- Fixed bug #61835 (php-fpm is not allowed to run as root)

2024-11-24 18:34:21 +08:00 · 2012-05-23 09:49:13 +02:00 · 2012-05-23 09:49:13 +02:00 · 7b396c078c
commit 7b396c078c
parent f733173b1f
5 changed files with 19 additions and 9 deletions
--- a/1
+++ b/1
@ -6,6 +6,7 @@ PHP                                                                        NEWS

 - FPM
  . Fixed bug #61045 (fpm don't send error log to fastcgi clients). (fat)
+	. Fixed bug #61835 (php-fpm is not allowed to run as root). (fat)

 - XML Writer:
  . Fixed bug #62064 (memory leak in the XML Writer module). 
--- a/sapi/fpm/fpm/fpm.c
+++ b/sapi/fpm/fpm/fpm.c
@ -37,10 +37,11 @@ struct fpm_globals_s fpm_globals = {
 	.max_requests = 0,
 	.is_child = 0,
 	.test_successful = 0,
-	.heartbeat = 0
+	.heartbeat = 0,
+	.run_as_root = 0,
 };

-int fpm_init(int argc, char **argv, char *config, char *prefix, char *pid, int test_conf) /* {{{ */
+int fpm_init(int argc, char **argv, char *config, char *prefix, char *pid, int test_conf, int run_as_root) /* {{{ */
 {
 	fpm_globals.argc = argc;
 	fpm_globals.argv = argv;
@ -49,6 +50,7 @@ int fpm_init(int argc, char **argv, char *config, char *prefix, char *pid, int t
 	}
 	fpm_globals.prefix = prefix;
 	fpm_globals.pid = pid;
+	fpm_globals.run_as_root = run_as_root;

 	if (0 > fpm_php_init_main()           ||
 	    0 > fpm_stdio_init_main()         ||
--- a/sapi/fpm/fpm/fpm.h
+++ b/sapi/fpm/fpm/fpm.h
@ -8,7 +8,7 @@
 #include <unistd.h>

 int fpm_run(int *max_requests);
-int fpm_init(int argc, char **argv, char *config, char *prefix, char *pid, int test_conf);
+int fpm_init(int argc, char **argv, char *config, char *prefix, char *pid, int test_conf, int run_as_root);

 struct fpm_globals_s {
 	pid_t parent_pid;
@ -25,6 +25,7 @@ struct fpm_globals_s {
 	int is_child;
 	int test_successful;
 	int heartbeat;
+	int run_as_root;
 };

 extern struct fpm_globals_s fpm_globals;
--- a/sapi/fpm/fpm/fpm_main.c
+++ b/sapi/fpm/fpm/fpm_main.c
@ -154,6 +154,7 @@ static const opt_struct OPTIONS[] = {
 	{'t', 0, "test"},
 	{'p', 1, "prefix"},
 	{'g', 1, "pid"},
+	{'R', 0, "allow-to-run-as-root"},
 	{'-', 0, NULL} /* end of args */
 };

@ -1557,6 +1558,7 @@ int main(int argc, char *argv[])
 	char *fpm_pid = NULL;
 	int test_conf = 0;
 	int php_information = 0;
+	int php_allow_to_run_as_root = 0;

 	fcgi_init();

@ -1670,6 +1672,10 @@ int main(int argc, char *argv[])
 				php_information = 1;
 				break;

+			case 'R': /* allow to run as root */
+				php_allow_to_run_as_root = 1;
+				break;
+
 			default:
 			case 'h':
 			case '?':
@ -1793,7 +1799,7 @@ consult the installation file that came with this distribution, or visit \n\
 		}
 	}

-	if (0 > fpm_init(argc, argv, fpm_config ? fpm_config : CGIG(fpm_config), fpm_prefix, fpm_pid, test_conf)) {
+	if (0 > fpm_init(argc, argv, fpm_config ? fpm_config : CGIG(fpm_config), fpm_prefix, fpm_pid, test_conf, php_allow_to_run_as_root)) {
 		return FAILURE;
 	}

--- a/sapi/fpm/fpm/fpm_unix.c
+++ b/sapi/fpm/fpm/fpm_unix.c
@ -112,12 +112,12 @@ static int fpm_unix_conf_wp(struct fpm_worker_pool_s *wp) /* {{{ */
 			}
 		}

-#ifndef I_REALLY_WANT_ROOT_PHP
-		if (wp->set_uid == 0 || wp->set_gid == 0) {
-			zlog(ZLOG_ERROR, "[pool %s] please specify user and group other than root", wp->config->name);
-			return -1;
+		if (!fpm_globals.run_as_root) {
+			if (wp->set_uid == 0 || wp->set_gid == 0) {
+				zlog(ZLOG_ERROR, "[pool %s] please specify user and group other than root", wp->config->name);
+				return -1;
+			}
 		}
-#endif
 	} else { /* not root */
 		if (wp->config->user && *wp->config->user) {
 			zlog(ZLOG_WARNING, "[pool %s] 'user' directive is ignored when FPM is not running as root", wp->config->name);