AW: How do I mount a private temp folder for PHP-FPM in chroot?
Quick follow-up.
1) CHROOT DISABLED = WORKS
In my configuration /etc/php5/fpm/pool.d/mywebsite.conf I disabled chroot
`# chroot=/var/www/mywebsite`
In /lib/systemd/system/php5-fpm.service I enabled `PrivateTmp=true` to the `[Service]` section.
I ran `systemctl daemon-reload` and `service php5-fpm restart`.
Now I can confirm that a folder `/tmp/systemd-private-90d6b4c0238b41199e49bcf031b45183-php5-fpm.service-kY3OWo/` has been created.
I can further confirm that the php-fpm now has a private tmp folder when accessing `/tmp`.
2) CHROOT ENABLED = FAILS
In my configuration /etc/php5/fpm/pool.d/www.conf I enabled chroot
`chroot=/var/www/`
In /lib/systemd/system/php5-fpm.service I enabled `PrivateTmp=true` to the `[Service]` section.
I ran `systemctl daemon-reload` and `service php5-fpm restart`.
Now I can confirm that a folder `/tmp/systemd-private-90d6b4c0238b41199e49bcf031b45183-php5-fpm.service-kY3OWo/` has been created.
Now I run `mount --bind /tmp /var/www/mywebsite/tmp` and `service php5-fpm restart`.
I can confirm that php-fpm now has access to /tmp in the chroot.
HOWEVER, /tmp in chroot (which is /var/www/mywebsite/tmp) is not a private tmp but shows the same content as the system folder /tmp.
I don't even know where to begin. Is my configuration wrong or is this a bug somewhere in systemd or php-fpm?
Cheers
Stadtpirat
Reply to: