Fix PHP-FPM pool group lookup when primary group name differs from username#92
Merged
Merged
Conversation
getCurrentGroup() previously returned the username on Linux, which breaks on systems where the user's primary group has a different name (e.g. a user 'mitchell' with primary group 'mitchell-de-roode'). php-fpm then fails to start with "cannot get gid for group 'mitchell'". Use os/user to look up the actual primary group name by GID, falling back to the previous behavior only if the lookup fails. Also switch getCurrentUser() to user.Current() so both resolutions go through the same source of truth.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
groupviaos/user+ GID lookup instead of assuming the primary group name matches the usernamegetCurrentUser()throughuser.Current()as well, so both resolutions share one source of truth and fall back gracefullyWhy
On Linux,
getCurrentGroup()returned the username verbatim. That works on distros that follow the "user private group" convention (USERGROUPS_ENAB), but breaks as soon as an admin renames the primary group or assigns a shared one. Concrete failure: a userjohnwith primary groupjohn-doegets a generated pool withgroup = john, and php-fpm refuses to start:Because the pool file is regenerated on every
magebox start, hand-patching it doesn't stick — the fix has to live in core.Test plan
make lint(0 issues)make test(all packages pass, includinginternal/php)id -un!=id -gn(e.g.john/john-doe): generated pool contains the correct group andphp-fpmstarts cleanly