Hello,
I’d like to know which siteworx account on the server is consuming a lot of CPU/MEMORY
Some customers have bad php or cgi programs and I’d like to know which customer and which process are higher consumer.
For example sometimes I may see in nodeworx a high cpu and an high load average. With TOP I can see that is php/httpd pgm
The problem is that PHP is run under user Root so we can’t know which siteworx account is running the high cpu/memory php or CGI script.
Thanks
Pascal
check you error logs, or just skim the ones of all users, for phpScripts that keep running (easy way would be to check log sizes). This wont tell you difinativly, but you could probably narrow it down
You didnt by chance go to gburg did you?
No I didn’t.
Ok for the error logs, but it tell nothing special :\
And when it is CGI, it tell nothing at all
Thanks eDixon
Here is something I found, I looks like this project is dead, but not sure if there is something similar.
Basically the way the Suexec works, but instead of for CGI scritps its for apache. Apache will run a child process for a request as the user for a specific account specified in the Vhost.
Copy/Pasted from one of my old post in http://interworx.info/forums/showthread.php?t=262:
“Also, while on the subject of Suexec and running scripts as different users I found a module that was being developed that allowed you to have apache run child processes for each virtual host as a particular user which would allow PHP (or any other script) to run as a particular user instead of the Apache user set in the main apache config file. (http://httpd.apache.org/docs-2.0/mod/perchild.html)”
Thanks Justec
Did you test this module ?
Any bad effects on interworx-cp ?
Also, do you know if the BW calculator take in account the mail send/received by a siteworx account ?
Thanks for your help, if this module works fine with interworx, it’s exactly what I need.
Pascal
erfff just read this :
"This module is not functional. Development of this module is not complete and is not currently active. Do not use perchild unless you are a programmer willing to help fix it. "
I think this may be a dup of another thead:
http://interworx.info/forums/showthread.php?threadid=280
And I wanted as well to use the per-child MPM for the security benefits, to bad it’s lagged behind the others.
Chris
yes sorry for that.
So I answered on this other thread : http://interworx.info/forums/showthread.php?p=1752&posted=1#post1752
Do you know of any other similar projects to this?
It seems as though this one is dead an no one is working on it. I dont know how these things usually go 
Is it possible someone will pick it up in the future? I wonder why it isn’t moving futher along, I see this as a huge breakthrough for a shared hosting environment to see who is doing what on the server and as you said for security.
On the security note…
Something I figured out by mistake (not going into details). It is very easy to write a PHP script to browse other users directory on a shared server. Even easier on a server where you know the directory structure of the user accounts (ie. iworx or similar). And if you dont generate any PHP script error messages it is almost impossible to trace it back to a particular account since PHP runs as a “nobody” or “apache” or something.
One easy way to stop the above (at least the way I figured out) is adding a
php_admin_value open_basedir line to the vhost. So that the user only has writes to certain directories. You just have to remember to include all directories that account might need.
Example:
php_admin_value open_basedir “/home/theuser/:/usr/share/:/usr/lib/php4/:/phptemp”
Example:
php_admin_value open_basedir “/home/theuser/:/usr/share/:/usr/lib/php4/:/phptemp”
open basedir has been buggy in the past and I’m not sure if it’s 100% fixed in 4.3.9 or not. We’ve had a bunch of shared boxes using it and found that often even though our settings are per-vhost, the open_basedir setting would be set to the last vhost in the bunch for all vhosts.
Regarding per-child MPM I’m not sure, it’d be nice to see someone get it at least working with some stability initially, at least so it performs the simplest functions that it was designed to.
Chris
Hello,
Maybe it could be fine to post all these comments about php/apache/mysqld tweaks/security/perfomance in one thread ?
I’m pretty sure it may concern a lot of interworx-cp users.
We talk about perchild, php basedir or fastcgi in this other post. http://interworx.info/forums/showthread.php?t=280
As soon as I have a new free box, I’ll be ok to do some test.
The biggest concern is, I think, to be able to trace high php/cgi pgms under nodeworx.
Thanks
Pascal
Maybe it could be fine to post all these comments about php/apache/mysqld tweaks/security/perfomance in one thread ?
Sure pascal, or eventually a dedicated forum.
Chris
Sure pascal, or eventually a dedicated forum
Yes it could be great.
I don’t really know what think your others users about this, but for me it is very interesting.
Pascal