Bug 192925

Summary: lang/php5: php-fpm.conf: socket ownership / missing UPDATING notice
Product: Ports & Packages Reporter: Christian Schwarz <me>
Component: Individual Port(s)Assignee: Alex Dupre <ale>
Status: Closed Overcome By Events    
Severity: Affects Some People CC: tz
Priority: ---    
Version: Latest   
Hardware: Any   
OS: Any   

Description Christian Schwarz 2014-08-22 18:06:40 UTC 
Recently, the following bug was found in php / php-fpm:

https://bugs.php.net/bug.php?id=67060 (PHP CVE 2014-0185)

This affects the php-fpm.conf: To avoid privilege escalation, php-fpm now creates sockets with more restricted permissions. The downside: You have to specify the webserver to be the owner of the socket for the pool.

listen.owner = <socket unix owner>
listen.group = <socket unix group>

If the sockets cannot be accessed by the webserver due to insufficient privileges, you have a Bad Gateway.

I would like to see this be part of the /usr/ports/UPDATING notice.
Comment 1 John Marino freebsd_committer freebsd_triage 2014-08-22 19:46:08 UTC 
what port does this belong to?

searching freshports for "php-fpm" doesn't yield results.
Comment 2 Christian Schwarz 2014-08-22 19:47:29 UTC 
I think php-fpm is part of the lang/php5 port, which is currently PHP version 5.4.x

(In reply to John Marino from comment #1)
> what port does this belong to?
> 
> searching freshports for "php-fpm" doesn't yield results.
Comment 3 John Marino freebsd_committer freebsd_triage 2014-08-22 19:49:41 UTC 
over to php5 maintainer.
Comment 4 Torsten Zuehlsdorff freebsd_committer freebsd_triage 2017-03-07 11:52:38 UTC 
Close this very old ticket.

The php-fpm configuration was overhauled in the last 2 years multiple times. And the port lang/php5 does no longer exists.

As far as i can see the problem has vanished :)