Hi,

Thanks for the cool process manager!

I want to use FPM in setups with several pools where processes in each
pool should only have access to a specific folder/hierarchy
(e.g., pool user1 will have user "user1" and access to
/var/www/vhosts/user1.com and pool user2 to
/var/www/vhosts/user2.com but they should not be able to access
each other's dir, or even to know it exists).

Pne of the ways to do this in Linux, avoiding some of the headaches of
chroot (e.g., binaries/libs that need to be inside the chroot and updating
those) is apparmor: http://wiki.apparmor.net

Usually apparmor has profiles per executable path (i.e., just one profile
for php5-fpm) but there is also the ability to have "hats" / subprofiles
which would work nicely for the php case, I think.

There is already a module for PAM (sshd / su etc use it transparently
this way) as well as modules for apache (useful for mod_php) and
tomcat.

I would like to have this functionality in php-fpm as well.

Is this feature already discussed / planned / implemented by someone
somewhere etc?

If not, I haven't looked hard into how it could be implemented yet
but it seems that one way would be to add PAM support to FPM
and start a PAM session after doing setuid/setgid etc when a new
pool is created.

Then admins could add apparmor support as well transparently
without FPM having any direct dependency to apparmor (which
I assume would be undesirable).

Any opinions?

Cheers,
Pantelis