-
-
Notifications
You must be signed in to change notification settings - Fork 399
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Honor provided php configuration (in exec_background) #2643
Comments
@dvzrv, please review poller.php. In that file, we 'calculate' the php path, and then set an database variable called: 'path_php_binary'. If you review that code, you can then capture the path from an input parameter, somthing like 'php -q poller.php --php-path=/some/path' and then use that value instead. Does this go far enough? |
Alternatively, we might be able to pickup the path from the pollers environment. Let us know the way that'll work best. |
The more I think of this thing, the more I am thinking you want to pass the path to the ini file to anything that exec() or shell_exec() a php process. That needs more though. Everything is spawned as a sub-shell to the poller.php process. I wonder why PHP can not pick up the php.ini from the environment. It has to be there somewhere. |
Okay, I see what you are talking about now. It's likely a bigger problem and impacts plugins as well. But we have to start somewhere. |
I might have to patch the cacti package to actually work within this new paradigm anyways. As soon as I'm getting anywhere useful, I'll open a pull request! |
Looking further at the codebase, this doesn't only affect the custom |
Have you read https://www.php.net/manual/en/configuration.file.php? It describes how the INI is located. There must be an env var that can be set to say use this location if required. |
@netniV Yes, as mentioned in the initial ticket text, php_ini_loaded_file() can be used for that. |
Ah, missed that sorry |
There is also the custom |
Hmm, I think this was merged a little prematurely. Applying this on top of 1.2.3 or 1.2.2 I'm unable to even finish the installer (for different reasons), when using a uwsgi setup. I'll look further into this, but I have the feeling that the config approach was not very wise and that this will do more harm than good (mostly because there are so many bizarre calls to backgrounded php processes) in the long run. |
Hm, that being said: I've just tried HEAD and that works (more or less without problems). However, there are still quirks during install, which makes me think of expanding the fixes for the internally spawned background processes (e.g. during install), as they will still default back to the global default php config, when none is selected (but will not pick up the ones setup by an application server such as uwsgi - on top of the default configuration). I think this would be the most flexible setup, but I ran into various bugs with 1.2.2 and 1.2.3 during testing. |
I did fix some issues. So, it's working fine right now. Not sure about issues on your end. |
@cigamit yes, on their own 1.2.2/1.2.3 won't be able to be installed. Both get stuck in the So, for the sake of argument, I'll focus on the current develop branch (i.e. soon to be 1.2.4, I assume) and try to explain what my remaining issues are:
I'll look into a patch set for that as well and have already something that seemingly worked (but then I ran into unrelated issues with |
Okay, well create a new pull request, and then let's place the required settings into lib/functions.php. However, please note, it will not make it into mainline until 1.2.5 if you are in urgent need or 1.3, which will take a while. |
I have a big problem with this that hasn't been considered. By forcing which ini file we are using, it can lead to false positives for the installer and the website compared to the CLI. The website when it runs the PHP command line operates currently on the same CLI platform as the poller. This allows the installer to perform tests against what is installed/configured for the CLI. I'm going to have to hold off on making the 1.2.4 release now because either I reverse this change and release, or we have to do some proper testing of what happens in all scenarios. I may actually decide to undo these changes because I want to get some fixes out for there other things such as the installers ability to get past the default location of files not being present. |
@netniV I agree, that the pull request was a little suboptimal, as it only deals with the problem partially. Would you care to elaborate on what you mean by
though? However, I think that all the execs should additionally overload the settings properly (as it's not guaranteed, that a php process was actually launched with a populated configuration file, but with parameters instead).
|
Systems such as Debian/Ubuntu have two separate ini file, one for the web and one for cli. When you run PHP at the command line, that would only use the CLI-based setup which is what the poller would utilise. When you run from the web, you are using the Apache-based setup which uses a completely separate ini. By forcing the ini file, we are going to always be using the web based stuff for ANY exec() from the website. We introduced a lot of checks within 1.2 to make sure that all CLI stuff was properly enabled and that functionality will be broken. Or at least that is my suspicion and needs properly testing across all OS's. Therefore, to give us more time for testing, I will be rolling back develop to remove this from the 1.2.4 release (but I will be cherry picking two fixes that @cigamit has done since we committed this). Once that is done, and the release has been made, we can examine this a bit more. But if my suspicion is correct, we will probably have to move this to the 1.3 branch to properly test and work out the kinks of how we implement this properly because I see the reasoning behind trying to ensure the correct environment is present. |
When looking at the many patches and changes Debian (and by proxy also Ubuntu) introduces, it becomes clear, that their (integrated) setup is meant to be apache centric. Even after applying #2653 (ontop of
I do understand. I hope we can find a solution that is benificial to all. Please have a look at my pull request regarding the composition of php arguments (#2653). |
Make sense. I had not even thought about the implications with Debian. So, @netniV and I are on the same page. We will push this, set an option or some other method. Make it more modular. |
As I am no longer using this project and have no way of further testing, I'm closing this. |
Thanks @dvzrv |
Hi! I'm currently maintaining cacti for Arch Linux and for the sake of improving the security of this web application (and many others), I'm about to introduce a more strict separation of the different applications.
To achieve this, I would like to be able to run each (php) application with its own (sub)set of php configuration (just exactly what it needs, but not more). This can be achieved by running cacti in an application container (e.g. uwsgi).
Unfortunately, cacti doesn't handle this very well, as it doesn't honor the configuration options passed to it, when it spawns backgrounded php processes.
This first manifests during the install process, where it becomes impossible (without modifying the system php.ini in
/etc/php/php.ini
) to pass the initial setup, as the (available) php modules are not recognized.The same happens for the background processes spawned by
poller.php
, in whichexec_background
unconditionally reuses the system'sphp.ini
, but is unaware of the environment from which it has been launched.To give context, doing something like this to run poller.php in a systemd environment will not work, as the entry script doesn't pass down its environment:
In this example the paths are of course very Arch Linux specific, but the idea (
php -c /path/to/a/config/file.ini cacti/poller.php
) is straight forward and can be applied from any (unix) system.The same happens, if cacti is run in a uwsgi application container, e.g.:
In this case the cron call takes care of the
poller.php
, but fails for the same reasons.It would be very awesome, if cacti would pass on its environment, so all the php processes are actually using the same.
One easy solution would probably be to reuse the configuration in use and prepending its path explicitely to the arguments of the
exec_background
calls with the help of php_ini_loaded_file().The text was updated successfully, but these errors were encountered: