Php.ini for NethServer 7


(Davide Principi) #1

Thanks @nas and @stephdl for pointing this out! I agree we need to fix this value.

Each application could define its session storage method. I think the best place to set session.save_path is into an application configuration file (for instance, server-manager assumes /var/cache/nethserver-httpd-admin), so it can be different for each application.

Moreover, PHP does not set a default, because the path depends on the platform. Our platform is CentOS, and php-common sets the default to /var/lib/php/session, in php.ini.

I propose to set the default to the value chosen by upstream.

There are also a lot of other parameters that could be adjusted to reflect the upstream settings. For ns7 I’d like to be more upstream-compliant and revert the php.ini to the upstream version. Our template can be moved to an included file, like /etc/php.d/nethserver.ini. What do you think?

These are the differences from upstream:

Installing Avantfax web on NethServer
Fax Server / FaxWeb 2.0 in English?
(Giacomo Sanchietti) #2

I totally agree, but I suggest to leave it unchanged for now. We can postpone this task after the beta is ready.

(Davide Principi) #3

Are you sure? If you agree to change, I’d do it during alpha, because once the beta is released we have to provide a migration path.

(Giacomo Sanchietti) #4

I am :slight_smile: We must reach a fully functional release with the minimum number of changes to avoid unexpected bugs. We will have time for such improvements! :smile:

(Filippo Carletti) #5

After working on NethServer 7 in the last weeks, I’m beginning to change my mind a bit. :smile:
I mean: we’re discovering that some needed changes are a bit intrusive, I’d like to seize the opportunity to accept bigger modifications if we agree that they will make our life easier in the future (i.e. going back to upstream packages, reduce the number of packages we maintain, do things as upstream, etc).

I’m compiling a list of things that need to be worked on, trying to identify some patterns. When I’ll be ready, I’ll ask a review.

(Stéphane de Labrusse) #6

looking for the php.ini, I can see that the ‘upload_tmp_dir => no value => no value’ is not set, so it can be imagined to set a ‘session.save_path’ and a ‘upload_tmp_dir’ per ibay. Like this a Web application won’t share some temporary folders with another…the risk of been hijacked by a corrupted application will be less important.

(Davide Principi) #7

Security is always important, but who takes care of session and tmp directories creation?

The default “ibay profile” (which is an hidden/undocumented feature used by migration) is a bit overloaded.

Is it the time to design a new one just for PHP webapps?

May it be useful to expose that concept on the “Shared Folder” page and ask the admin to specify the “purpose” of the Shared Folder at creation time?

File sharing and PHP web applications are two very different scenarios. Both require different filesystem permissions, and different Apache configurations. Probably web apps don’t need the ACL mess-up at all, but Samba shares do.

I think we should design new Shared folder profiles to serve different use cases. The one-fit-all configuration for shared folders is too hard to develop/maintain.

Moreover, as I said on the other thread, a new server manager page to configure virtual hosts could simplify the actual interface.

(Alessio Fattorini) #8

I like it, many people in the past asked about a better web hosting panels implementation

(Stéphane de Labrusse) #9

I mean I’m a bit lost, if you want a specific module for apache :

  • you will have duplicated code with the sharedfolder module
  • you will make hard for people to push or maintain their webapps (samba is an easy way to do it)

Honestly I don’t see the acl as something tricky for apache, you have now the possibility to restrict the apache permissions, obviously what it is asked now , is an option to give the full permissions to apache on shared folder.

I do believe that an Ibay is used, just for one purpose , with samba, the most of time there is no need to use httpd, but with this former, push files by samba is an easy way, of course when the server is on your local network.

After all you ask me to do a cultural revolution…I use Ibay for samba, ftp, http, nfs, since so long time

(Alessio Fattorini) #10

Eheh working on NethServer you have to be ready every day to a “cultural revolution” that’s the innovation is :wink:

(Stéphane de Labrusse) #11

where is the dislike button ?