Peruser MPM for Apache 2

Download: httpd-2.2.3-peruser-0.3.0.patch (Released October 4th, 2007)
Mailing List: http://www.telana.com/mailman/listinfo/peruser

Peruser is an Apache 2 module based on metuxmpm, a working implementation of the perchild MPM. The fundamental concept behind all of them is to run each apache child process as its own user and group, each handling its own set of virtual hosts. Peruser and recent metuxmpm releases can also chroot() apache processes. The result is a sane and secure web server environment for your users, without kludges like PHP's safe_mode.

Metuxmpm creates one child process per unique user and group, which then spawns threads to handle requests. This requires you to use multithreaded versions of PHP, as well as Perl and Python if you want to use mod_perl and mod_python. Between the three of them, and all the third-party modules and libraries they link to, there can be a lot of non-threadsafe code involved. That can cause nasty crashes that are very hard to reproduce and diagnose.

I required a non-threaded Apache, along with non-threaded PHP, Perl, and Python. Unfortunately, just removing thread support from metuxmpm leaves you with just one apache child handling requests for one or more virtual hosts. I created Peruser, which provides multiple processes for each unique user/group/chroot. Although it's working well so far (for me), there is a lot of room for improvement. Write the mailing list if you have questions, suggestions, or patches :)


FAQ

Q. What operating systems does peruser work on?

A. I'm targetting Linux exclusively, myself, as that's what I need peruser to run on. Unfortunately, I can't do much with bug reports for operating systems other than Linux; however, I'll gladly accept any patches as long as they're compatible with Linux.


Q. Does peruser support mod_ssl?

A. Experimental support for mod_ssl has been added as of version 0.2.0. Another option is to use an SSL-enabled reverse proxy, such as Pound, which also has load-balancing features. See http://www.apsis.ch/pound/ for details.


Q. Is peruser ready for production use?

A. In general, no. Although I run it on this production system, if it breaks I can usually fix it, or revert to an older version that does work. At this point the project needs developers and testers more than end-users. However, if you really want to run it on a production system, just be sure to test it thoroughly first, and remember there is no warranty. If it breaks, you get to keep both pieces :)


Q. Is peruser as scalable as vanilla apache?

A. No. Regular apache uses its entire pool of processes to handle all incoming requests; while peruser allocates smaller pools of processes assigned to different virtual hosts. This can never be as efficient. My suggestion is to load up on RAM, and perhaps utilize the load-balancing features of Pound and run multiple webservers.


Q. Is KeepAlive supported?

A. It is supported as of version 0.3.0.


Q. Is there a version of peruser for apache 2.0?

A. A patch for version 2.0.61 is here.

Installation

$ cd httpd-2.2.3/ $ cat /path/to/httpd-2.2.3-peruser-0.3.0.patch | patch -p1 $ ./buildconf $ ./configure --with-mpm=peruser [addtional configure arguments]
You're on your own after this point. Seriously, if you're not familiar with building apache, this project is not (yet) for you.

Configuration Example

<IfModule peruser.c> ServerLimit 256 MaxClients 256 MinSpareProcessors 2 MaxProcessors 10 MaxRequestsPerChild 1000 # kill idle processors after this many seconds (0 to disable) IdleTimeout 60 # kill hung processes after this many seconds (0 to disable) ExpireTimeout 300 # set up a few multiplexer processes running as nobody Multiplexer nobody nobody Multiplexer nobody nobody Multiplexer nobody nobody # Processor <user> <group> <chroot> # chroot is optional Processor alice users /home/alice Processor bob users </IfModule> <VirtualHost alice.com> ServerName alice.com # normal vhost configs <IfModule peruser.c> # this must match a Processor line ServerEnvironment alice users /home/alice # these are optional - defaults to the values specified above MinSpareProcessors 4 MaxProcessors 20 </IfModule> </VirtualHost> <VirtualHost alice.net> ... # several vhosts can use the same ServerEnvironment, # as long there is one matching Processor defined ServerEnvironment alice users /home/alice ... </VirtualHost> <VirtualHost bob.com> ... ServerEnvironment bob users ... </VirtualHost>