CPU usage và open_basedir

Trong cấu hình PHP,

open_basedir=”/var/www/html/” làm CPU usage tăng vọt rất bất thường,

open_basedir=”" đưa về mặc định, CPU usage giảm ngay lập tức

Có thể dễ dàng quan sát thấy trong đồ thị trên, khoảng 10h trưa CN, CPU usage giảm xuống.

Bật lại open_basedir=”/var/www/html/” CPU usage lại tăng lên!

Chưa hiểu lý do!

- Liệu liên quan tới Safe_mode off/on ư? Hay là do APC?…



Limit the files that can be opened by PHP to the specified directory-tree, including the file itself. This directive is NOT affected by whether Safe Mode is turned On or Off.

When a script tries to open a file with, for example, fopen() or gzopen(), the location of the file is checked. When the file is outside the specified directory-tree, PHP will refuse to open it. All symbolic links are resolved, so it’s not possible to avoid this restriction with a symlink. If the file doesn’t exist then the symlink couldn’t be resolved and the filename is compared to (a resolved) open_basedir .

The special value . indicates that the working directory of the script will be used as the base-directory. This is, however, a little dangerous as the working directory of the script can easily be changed with chdir().

In httpd.conf, open_basedir can be turned off (e.g. for some virtual hosts) the same way as any other configuration directive with “php_admin_value open_basedir none“.

Under Windows, separate the directories with a semicolon. On all other systems, separate the directories with a colon. As an Apache module, open_basedir paths from parent directories are now automatically inherited.

The restriction specified with open_basedir is a directory name since PHP 5.2.16 and 5.3.4. Previous versions used it as a prefix. This means that “open_basedir = /dir/incl” also allowed access to “/dir/include” and “/dir/incls” if they exist. When you want to restrict access to only the specified directory, end with a slash. For example: open_basedir = /dir/incl/

The default is to allow all files to be opened.


Leave a Reply