diff -r ff27cb88e067 php.ini-development --- a/php.ini-development Tue Dec 11 17:24:17 2018 +0000 +++ b/php.ini-development Tue Dec 11 17:30:10 2018 +0000 @@ -165,7 +165,7 @@ ;user_ini.filename = ".user.ini" ; To disable this feature set this option to an empty value -;user_ini.filename = +user_ini.filename = ; TTL for user-defined php.ini files (time-to-live) in seconds. Default is 300 seconds (5 minutes) ;user_ini.cache_ttl = 300 @@ -189,7 +189,7 @@ ; Development Value: Off ; Production Value: Off ; http://php.net/short-open-tag -short_open_tag = Off +short_open_tag = On ; The number of significant digits displayed in floating point numbers. ; http://php.net/precision @@ -308,6 +308,9 @@ ; http://php.net/disable-functions disable_functions = +; this is an example +;disable_functions = php_uname, getmyuid, getmypid, passthru, leak, listen, diskfreespace, tmpfile, link, ignore_user_abord, shell_exec, dl, set_time_limit, exec, system, highlight_file, source, show_source, fpaththru, virtual, posix_ctermid, posix _getcwd, posix_getegid, posix_geteuid, posix_getgid, posix_getgrgid, posix_getgrnam, posix_getgroups, posix_getlogin, posix_g etpgid, posix_getpgrp, posix_getpid, posix, _getppid, posix_getpwnam, posix_getpwuid, posix_getrlimit, posix_getsid, posix_ge tuid, posix_isatty, posix_kill, posix_mkfifo, posix_setegid, posix_seteuid, posix_setgid, posix_setpgid, posix_setsid, posix_ setuid, posix_times, posix_ttyname, posix_uname, proc_open, proc_close, proc_get_status, proc_nice, proc_terminate, phpinfo + ; This directive allows you to disable certain classes for security reasons. ; It receives a comma-delimited list of class names. ; http://php.net/disable-classes @@ -721,14 +724,9 @@ ; Paths and Directories ; ;;;;;;;;;;;;;;;;;;;;;;;;; -; UNIX: "/path1:/path2" -;include_path = ".:/php/includes" -; -; Windows: "\path1;\path2" -;include_path = ".;c:\php\includes" -; ; PHP's default setting for include_path is ".;/path/to/php/pear" ; http://php.net/include-path +include_path = ".:/usr/lib/php/:/usr/share/pear/:/usr/share/php/" ; The root of the PHP pages, used only if nonempty. ; if PHP was not compiled with FORCE_REDIRECT, you SHOULD set doc_root @@ -747,7 +745,7 @@ ; http://php.net/extension-dir ;extension_dir = "./" ; On windows: -;extension_dir = "ext" +extension_dir = "/usr/lib/php/extensions" ; Directory where the temporary files should be placed. ; Defaults to the system default (see sys_get_temp_dir) @@ -828,11 +826,11 @@ ; Temporary directory for HTTP uploaded files (will use system default if not ; specified). ; http://php.net/upload-tmp-dir -;upload_tmp_dir = +upload_tmp_dir = /var/tmp ; Maximum allowed size for uploaded files. ; http://php.net/upload-max-filesize -upload_max_filesize = 2M +upload_max_filesize = 16M ; Maximum number of files that can be uploaded via a single request max_file_uploads = 20 @@ -874,67 +872,11 @@ ; Dynamic Extensions ; ;;;;;;;;;;;;;;;;;;;;;; -; If you wish to have an extension loaded automatically, use the following -; syntax: -; -; extension=modulename -; -; For example: -; -; extension=mysqli -; -; When the extension library to load is not located in the default extension -; directory, You may specify an absolute path to the library file: -; -; extension=/path/to/extension/mysqli.so -; -; Note : The syntax used in previous PHP versions ('extension=<ext>.so' and -; 'extension='php_<ext>.dll') is supported for legacy reasons and may be -; deprecated in a future PHP major version. So, when it is possible, please -; move to the new ('extension=<ext>) syntax. -; -; Notes for Windows environments : -; -; - Many DLL files are located in the extensions/ (PHP 4) or ext/ (PHP 5+) -; extension folders as well as the separate PECL DLL download (PHP 5+). -; Be sure to appropriately set the extension_dir directive. -; -;extension=bz2 -;extension=curl -;extension=fileinfo -;extension=gd2 -;extension=gettext -;extension=gmp -;extension=intl -;extension=imap -;extension=interbase -;extension=ldap -;extension=mbstring -;extension=exif ; Must be after mbstring as it depends on it -;extension=mysqli -;extension=oci8_12c ; Use with Oracle Database 12c Instant Client -;extension=odbc -;extension=openssl -;extension=pdo_firebird -;extension=pdo_mysql -;extension=pdo_oci -;extension=pdo_odbc -;extension=pdo_pgsql -;extension=pdo_sqlite -;extension=pgsql -;extension=shmop +; In Mageia, we don't add the extensions in php.ini anymore, we put +; them in /etc/php.d/<number>_<name>.ini, for example 10_recode.ini. +; This is so that the RPMS can register themselves without having to +; modify the php.ini file. -; The MIBS data available in the PHP distribution must be installed. -; See http://www.php.net/manual/en/snmp.installation.php -;extension=snmp - -;extension=soap -;extension=sockets -;extension=sodium -;extension=sqlite3 -;extension=tidy -;extension=xmlrpc -;extension=xsl ;;;;;;;;;;;;;;;;;;; ; Module Settings ; @@ -1340,7 +1282,7 @@ ; where MODE is the octal representation of the mode. Note that this ; does not overwrite the process's umask. ; http://php.net/session.save-path -;session.save_path = "/tmp" +session.save_path = "/var/lib/php" ; Whether to use strict session mode. ; Strict session mode does not accept an uninitialized session ID, and @@ -1409,7 +1351,12 @@ ; Development Value: 1 ; Production Value: 1 ; http://php.net/session.gc-probability -session.gc_probability = 1 + +; This is disabled in the Mageia Linux packages, due to the strict permissions +; on /var/lib/php. Instead of setting this here, see the cronjob at +; /etc/cron.d/php, which uses the session.gc_maxlifetime settings from the +; /etc/php.d/*_session.ini file. +session.gc_probability = 0 ; Defines the probability that the 'garbage collection' process is started on every ; session initialization. The probability is calculated by using the following equation: @@ -1740,7 +1687,7 @@ ; Sets the directory name where SOAP extension will put cache files. ; http://php.net/soap.wsdl-cache-dir -soap.wsdl_cache_dir="/tmp" +soap.wsdl_cache_dir="/var/tmp" ; (time to live) Sets the number of second while cached file will be used ; instead of original one. diff -r ff27cb88e067 php.ini-production --- a/php.ini-production Tue Dec 11 17:24:17 2018 +0000 +++ b/php.ini-production Tue Dec 11 17:30:10 2018 +0000 @@ -170,7 +170,7 @@ ;user_ini.filename = ".user.ini" ; To disable this feature set this option to an empty value -;user_ini.filename = +user_ini.filename = ; TTL for user-defined php.ini files (time-to-live) in seconds. Default is 300 seconds (5 minutes) ;user_ini.cache_ttl = 300 @@ -194,7 +194,7 @@ ; Development Value: Off ; Production Value: Off ; http://php.net/short-open-tag -short_open_tag = Off +short_open_tag = On ; The number of significant digits displayed in floating point numbers. ; http://php.net/precision @@ -313,6 +313,9 @@ ; http://php.net/disable-functions disable_functions = +; this is an example +;disable_functions = php_uname, getmyuid, getmypid, passthru, leak, listen, diskfreespace, tmpfile, link, ignore_user_abord, shell_exec, dl, set_time_limit, exec, system, highlight_file, source, show_source, fpaththru, virtual, posix_ctermid, posix _getcwd, posix_getegid, posix_geteuid, posix_getgid, posix_getgrgid, posix_getgrnam, posix_getgroups, posix_getlogin, posix_g etpgid, posix_getpgrp, posix_getpid, posix, _getppid, posix_getpwnam, posix_getpwuid, posix_getrlimit, posix_getsid, posix_ge tuid, posix_isatty, posix_kill, posix_mkfifo, posix_setegid, posix_seteuid, posix_setgid, posix_setpgid, posix_setsid, posix_ setuid, posix_times, posix_ttyname, posix_uname, proc_open, proc_close, proc_get_status, proc_nice, proc_terminate, phpinfo + ; This directive allows you to disable certain classes for security reasons. ; It receives a comma-delimited list of class names. ; http://php.net/disable-classes @@ -728,14 +731,9 @@ ; Paths and Directories ; ;;;;;;;;;;;;;;;;;;;;;;;;; -; UNIX: "/path1:/path2" -;include_path = ".:/php/includes" -; -; Windows: "\path1;\path2" -;include_path = ".;c:\php\includes" -; ; PHP's default setting for include_path is ".;/path/to/php/pear" ; http://php.net/include-path +include_path = ".:/usr/lib/php/:/usr/share/pear/:/usr/share/php/" ; The root of the PHP pages, used only if nonempty. ; if PHP was not compiled with FORCE_REDIRECT, you SHOULD set doc_root @@ -754,7 +752,7 @@ ; http://php.net/extension-dir ;extension_dir = "./" ; On windows: -;extension_dir = "ext" +extension_dir = ""/usr/lib/php/extensions ; Directory where the temporary files should be placed. ; Defaults to the system default (see sys_get_temp_dir) @@ -835,11 +833,11 @@ ; Temporary directory for HTTP uploaded files (will use system default if not ; specified). ; http://php.net/upload-tmp-dir -;upload_tmp_dir = +upload_tmp_dir = /var/tmp ; Maximum allowed size for uploaded files. ; http://php.net/upload-max-filesize -upload_max_filesize = 2M +upload_max_filesize = 16M ; Maximum number of files that can be uploaded via a single request max_file_uploads = 20 @@ -881,67 +879,10 @@ ; Dynamic Extensions ; ;;;;;;;;;;;;;;;;;;;;;; -; If you wish to have an extension loaded automatically, use the following -; syntax: -; -; extension=modulename -; -; For example: -; -; extension=mysqli -; -; When the extension library to load is not located in the default extension -; directory, You may specify an absolute path to the library file: -; -; extension=/path/to/extension/mysqli.so -; -; Note : The syntax used in previous PHP versions ('extension=<ext>.so' and -; 'extension='php_<ext>.dll') is supported for legacy reasons and may be -; deprecated in a future PHP major version. So, when it is possible, please -; move to the new ('extension=<ext>) syntax. -; -; Notes for Windows environments : -; -; - Many DLL files are located in the extensions/ (PHP 4) or ext/ (PHP 5+) -; extension folders as well as the separate PECL DLL download (PHP 5+). -; Be sure to appropriately set the extension_dir directive. -; -;extension=bz2 -;extension=curl -;extension=fileinfo -;extension=gd2 -;extension=gettext -;extension=gmp -;extension=intl -;extension=imap -;extension=interbase -;extension=ldap -;extension=mbstring -;extension=exif ; Must be after mbstring as it depends on it -;extension=mysqli -;extension=oci8_12c ; Use with Oracle Database 12c Instant Client -;extension=odbc -;extension=openssl -;extension=pdo_firebird -;extension=pdo_mysql -;extension=pdo_oci -;extension=pdo_odbc -;extension=pdo_pgsql -;extension=pdo_sqlite -;extension=pgsql -;extension=shmop - -; The MIBS data available in the PHP distribution must be installed. -; See http://www.php.net/manual/en/snmp.installation.php -;extension=snmp - -;extension=soap -;extension=sockets -;extension=sodium -;extension=sqlite3 -;extension=tidy -;extension=xmlrpc -;extension=xsl +; In Mageia, we don't add the extensions in php.ini anymore, we put +; them in /etc/php.d/<number>_<name>.ini, for example 10_recode.ini. +; This is so that the RPMS can register themselves without having to +; modify the php.ini file. ;;;;;;;;;;;;;;;;;;; ; Module Settings ; @@ -1347,7 +1288,7 @@ ; where MODE is the octal representation of the mode. Note that this ; does not overwrite the process's umask. ; http://php.net/session.save-path -;session.save_path = "/tmp" +session.save_path = "/var/lib/php" ; Whether to use strict session mode. ; Strict session mode does not accept an uninitialized session ID, and @@ -1416,7 +1357,12 @@ ; Development Value: 1 ; Production Value: 1 ; http://php.net/session.gc-probability -session.gc_probability = 1 + +; This is disabled in the Mageia Linux packages, due to the strict permissions +; on /var/lib/php. Instead of setting this here, see the cronjob at +; /etc/cron.d/php, which uses the session.gc_maxlifetime settings from the +; /etc/php.d/*_session.ini file. +session.gc_probability = 0 ; Defines the probability that the 'garbage collection' process is started on every ; session initialization. The probability is calculated by using the following equation: @@ -1747,7 +1693,7 @@ ; Sets the directory name where SOAP extension will put cache files. ; http://php.net/soap.wsdl-cache-dir -soap.wsdl_cache_dir="/tmp" +soap.wsdl_cache_dir="/var/tmp" ; (time to live) Sets the number of second while cached file will be used ; instead of original one.