/**
* 根据配置初始化服务器
*/
function init_pcntl()
{
if (isset($this->cfg['pcntl']['daemon'])) {
$this->daemon();
}
$this->main_pid = posix_getpid();
if (isset($this->cfg['pcntl']['user'])) {
$user = posix_getpwnam($this->cfg['pcntl']['user']);
$this->setuid($user['uid'], $user['gid']);
}
if (isset($this->cfg['pcntl']['pid_file'])) {
file_put_contents($this->cfg['pcntl']['pid_file'], $this->main_pid);
}
if (isset($this->cfg['pcntl']['chroot'])) {
chroot($this->cfg['pcntl']['chroot']);
}
}
/**
* Register Fs_Node as named path.
*
* Changing predefined paths:
* root chroot()
* home setenv(HOME)
* cwd chdir()
* basepath Project basepath (defaults to document_root)
*
* @param string $name
* @param string|Fs_Node $file
*/
public static function setPath($name, $file)
{
if (!$file instanceof Fs_Node) {
$file = self::get($file);
}
$name = strtolower($name);
switch ($name) {
case 'root':
if (!chroot($file)) {
throw new Exception("Failed to change root to '{$file}'.");
}
return;
case 'home':
if (!putenv("HOME={$file}")) {
throw new Exception("Failed to change home dir to '{$file}'.");
}
break;
case 'cwd':
if (!chdir($file)) {
throw new Exception("Failed to change dir to '{$file}'.");
}
return;
case 'document_root':
case 'script':
throw new Exception("Unable to set {$name} to '{$file}'; Property is read only.");
}
self::$paths[$name] = $file;
}
public function run()
{
proc_nice(Daemon::$settings['workerpriority']);
Daemon::$worker = $this;
$this->microsleep = Daemon::$settings['microsleep'];
$this->autoReloadLast = time();
$this->reloadDelay = Daemon::$parsedSettings['mpmdelay'] + 2;
$this->setStatus(4);
Thread::setproctitle(Daemon::$runName . ': worker process' . (Daemon::$settings['pidfile'] !== Daemon::$settings['defaultpidfile'] ? ' (' . Daemon::$settings['pidfile'] . ')' : ''));
register_shutdown_function(array($this, 'shutdown'));
if (Daemon::$settings['autogc'] > 0) {
gc_enable();
} else {
gc_disable();
}
if (isset(Daemon::$settings['group'])) {
$sg = posix_getgrnam(Daemon::$settings['group']);
}
if (isset(Daemon::$settings['user'])) {
$su = posix_getpwnam(Daemon::$settings['user']);
}
if (Daemon::$settings['chroot'] !== '/') {
if (posix_getuid() != 0) {
Daemon::log('You must have the root privileges to change root.');
exit(0);
} elseif (!chroot(Daemon::$settings['chroot'])) {
Daemon::log('Couldn\'t change root to \'' . Daemon::$settings['chroot'] . '\'.');
exit(0);
}
}
if (isset(Daemon::$settings['group'])) {
if ($sg === FALSE) {
Daemon::log('Couldn\'t change group to \'' . Daemon::$settings['group'] . '\'. You must replace config-variable \'group\' with existing group.');
exit(0);
} elseif ($sg['gid'] != posix_getgid() && !posix_setgid($sg['gid'])) {
Daemon::log('Couldn\'t change group to \'' . Daemon::$settings['group'] . "'. Error (" . ($errno = posix_get_last_error()) . '): ' . posix_strerror($errno));
exit(0);
}
}
if (isset(Daemon::$settings['user'])) {
if ($su === FALSE) {
Daemon::log('Couldn\'t change user to \'' . Daemon::$settings['user'] . '\', user not found. You must replace config-variable \'user\' with existing username.');
exit(0);
} elseif ($su['uid'] != posix_getuid() && !posix_setuid($su['uid'])) {
Daemon::log('Couldn\'t change user to \'' . Daemon::$settings['user'] . "'. Error (" . ($errno = posix_get_last_error()) . '): ' . posix_strerror($errno));
exit(0);
}
}
if (Daemon::$settings['cwd'] !== '.') {
if (!@chdir(Daemon::$settings['cwd'])) {
Daemon::log('WORKER ' . $this->pid . '] Couldn\'t change directory to \'' . Daemon::$settings['cwd'] . '.');
}
}
$this->setStatus(6);
$this->eventBase = event_base_new();
Daemon::$appResolver->preload();
foreach (Daemon::$appInstances as $app) {
foreach ($app as $appInstance) {
if (!$appInstance->ready) {
$this->ready = TRUE;
$appInstance->onReady();
}
}
}
$this->setStatus(1);
$ev = event_new();
event_set($ev, STDIN, EV_TIMEOUT, function () {
}, array());
event_base_set($ev, $this->eventBase);
$this->timeoutEvent = $ev;
while (TRUE) {
pcntl_signal_dispatch();
if (($s = $this->checkState()) !== TRUE) {
$this->closeSockets();
if (sizeof($this->queue) === 0) {
return $s;
}
}
event_add($this->timeoutEvent, $this->microsleep);
event_base_loop($this->eventBase, EVLOOP_ONCE);
do {
for ($i = 0, $s = sizeof($this->eventsToAdd); $i < $s; ++$i) {
event_add($this->eventsToAdd[$i]);
unset($this->eventsToAdd[$i]);
}
$this->readPool();
$processed = $this->runQueue();
} while ($processed || $this->readPoolState || $this->eventsToAdd);
}
}
/**
* Setup settings on start.
* @return void
*/
protected function prepareSystemEnv()
{
proc_nice(Daemon::$config->workerpriority->value);
register_shutdown_function(function () {
$this->shutdown(true);
});
$this->setTitle(Daemon::$runName . ': worker process' . (Daemon::$config->pidfile->value !== Daemon::$config->defaultpidfile->value ? ' (' . Daemon::$config->pidfile->value . ')' : ''));
if (isset(Daemon::$config->group->value)) {
$sg = posix_getgrnam(Daemon::$config->group->value);
}
if (isset(Daemon::$config->user->value)) {
$su = posix_getpwnam(Daemon::$config->user->value);
}
$flushCache = false;
if (Daemon::$config->chroot->value !== '/') {
if (posix_getuid() != 0) {
Daemon::log('You must have the root privileges to change root.');
exit(0);
} elseif (!chroot(Daemon::$config->chroot->value)) {
Daemon::log('Couldn\'t change root to \'' . Daemon::$config->chroot->value . '\'.');
exit(0);
}
$flushCache = true;
}
if (isset(Daemon::$config->group->value)) {
if ($sg === FALSE) {
Daemon::log('Couldn\'t change group to \'' . Daemon::$config->group->value . '\'. You must replace config-variable \'group\' with existing group.');
exit(0);
} elseif ($sg['gid'] != posix_getgid() && !posix_setgid($sg['gid'])) {
Daemon::log('Couldn\'t change group to \'' . Daemon::$config->group->value . "'. Error (" . ($errno = posix_get_last_error()) . '): ' . posix_strerror($errno));
exit(0);
}
$flushCache = true;
}
if (isset(Daemon::$config->user->value)) {
if ($su === FALSE) {
Daemon::log('Couldn\'t change user to \'' . Daemon::$config->user->value . '\', user not found. You must replace config-variable \'user\' with existing username.');
exit(0);
} elseif ($su['uid'] != posix_getuid() && !posix_setuid($su['uid'])) {
Daemon::log('Couldn\'t change user to \'' . Daemon::$config->user->value . "'. Error (" . ($errno = posix_get_last_error()) . '): ' . posix_strerror($errno));
exit(0);
}
$flushCache = true;
}
if ($flushCache) {
clearstatcache(true);
}
if (Daemon::$config->cwd->value !== '.') {
if (!@chdir(Daemon::$config->cwd->value)) {
Daemon::log('Couldn\'t change directory to \'' . Daemon::$config->cwd->value . '.');
}
clearstatcache(true);
}
}
/**
* 尝试设置运行当前进程的用户、用户组、文件系统根目录
*
* @param $user_name
*/
public function setProcessUserAndRoot()
{
// set chroot
if ($this->chroot) {
if (posix_getuid() != 0) {
self::log('Waring: You must have the root privileges to change root.', true);
} else {
if (!chroot($this->chroot)) {
return self::log("Notice: chroot({$this->chroot}) fail.", true);
}
}
}
// get uid
$user_info = posix_getpwnam($this->user);
if (!$user_info) {
return self::log("Waring: User {$this->user} not exsits", true);
}
$uid = $user_info['uid'];
// get gid
if ($this->group) {
$group_info = posix_getgrnam($this->group);
if (!$group_info) {
return self::log("Waring: Group {$this->group} not exsits", true);
}
$gid = $group_info['gid'];
} else {
$gid = $user_info['gid'];
}
// set uid and gid
if ($uid != posix_getuid() || $gid != posix_getgid()) {
if (posix_getuid() != 0) {
self::log('Waring: You must have the root privileges to change uid and gid.', true);
} elseif (!posix_setgid($gid) || !posix_initgroups($user_info['name'], $gid) || !posix_setuid($uid)) {
self::log("Waring: change gid or uid fail.", true);
}
}
}
} else {
echo '<center>';
foreach ($users as $user) {
echo $user . "<br>";
}
echo '</center>';
}
echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=" . $_SERVER['PHP_SELF'] . ">BACK</a> ]</b></font></div>";
die;
}
if (!empty($_POST['dir'])) {
if (@function_exists('chdir')) {
@chdir($_POST['dir']);
} else {
if (@function_exists('chroot')) {
@chroot($_POST['dir']);
}
}
}
if (empty($_POST['dir'])) {
if (@function_exists('chdir')) {
$dir = @getcwd();
}
} else {
$dir = $_POST['dir'];
}
$unix = 0;
if (strlen($dir) > 1 && $dir[1] == ":") {
$unix = 0;
} else {
$unix = 1;
<?php
mkdir("chroot_001_x");
var_dump(is_dir("chroot_001_x"));
var_dump(chroot("chroot_001_x"));
var_dump(is_dir("chroot_001_x"));
var_dump(realpath("."));
function server_security_preparation(){
global $SERVER_CONFIG;
$pid = pcntl_fork();
if ($pid == -1){
// error
server_log_halt("Can not fork()...");
exit;
}else if ($pid){
// parent
exit;
}else{
// child becomes our daemon
}
// Became session leader
posix_setsid();
fclose(STDIN);
fclose(STDOUT);
fclose(STDERR);
// moved at the end after chroot
//chdir('/');
umask(0);
// chroot
if ($chroot = $SERVER_CONFIG["chroot"]){
if ( function_exists("chroot") ){
chroot($chroot);
// chdir('/');
server_log("chroot() to $chroot", 1);
}else{
server_log("Can not chroot(). Will try live without it.");
}
}
if ( $SERVER_CONFIG["chdir"] )
chdir( $SERVER_CONFIG["chdir"] );
//install signal() handler
pcntl_signal(SIGHUP, "server_signal_handler");
// ignore USR1
pcntl_signal(SIGUSR1, SIG_IGN);
// Similar to apache, we will keep the master as root, and will setuid children.
//server_setuid();
}
var_dump(is_writable($path1)); var_dump(is_writeable($path1)); var_dump(is_readable($path1)); var_dump(is_executable($path1)); var_dump(is_file($path1)); var_dump(is_dir($path1)); var_dump(is_link($path1)); var_dump(file_exists($path1)); var_dump(stat($path1)); var_dump(lstat($path1)); var_dump(realpath($path1)); var_dump(disk_free_space($path1)); var_dump(diskfreespace($path1)); var_dump(disk_total_space($path1)); var_dump(chmod($path1, '644')); var_dump(chown($path1, 'nobody')); var_dump(lchown($path1, 'nobody')); var_dump(chgrp($path1, 'nogrp')); var_dump(lchgrp($path1, 'nogrp')); var_dump(touch($path1)); var_dump(copy($path1, $path2)); var_dump(rename($path1, $path2)); var_dump(unlink($path1, $path2)); var_dump(link($path1, $path2)); var_dump(symlink($path1, $path2)); var_dump(fnmatch($path1, $path2)); var_dump(tempnam($path1, 'tmp')); var_dump(mkdir($path1)); var_dump(chdir($path1)); var_dump(chroot($path1)); var_dump(scandir($path1));
/**
* Change the root directory
*
* @param string $directory The path to change the root directory to.
*
* @return bool
*/
public function chroot(string $directory) : bool
{
return chroot($directory);
}
