Announcement

Collapse
No announcement yet.

Be able ot know who is consuming what

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Be able ot know who is consuming what

    Hello,

    I'd like to know which siteworx account on the server is consuming a lot of CPU/MEMORY

    Some customers have bad php or cgi programs and I'd like to know which customer and which process are higher consumer.

    For example sometimes I may see in nodeworx a high cpu and an high load average. With TOP I can see that is php/httpd pgm

    The problem is that PHP is run under user Root so we can't know which siteworx account is running the high cpu/memory php or CGI script.

    Thanks
    Pascal

  • #2
    check you error logs, or just skim the ones of all users, for phpScripts that keep running (easy way would be to check log sizes). This wont tell you difinativly, but you could probably narrow it down

    You didnt by chance go to gburg did you?

    Comment


    • #3
      No I didn't.

      Ok for the error logs, but it tell nothing special :\
      And when it is CGI, it tell nothing at all

      Thanks eDixon

      Comment


      • #4
        Here is something I found, I looks like this project is dead, but not sure if there is something similar.

        Basically the way the Suexec works, but instead of for CGI scritps its for apache. Apache will run a child process for a request as the user for a specific account specified in the Vhost.

        Copy/Pasted from one of my old post in http://interworx.info/forums/showthread.php?t=262:
        "Also, while on the subject of Suexec and running scripts as different users I found a module that was being developed that allowed you to have apache run child processes for each virtual host as a particular user which would allow PHP (or any other script) to run as a particular user instead of the Apache user set in the main apache config file. (http://httpd.apache.org/docs-2.0/mod/perchild.html)"
        [ JUSTIN ]
        [ OFF unit ]
        [ WEB DESIGN / DEVELOPMENT, GRAPHIC DESIGN, OTHER STUFF
        ]

        Comment


        • #5
          Thanks Justec

          Did you test this module ?

          Any bad effects on interworx-cp ?

          Also, do you know if the BW calculator take in account the mail send/received by a siteworx account ?

          Thanks for your help, if this module works fine with interworx, it's exactly what I need.

          Pascal

          Comment


          • #6
            erfff just read this :

            "This module is not functional. Development of this module is not complete and is not currently active. Do not use perchild unless you are a programmer willing to help fix it. "

            Comment


            • #7
              I think this may be a dup of another thead:

              http://interworx.info/forums/showthr...p?threadid=280

              And I wanted as well to use the per-child MPM for the security benefits, to bad it's lagged behind the others.

              Chris
              Chris Wells
              InterWorx L.L.C. | http://interworx.com
              InterWorx Control Panel

              Comment


              • #8
                yes sorry for that.
                So I answered on this other thread : http://interworx.info/forums/showthr...ted=1#post1752

                Comment


                • #9
                  Originally posted by IWorx-Chris
                  And I wanted as well to use the per-child MPM for the security benefits, to bad it's lagged behind the others.

                  Chris
                  Do you know of any other similar projects to this?

                  It seems as though this one is dead an no one is working on it. I dont know how these things usually go Is it possible someone will pick it up in the future? I wonder why it isn't moving futher along, I see this as a huge breakthrough for a shared hosting environment to see who is doing what on the server and as you said for security.


                  On the security note...
                  Something I figured out by mistake (not going into details). It is very easy to write a PHP script to browse other users directory on a shared server. Even easier on a server where you know the directory structure of the user accounts (ie. iworx or similar). And if you dont generate any PHP script error messages it is almost impossible to trace it back to a particular account since PHP runs as a "nobody" or "apache" or something.

                  One easy way to stop the above (at least the way I figured out) is adding a
                  php_admin_value open_basedir line to the vhost. So that the user only has writes to certain directories. You just have to remember to include all directories that account might need.

                  Example:
                  php_admin_value open_basedir "/home/theuser/:/usr/share/:/usr/lib/php4/:/phptemp"
                  [ JUSTIN ]
                  [ OFF unit ]
                  [ WEB DESIGN / DEVELOPMENT, GRAPHIC DESIGN, OTHER STUFF
                  ]

                  Comment


                  • #10
                    Example:
                    php_admin_value open_basedir "/home/theuser/:/usr/share/:/usr/lib/php4/:/phptemp"
                    open basedir has been buggy in the past and I'm not sure if it's 100% fixed in 4.3.9 or not. We've had a bunch of shared boxes using it and found that often even though our settings are per-vhost, the open_basedir setting would be set to the last vhost in the bunch for all vhosts.

                    Regarding per-child MPM I'm not sure, it'd be nice to see someone get it at least working with some stability initially, at least so it performs the simplest functions that it was designed to.

                    Chris
                    Chris Wells
                    InterWorx L.L.C. | http://interworx.com
                    InterWorx Control Panel

                    Comment


                    • #11
                      Hello,

                      Maybe it could be fine to post all these comments about php/apache/mysqld tweaks/security/perfomance in one thread ?

                      I'm pretty sure it may concern a lot of interworx-cp users.

                      We talk about perchild, php basedir or fastcgi in this other post. http://interworx.info/forums/showthread.php?t=280

                      As soon as I have a new free box, I'll be ok to do some test.

                      The biggest concern is, I think, to be able to trace high php/cgi pgms under nodeworx.

                      Thanks
                      Pascal

                      Comment


                      • #12
                        Maybe it could be fine to post all these comments about php/apache/mysqld tweaks/security/perfomance in one thread ?
                        Sure pascal, or eventually a dedicated forum.

                        Chris
                        Chris Wells
                        InterWorx L.L.C. | http://interworx.com
                        InterWorx Control Panel

                        Comment


                        • #13
                          Sure pascal, or eventually a dedicated forum
                          Yes it could be great.

                          I don't really know what think your others users about this, but for me it is very interesting.

                          Pascal

                          Comment

                          Working...
                          X