The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Enabling PHP-FPM forces disable_functions

Discussion in 'EasyApache' started by AndyX, Jan 18, 2017.

Tags:
  1. AndyX

    AndyX Member

    Joined:
    Sep 25, 2015
    Messages:
    23
    Likes Received:
    2
    Trophy Points:
    3
    Location:
    Los Altos, CA
    cPanel Access Level:
    Website Owner
    WHM 60.0 (build 35)
    PHP Version: ea-php71

    When I enable PHP-FPM

    pic001.jpg

    When I disable PHP-FPM

    pic002.jpg

    Is there any way to enable PHP-FPM without disabling the following functions:

    exec,passthru,shell_exec,system
     
  2. sparek-3

    sparek-3 Well-Known Member

    Joined:
    Aug 10, 2002
    Messages:
    1,436
    Likes Received:
    31
    Trophy Points:
    178
    cPanel Access Level:
    Root Administrator
    I'm not entirely sure that cPanel's PHP-FPM adaption is ready for primetime.

    You will want to read through:

    PHP-FPM and EasyApache 4 - Documentation - cPanel Documentation

    cPanel's PHP-FPM is adding those disabled functions by default. You can adjust this, system-wide by modifying/creating the file at:

    /var/cpanel/ApachePHPFPM/system_pool_defaults.yaml

    Or you can set this per VirtualHost using the file:

    /var/cpanel/userdata/[user]/[domain].php-fpm.yaml

    and adjust the disable_functions for that specific pool.

    All of this gets exceedingly complicated in a per VirtualHost pool setup. I have real reservations over whether cPanel's decision to use a per-VirtualHost FPM pool is the way to go. I think a per-user FPM pool would be a lot simplier. And the system for doing this is all a bit convoluted at this stage.

    Perhaps the cPanel PHP-FPM system will all come together at some point. Perhaps a per-VirtualHost FPM pool will make more sense then. But the system as it stands right now, to me, leaves a bit to be desired.
     
  3. AndyX

    AndyX Member

    Joined:
    Sep 25, 2015
    Messages:
    23
    Likes Received:
    2
    Trophy Points:
    3
    Location:
    Los Altos, CA
    cPanel Access Level:
    Website Owner
    Hi sparek-3,

    Thank you for your help.

    Sounds like I will need to create a folder called ApachePHPFPM located here:

    /var/cpanel/ApachePHPFPM

    Then create a file called:

    /var/cpanel/ApachePHPFPM/system_pool_defaults.yaml

    Then in that file enter:

    Code:
    disable_functions = 
    
    Is this all correct?
     
  4. AndyX

    AndyX Member

    Joined:
    Sep 25, 2015
    Messages:
    23
    Likes Received:
    2
    Trophy Points:
    3
    Location:
    Los Altos, CA
    cPanel Access Level:
    Website Owner
  5. AndyX

    AndyX Member

    Joined:
    Sep 25, 2015
    Messages:
    23
    Likes Received:
    2
    Trophy Points:
    3
    Location:
    Los Altos, CA
    cPanel Access Level:
    Website Owner
    I tried creating the file as I outlined in post #3, but that caused problems, when I switched to PHP-FPM is would no longer show my domain at the bottom of the page.
     
  6. sparek-3

    sparek-3 Well-Known Member

    Joined:
    Aug 10, 2002
    Messages:
    1,436
    Likes Received:
    31
    Trophy Points:
    178
    cPanel Access Level:
    Root Administrator
    I believe it should be:

    Code:
    ---
    php_admin_value_disable_functions = { present_ifdefault: 0 } 
    Keep in mind though, this is going to enable all functions for every account that uses PHP-FPM

    Sorry, think my original post was wrong, I think this is right. I have edited this post.
     
  7. AndyX

    AndyX Member

    Joined:
    Sep 25, 2015
    Messages:
    23
    Likes Received:
    2
    Trophy Points:
    3
    Location:
    Los Altos, CA
    cPanel Access Level:
    Website Owner
    When I put that code into the system_pool_defaults.yaml file and enabled PHP-FPM I got the following error when I reloaded my XenForo forum:

    upload_2017-1-19_8-48-33.png
     
  8. AndyX

    AndyX Member

    Joined:
    Sep 25, 2015
    Messages:
    23
    Likes Received:
    2
    Trophy Points:
    3
    Location:
    Los Altos, CA
    cPanel Access Level:
    Website Owner
  9. AndyX

    AndyX Member

    Joined:
    Sep 25, 2015
    Messages:
    23
    Likes Received:
    2
    Trophy Points:
    3
    Location:
    Los Altos, CA
    cPanel Access Level:
    Website Owner
    @sparek-3

    In the code you posted, you have --- on the fist line, is by accident or is it needed?
     
  10. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    37,064
    Likes Received:
    1,287
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    The following document includes information on how to change the default configuration values with PHP-FPM on EA4:

    PHP-FPM and EasyApache 4 - Documentation - cPanel Documentation

    In particular, this is the file path to edit for a specific domain name:

    Code:
    /var/cpanel/userdata/[user]/[domain].php-fpm.yaml
    Otherwise, review the paths under "Optional files" if you wish to to change the default parameters. Also, the following document provides information about how to formulate the custom entries:

    Configurations Values of PHP-FPM - Documentation - cPanel Documentation

    After making those changes to the YAML file on a specific domain name, run the following command:

    Code:
    /scripts/php_fpm_config --rebuild --domain=domain
    This script is documented at:

    The php_fpm_config Script - Documentation - cPanel Documentation

    Thank you.
     
    Del Drago likes this.
  11. AndyX

    AndyX Member

    Joined:
    Sep 25, 2015
    Messages:
    23
    Likes Received:
    2
    Trophy Points:
    3
    Location:
    Los Altos, CA
    cPanel Access Level:
    Website Owner
    How come when I try to run the command I get "command not found" message?

    upload_2017-1-20_9-50-45.png
     
  12. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    37,064
    Likes Received:
    1,287
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    The full path to the script is required in the command:

    Code:
    /scripts/php_fpm_config
    Thanks!
     
  13. AndyX

    AndyX Member

    Joined:
    Sep 25, 2015
    Messages:
    23
    Likes Received:
    2
    Trophy Points:
    3
    Location:
    Los Altos, CA
    cPanel Access Level:
    Website Owner
    Thank you, Michael.

    So far so good, I ran the script and my server is still running.

    upload_2017-1-20_10-2-13.png

    Now I will need to make the changes to the .yaml

    Code:
    /var/cpanel/ApachePHPFPM/system_pool_defaults.yaml
    
    and run the script again. I'm still not clear if the first line should have a --- or that was a mistake.

    Code:
    ---
    php_admin_value_disable_functions = { present_ifdefault: 0 }
    
     
  14. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    37,064
    Likes Received:
    1,287
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    Yes, that should be the first line. Information on YAML files is also available at:

    YAML - Wikipedia

    Thanks!
     
  15. AndyX

    AndyX Member

    Joined:
    Sep 25, 2015
    Messages:
    23
    Likes Received:
    2
    Trophy Points:
    3
    Location:
    Los Altos, CA
    cPanel Access Level:
    Website Owner
    I followed all the steps:

    1) Created a ApachePHPFPM folder and system_pool_defaults.yaml file.

    pic001.jpg

    2) The system_pool_defaults.yaml file contains:

    pic002.jpg

    3) Ran the script:

    /scripts/php_fpm_config --rebuild --domain=example.com

    Of course instead of using example.com I used my domain.

    4) Applied PHP-FPM

    pic003.jpg

    And the result is a server error when I try to view my server in the browser:

    pic004.jpg

    Looking at my error_log file I have many lines similar to this:

    pic005.jpg
     
    #15 AndyX, Jan 20, 2017
    Last edited: Jan 21, 2017
  16. AndyX

    AndyX Member

    Joined:
    Sep 25, 2015
    Messages:
    23
    Likes Received:
    2
    Trophy Points:
    3
    Location:
    Los Altos, CA
    cPanel Access Level:
    Website Owner
    Looking at the following error.log file:

    /opt/ea-php71/root/usr/var/log/php-fpm/error.log

    pic001.jpg

    I have never tried setting any pool, could that be the problem?
     
  17. AndyX

    AndyX Member

    Joined:
    Sep 25, 2015
    Messages:
    23
    Likes Received:
    2
    Trophy Points:
    3
    Location:
    Los Altos, CA
    cPanel Access Level:
    Website Owner
    I was never able to solve this issue.
     
  18. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    37,064
    Likes Received:
    1,287
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    Please revert any modifications you have made and let us know if the steps outlined below are helpful:

    1. Create the /var/cpanel/ApachePHPFPM directory:

    Code:
    mkdir /var/cpanel/ApachePHPFPM
    2. Create the /var/cpanel/ApachePHPFPM/system_pool_defaults.yaml file:

    Code:
    touch /var/cpanel/ApachePHPFPM/system_pool_defaults.yaml
    3. Edit /var/cpanel/ApachePHPFPM/system_pool_defaults.yaml using your preferred text editor (e.g. vi, nano) so that it looks exactly like this:

    Code:
    php_admin_value_disable_functions : passthru,system
    In this example, "passthru,system" are left as disabled functions. No other lines exist before or after this entry in this file.

    4. Regenerate the PHP-FPM configuration files via:

    Code:
    /scripts/php_fpm_config --rebuild
    Thank you.
     
    CyclingTribe likes this.
  19. Floyd R Turbo

    Floyd R Turbo Member

    Joined:
    Jul 30, 2015
    Messages:
    14
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    West Des Moines, IA
    cPanel Access Level:
    Root Administrator
    'sup @AndyX! Were you able to fix this? I'm hitting the same issue after bumping to php7 and php-fpm
     
  20. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    37,064
    Likes Received:
    1,287
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Do the instructions in my last response to this thread help?

    Thank you.
     
Loading...

Share This Page