2018-05-17 14:26 GMT+03:00 Stuart Henderson <[email protected]>: > On 2018-05-17, Vadim Zhukov <[email protected]> wrote: >> 17 мая 2018 г. 5:50:16 GMT+03:00, justina colmena <[email protected]> >> пишет: >> >> Regarding su-php, I'd go with per-user php-fpm process, actually, >> that's much safer, and rarely used ones can easily wait in swap (I >> feel that you're trying to pack as much users as possible). You >> can ever use symlinks to create, e.g., /etc/rc.d/phpXY_fpm_USER1, >> /etc/rc.d/phpXY_fpm_USER2 and so on, and then set up different flags >> like "-u USER1" for those in rc.conf. > > No need to run multiple copies of php-fpm yourself, it handles multi > uid itself. Various ways to handle chroot as well, you can chroot them > separately, or use a shared chroot and rely on permissions. This should > give you some ideas: > > [global] > error_log = syslog > syslog.facility = daemon > log_level = notice > > [www] > user = www > group = www > listen = /var/www/run/php-fpm.sock > listen.owner = www > listen.group = www > listen.mode = 0600 > pm = dynamic > pm.max_children = 20 > pm.start_servers = 2 > pm.min_spare_servers = 1 > pm.max_spare_servers = 3 > chroot = /var/www > > [web1] > user = _web1 > group = _web1 > listen = /var/www/run/php-fpm-web1.sock > listen.owner = www > listen.group = www > listen.mode = 0600 > pm = dynamic > pm.max_children = 20 > pm.start_servers = 2 > pm.min_spare_servers = 1 > pm.max_spare_servers = 2 > chroot = /var/www > env[TMP] = /var/www/web1/tmp > env[TMPDIR] = /var/www/web1/tmp
Now that breakfast is gone I start to think you (and Josh earlier) are right: single php-fpm process should be fine. :) -- WBR, Vadim Zhukov
