Skip to main content

[apc-error] apc_mmap: ftruncate failed: File too large

I got this error when starting php5-fpm service. I am using Debian Squeeze with dotdeb.org repositories to get php5-fpm package for php 5.3.

In this case the error was related to APC package mismatch between debian and dotdeb.org repositories. To solve the problem I uninstalled php-apc from debian repositories and installed php5-apc from dotdeb.

# apt-get remove php-apc
# apt-get install php5-apc

Apache2 mpm worker + fastcgi + php5-fpm on debian

Install required packages:

# apt-get install libapache2-mod-fastcgi apache2-mpm-worker php5-fpm

To install php5-fpm on debian squeeze you can add dotdeb repository to your sources.list

deb http://packages.dotdeb.org stable all
deb-src http://packages.dotdeb.org stable all

Then run:

# wget -O- "http://www.dotdeb.org/dotdeb.gpg" | apt-key add -
# apt-get update

Configure php5-fpm pool in /etc/php5/fpm/pool.d/, www.conf by default, but you can change the name and set a new one based on virtual host.

user = user
group = group
listen = /var/run/php5-fpm.sock
listen.owner = user
listen.group = group
pm = dynamic
pm.max_children = 150
pm.start_servers = 30
pm.min_spare_servers = 15
pm.max_spare_servers = 40
pm.max_requests = 1000

You can also set a sock file name identifying the pool name. I am using only one pool in the server, so I leave it as default.
Configure Apc in /etc/php5/fpm/conf.d/20-apc

extension=apc.so
apc.enabled=1
apc.stat=0
apc.mmap_file_mask = /tmp/apc-XXXXXX
apc.enable_cli = 0
apc.max_file_size = 2M
apc.stat_ctime = 0
apc.shm_size = 128M
apc.canonicalize=0

Restart php5-fpm with the new configuration:

/etc/init.d/php5-fpm restart

Now, configure apache to be able to pass php requests to php5-fpm server:

Enable actions module if it isn’t enabled yet

# a2enmod actions

Configure fastcgi, edit file /etc/apache2/mods-enabled/fastcgi.conf

<IfModule mod_fastcgi.c>
  AddHandler fastcgi-script .fcgi
  #FastCgiWrapper /usr/lib/apache2/suexec
  FastCgiIpcDir /var/lib/apache2/fastcgi

  Alias /php5.fcgi /var/lib/apache2/fastcgi/php5.fcgi
  FastCGIExternalServer /var/lib/apache2/fastcgi/php5.fcgi -flush -socket /var/run/php5-fpm.sock
  # application/x-httpd-php                        phtml pht php
  # application/x-httpd-php3                       php3
  # application/x-httpd-php4                       php4
  # application/x-httpd-php5                       php
  <FilesMatch ".+\.ph(p[345]?|t|tml)$">
    SetHandler application/x-httpd-php
  </FilesMatch>
  Action application/x-httpd-php /php5.fcgi
  <Directory "/var/lib/apache2/fastcgi">
    Order deny,allow
    Deny from all
    <Files "php5.fcgi">
      Order allow,deny
      Allow from all
    </Files>
  </Directory>

</IfModule>

If you have several virtualhosts, each one with diferents pools, you can especifly the FastCGIExternalServer directive in each virtualhost configuration.

Create file /var/lib/apache2/fastcgi/php5.fcgi

# touch /var/lib/apache2/fastcgi/php5.fcgi

Restart apache:

# apachectl restart

And now test if your php files are served correctly by apache.

ModSecurity: Audit log: Failed to unlock global mutex: Permission denied

When using Cpanel 11.34.4 with mod_security (with ASL rules) + mod_ruid2 I got this error in Apache error log:

ModSecurity: Audit log: Failed to unlock global mutex: Permission denied

To solve:

put this lines into /usr/local/apache/conf/modsec2.user.conf

  SecAuditLogStorageDir /var/asl/data/audit
  SecAuditLogType Concurrent

Be sure you have right permissions under /var/asl/

UPDATE

You may still see this message in the error log file:

[Thu Feb 07 09:49:14 2013] [error] [client 199.115.231.231] ModSecurity: Audit log: Failed to create subdirectories: /var/asl/data/audit/20130207/20130207-0949 (Permission denied)

This is caused because each subdirectory is created with each apache httpd process owner, because of mod_ruid2 functionality. To solve this issue I’ve added this new mod_security directives for creating the logs subdirectories with the correct permissions.

SecAuditLogDirMode 0777
SecAuditLogFileMode 0550
SecAuditLogStorageDir /var/asl/data/audit
SecAuditLogType Concurrent

The last thing you have to do to allow to apache setting this file permissions when creating new files is set correct file creation mask.

I’ve edited /etc/init.d/httpd file and I’ve added this line at the top:

umask 000

Redmine git integration with Apache

This is a quick post to explain in a few steps the integration of git scm with redmine.

1- Install git package

On Debian:

# apt-get install git 

2- Create base directory for git repositories

# mkdir /var/git
# cd /var/git

3- Create git repository and initialize

# git init --bare myrepo.git
# cd myrepo.git
# git config http.receivepack true
# git config user.name="your_username"
# git config user.email="username@domain"

4- Finally set correct owner for apache

# chown www-data:www-data /var/git/myrepo.git -R

5- Configure Apache for git repositories

In your redmine virtual host add the following:

    ScriptAliasMatch \
          "(?x)^/git/(.*/(HEAD | \
                        info/refs | \
                        objects/(info/[^/]+ | \
                                 [0-9a-f]{2}/[0-9a-f]{38} | \
                                 pack/pack-[0-9a-f]{40}\.(pack|idx)) | \
                        git-(upload|receive)-pack))$" \
                       /usr/lib/git-core/git-http-backend/$1

        SetEnv GIT_PROJECT_ROOT /var/git
        SetEnv GIT_HTTP_EXPORT_ALL
    <Location /git>
      AuthType Basic
      AuthName "Redmine git repositories"
      Order deny,allow
      Deny from all
      #Allow from server_IP
      Allow from 127.0.0.1
      Require valid-user
      Satisfy any
      ## for mysql
      RedmineDSN "DBI:mysql:database=redmine;host=db_server"
      RedmineDbUser "dbuser"
      RedmineDbPass "dbpass"
    
      PerlAccessHandler Apache::Authn::Redmine::access_handler
      PerlAuthenHandler Apache::Authn::Redmine::authen_handler
    </Location>

Go to redmine interface and create a git repository in your project specifying the project path as /var/git/myrepo.git and that’s all!