well. I haven't figured it out the reason.

Sample files are below:



user = foo
group = foo

listen =
listen.allowed_clients =

pm = dynamic
pm.max_children = 5
pm.start_servers = 2
pm.min_spare_servers = 1
pm.max_spare_servers = 3

chroot = /var/www/foo
chdir = /

php_admin_value[disable_functions] = dir,chdir,opendir,readdir
php_admin_value[doc_root] = /var/www/foo
php_admin_value[open_basedir] = /var/www/foo

access.log = /var/log/$pool.access.log
access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%"


DocumentRoot /var/www/foo

<IfModule mod_fastcgi.c>

FastCgiExternalServer /foocgi/php5-wrapper -host -user foouser -group foogroup

ScriptAlias /foocgi/ /var/www/foo/cgi-bin/

AddHandler php5-fastcgi .php
Action php5-fastcgi /foocgi/php5-wrapper
AddType application/x-httpd-php .php

<Directory /var/www/foo/cgi-bin/>
SetHandler fastcgi-script
Options +ExecCGI


<Directory /var/www/foo>
allow from all
Options -Indexes SymLinksIfOwnerMatch


export PHPRC
exec /usr/lib/cgi-bin/php


<IfModule mod_fastcgi.c>
FastCgiConfig -autoUpdate -singleThreshold 100 -killInterval 300 -idle-timeout 240 -maxClassProcesses 1 -pass-header HTTP_AUTHORIZATION
FastCgiWrapper /usr/lib/apache2/suexec

<Directory "/var/www/cgi-bin/">
AllowOverride none
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all

/var/log/foo.access.log is empty though port 9018 is LISTEN at netstat output. The site is being opened without errors also. Any idea about the chroot problem or how to make the disable_functions work?

I asked the question here also: for the ones who wants to see the conf files in a more formatted way.