Submitted by knowingly on Fri, 05/02/2014 - 04:08
Hi!
So, we're running HHVM, which is pretty cool. However, I have an issue -- HHVM wants to run as www-data, which forbids it access to any of the domain directories created (i.e. /home/example.com/public_html).
I'm not sure how to proceed in a fashion that works well with Virtualmin. Normally, what I'd do is create an "hhvm" user to run the process, and then add them to all the domain-specific groups.
What's the suggested solution here?
Status:
Closed (fixed)
Comments
Submitted by andreychek on Fri, 05/02/2014 - 09:06 Comment #1
Howdy -- I'm unfortunately not familiar with HHVM, so I'm not able to assist with the configuration of it.
However, I can offer that mod_php functions similarly, in that it runs as www-data.
When using mod_php, the key is to have the PHP application only write to certain directories within the user's public_html folder -- and then to identify what directories those are, and to make them world writable.
Once those directories are set to world writable, the application can function correctly.
Note though that in the case of mod_php, running as the user www-data is considered a security risk, and we recommend against that, unless the system hosts only trusted users.
Submitted by knowingly on Fri, 05/02/2014 - 09:18 Comment #2
Let's assume for a moment that security is not a huge issue for us.
Is there any reason, within Virtualmin, that my idea of making an HHVM user (it does operate identically to mod_php, in most respects) and making them members of all the user groups wouldn't work?
Submitted by andreychek on Fri, 05/02/2014 - 13:40 Comment #3
Yes I believe what you're describing will work, so long as you make sure that the files and directories are group writable.
Submitted by knowingly on Fri, 05/02/2014 - 14:03 Comment #4
Thanks!