Dotdeb

By Kubofonista on Jan 12, 2012 | Reply

Mhm, looks like WordPress crashing after this update (blank screen and HTTP 500)

By Matic on Jan 12, 2012 | Reply

I also have one application that is crashing since the upgrade to 5.3.9 and my friend reproduced it on another VM, but same software.

By Dave on Jan 12, 2012 | Reply

i have the same problem. php crash if i use:
strtotime(“2012-01-12 21:13:28 UTC”)

By Matic on Jan 12, 2012 | Reply

@Dave
Replicated on my crashing system.

Interactive shell
php > strtotime(’2012-01-12 21:13:28 UTC’);
Crashes with: Segmentation fault

By mptsnj on Jan 13, 2012 | Reply

I know this doesn’t help the people running this service but just stating here for the users:

I also have problems with this specific version and I didn’t yet find anything useful in the logs.. rolled back to 5.3.8-1~dotdeb.2 until I have some time to look into this

By Matic on Jan 13, 2012 | Reply

The update solved the problem. My application is working now.

@Guillaume Plessis, what was the cause of the segmentation fault? What can we learn from this?

On a related note, my suhosin.ini file still gets overwritten everytime I update PHP packages, could the file be added to the list of config files in php5-suhosin debian package so it asks before overwriting?

By mptsnj on Jan 13, 2012 | Reply

@Guillaume Plessis yep everything works as desired now … tanks for the ultra-fast response/update

By Scott on Jan 13, 2012 | Reply

Uhh I got a question about these packages and the mirrors.

At least for my mirror I host for dotdeb the lenny packages don’t seem to be there. All I see is 5.2.17-0.dotdeb.0 still. And yes I made sure the rsync ran.

By Scott on Jan 13, 2012 | Reply

Actually I think you did this by design.

I do have some clients that can’t use 5.3 yet and my accounting/billing software can’t use 5.3 just yet. So better to not put it in the main repo just yet.

By Jools on Jan 13, 2012 | Reply

any chance you could put 5.3.8 back online please. thought it would be on your repository but it doesn’t seem to be :/

By Scott on Jan 13, 2012 | Reply

Gui you want to add my php53 mirror on the site ?

By Scott on Jan 13, 2012 | Reply

Gui can you get on skype for a few minutes ?

By Laph on Jan 13, 2012 | Reply

Hint:
If you’re using php5-fpm and another File extension than .php, add “security.limit_extensions = no” to all your fpm pool (!) definitions, or files with extensions other than .php will no be parsed and you’ll see just a “Access Denied” as output.

I really dislike changes of this kind in a minor release – and the lack of documentation also!

*grrrr*

By jools on Jan 13, 2012 | Reply

I thought I had posted this but now i cant see it, so in case i didnt – apc.ini is being overwritten still with new updates. when making pecl packages locally, it doesnt happen, so I assume your perl helper needs an upgrade or something.

By Vasiliy Toporov on Jan 13, 2012 | Reply

Is it ok? I see 5.3.9-1~dotdeb.2 in phpinfo,but repo is for Squeeze (stable). Upgrade packs just right now. My system is Ubuntu 11.10 64-bit.

By Joe Siegrist on Jan 13, 2012 | Reply

It appears that php5-fpm has lost all warnings from 5.3.8 to 5.3.9 in the dotdeb build.

Verified that the warnings are not sent over the network on the fpm port. Example script that spits warnings in 5.3.8 and won’t in 5.3.9 (with E_ALL | E_STRICT ):

<?php
$a[a];

Thanks for maintaining this!

By Anthony Somerset on Jan 15, 2012 | Reply

Hi Guillaume

i’ve noticed this bug on quite a few upgrades of php now

whenever i update PHP and its plugins (like APC etc)

all my configs in my plugins ini files get reset back to default

eg i have custom APC settings and every update i have to manually backup and recopy the config settings back into place

the upgrader asks about the fpm and cli php.ini files what i want to do but not the plugins, any chance of rectifying this?

By jools on Jan 15, 2012 | Reply

Anthony: See a few posts above

By Kubofonista on Jan 16, 2012 | Reply

Seems like in 5.3.9 is conflict between APC and WordPress. WordPress randomly serves HTTP 500 until APC has been disabled

By radar on Jan 16, 2012 | Reply

@Anthony: the same problems with ini files (apc/memcached). Debian Squeeze 64bit.

By Anthony Somerset on Jan 16, 2012 | Reply

@jools, thanks i missed that, its not strictly isolated to apc, i think a few of the plugins have issues but because APC is the only one i really tweak its the only one i noticed

By Scott on Jan 16, 2012 | Reply

Same thing with suhosin.ini — so what I did was chattr +i all my ini files, that will stop the over writing.

By Kevin on Jan 17, 2012 | Reply

php5-curl and several others are having dependency issues:

php5-curl : Depends: php5-common (= 5.3.3-7+squeeze3) but 5.3.9-1~dotdeb.3 is going to be installed.
E: Broken Packages

On the other hand, installing libmysqlclient15-dev (required to build sphinx search engine is also broken).

Any hints on this one? I have to install everything prior to enabling the dotdeb repos, but that way I lose updates on one of the two repos..

By Pierre-Henry on Jan 17, 2012 | Reply

Bonjour Guillaume,

Pour ma part je reviens sur ce billet pour chercher pourquoi certains wordpress faisaient des pages blanches en code 200.

A priori tous les wordpress qui étaient configuré avec un php_admin_value[memory_limit]=32M ont aléatoirement des crash de mémoire non disponible. Bizarrement tout allait bien en 5.3.8 je me demande si la v9 aurait pas des soucis de consommation de mémoire.
J’ai tenté d’enlever APC mais sans succès.

Autre point plus important, au moins une variable des fichiers de conf n’est plus prise en compte. Sur mes configs fpm chaque vhost a ses propres fichiers de logs et je m’étonnais de rien voir dedans concernant une éventuelle erreur.

Je me suis rendu compte que depuis la mise à jour la valeur php_admin_value[error_log] dans le fichier de conf du vhost n’écrase plus la valeur déclarée dans le php5-fpm.conf.

Je ne vois pas à quoi cela est du, j’ai tenté de la déclarer en php_value sans succès.
Actuellement c’est l’entrée error_log = /var/log/php5-fpm.conf dans /etc/php5/fpm/php5-fpm.conf qui est pris en compte par tous les vhost.

Une idée?

By Scott on Jan 17, 2012 | Reply

@Kevin I’m not having that issue on any server. It sound like somethingdidn’t upgrade like it should have. Have you tried reinstalling the 5.3 packages again ?

By Rémi SAUVAT on Jan 18, 2012 | Reply

There is still a bug with your package.
This is related only to the /etc/init.d/php5-fpm file.

On reload command the script send a SIGHUP instead of SIGUSR2 as documented in php-fmp. The current behavior kills the master process. This has been corrected in latest releases of php-fpm for debian sid and unstable as stated here http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=645934

It would be nice to have it corrected in dotdeb packages too.

By Rémi SAUVAT on Jan 18, 2012 | Reply

@Guillaume Plessis : Thanks for the quick reply. I am waiting for the next update.

By Pierre-Henry on Jan 19, 2012 | Reply

Yes I have php5-suhosin 5.3.9-1~dotdeb.3 installed and enabled with default config :

; configuration for php suhosin module
extension=suhosin.so
suhosin.executor.include.whitelist=”phar”

By Scott on Jan 20, 2012 | Reply

Same here. Is Suhosin the problem again?

By Joe on Jan 22, 2012 | Reply

Hi,

Thanks for the update!
Just wondering: what is the preferred approach for handling php.ini changes when one has customisations in the existing php.ini?

Is it a case of using diff/merge? Or is there a better way?

Thanks!

By David Goodwin on Jan 23, 2012 | Reply

We’re seeing config files in /etc/ also being overwritten (e.g. /etc/php5/conf.d/xcache.ini ). It’s quite annoying.

By Scott on Jan 24, 2012 | Reply

You can’t even guess how pissed off I am about all the ini’s getting written over.

33 servers I have to fix because of this.

By Jools on Jan 24, 2012 | Reply

I still get crashes with php-fpm on this version. am using 5.4.8 for now. crashes occur regularl/yconstantly with small apc cache and with large apc cache, less often but enough to make it an issue.

couldnt see any major issues on php bugtracker though which is strange. Also I am not using php5-suhosin module.

Appreciate the efforts here though. I wonder if it might be a useful idea to have a dotdeb stable and testing or so, and push packages to testing first, and to stable later. might help upgrade woes. cheers

By Jools on Jan 24, 2012 | Reply

5.3.8 i meant of course.

By Scott on Jan 24, 2012 | Reply

+1 for a testing repo

By Scott on Jan 24, 2012 | Reply

A proposed-updates repo instead of a testing would be better.

By Jools on Jan 24, 2012 | Reply

guillaume – I totally understand your point. I have similar problems with “wants” on some of my projects.

I am of course happy to contribute a small amount financially, but might be more useful if I could contribute patches etc. Maybe some sort of github style repo?

we do understand and thanks.

Funnily enough before you were managing nginx, I was maintaining my own packages and there must be others, so perhaps some “pooling” of skills could help?

By Jools on Jan 24, 2012 | Reply

donation made. To add: I already have some changes I could commit to nginx packages if on a public repo, such as more types for the default mime types, and scripts to enable/disable sites like a2dissite etc (which I believe has been in older debian builds).

If it already is somewhere apologies, and ill go and submit some diffs.

By Scott on Jan 24, 2012 | Reply

I’ll make a nice size donation by Friday to you.

By JD on Jan 25, 2012 | Reply

By Guillaume Plessis on Jan 13, 2012 | Reply

@Joe Siegrist : partial syslog support has been implemented in FPM. It may have led to the warnings loss.

Can you please tell me what config setting controls this? I have lost all warnings like simple syntax errors in my lightttpd error.log
btw i kept the old config from 5.3.8

By Dr.Diesel on Jan 25, 2012 | Reply

Hello,

@Jools : http://archives.dotdeb.org/

php5-apc 5.3.8 package is missing

By Gator on Jan 27, 2012 | Reply

Thanks for the up to date packages! As mentioned, a public repository on Github would be the next great step.

By Free on Jan 27, 2012 | Reply

Hello guys.

Could you please disalbe posix in your builds?

# php -m | grep posix
posix
#
# php –version
PHP 5.3.8-1~dotdeb.2 with Suhosin-Patch (cli) (built: Aug 25 2011 13:30:46)
Copyright (c) 1997-2011 The PHP Group
Zend Engine v2.3.0, Copyright (c) 1998-2011 Zend Technologies
with the ionCube PHP Loader v4.0.7, Copyright (c) 2002-2011, by ionCube Ltd.
with Suhosin v0.9.32.1, Copyright (c) 2007-2010, by SektionEins GmbH

By Jools on Jan 27, 2012 | Reply

Free: Why ?

By Free on Jan 27, 2012 | Reply

http://php.net/manual/en/intro.posix.php

“Sensitive data can be retrieved with the POSIX functions, e.g. posix_getpwnam() and friends. None of the POSIX function perform any kind of access checking when safe mode is enabled. It’s therefore strongly advised to disable the POSIX extension at all (use –disable-posix in your configure line) if you’re operating in such an environment.”

By Jools on Jan 27, 2012 | Reply

@Free: surely you can just disable the functions you dont want with suhosin for example?

removing the posix functions would remove functionality from those who need them. debian for example also ships with them enabled.

By Stéphane Cottin on Jan 31, 2012 | Reply

Hi,

https://bugs.php.net/bug.php?id=55475 breaks a LOT of websites

plz apply the following workaround in php-pear package:

— /usr/share/php/PEAR.old.php 2012-01-31 21:15:00.000000000 +0000
+++ /usr/share/php/PEAR.php 2012-01-31 20:53:13.000000000 +0000
@@ -249,7 +249,7 @@
*/
function isError($data, $code = null)
{
- if (!is_a($data, ‘PEAR_Error’)) {
+ if (!is_object($data) || !is_a($data, ‘PEAR_Error’)) {
return false;
}

thx

By Scott on Feb 3, 2012 | Reply

@Stéphane That should be reported upstream to Debian instead of here so that the Debian team and can send out a update.

By Stéphane Cottin on Feb 5, 2012 | Reply

@Scott official debian php5 versions are 5.2 for lenny and 5.3.3 for squeeze , these version does not have this bug.

@Guillaume hope the next package update will include the upstream fix, thx.