Apache. Документация на русском
Директивы Apache
  1    2    3    4    5    6    7    8    9    10    11    12    13    14    15    16    17    18    19    20    21    22    23    24    25    26    27    28    29    30    31    32    33    34    35    36    37    38    39    40    41    42    43    44    45    46    47    48    49    50    51    52    53    54    55    56      57      58    59    60    61    62    63    64    65    66    67    68    69    70    71    72    73    74    75    76    77    78    79    80    81    82    83    84    85  
  86    87    88    89    90    91    92  
  93    94    95    96    97    98    99    100    101    102    103    104    105    106    107    108    109    110    111    112    113    114    115    116    117    118    119    120    121    122    123    124    125    126    127    128    129    130    131    132    133    134    135    136    137    138    139    140    141    142    143    144    145    146    147    148    149    150    151    152    153    154    155    156    157    158    159    160    161    162    163    164    165  
  166    167    168    169    170    171    172    173    174    175    176    177    178    179    180    181    182    183    184    185    186    187    188    189    190    191    192    193    194    195    196    197    198    199    200    201    202    203    204    205    206    207    208    209    210    211    212    213    214    215    216    217    218    219    220    221    222    223    224    225    226    227    228    229    230    231    232    233    234    235    236    237    238    239    240    241    242  
 <         > 
Список директив: Core  |  ModRewrite  |  Lua  |  Proxy  |  SSL
Директива Mutex
RU          EN  

Description:Configures mutex mechanism and lock file directory for all or specified mutexes
Syntax: Mutex mechanism [default|mutex-name] ... [OmitPID]
Default: Mutex default
Context:server config
Status:Core
Module:core
Compatibility:Available in Apache HTTP Server 2.3.4 and later

The Mutex directive sets the mechanism, and optionally the lock file location, that httpd and modules use to serialize access to resources. Specify default as the second argument to change the settings for all mutexes; specify a mutex name (see table below) as the second argument to override defaults only for that mutex.

The Mutex directive is typically used in the following exceptional situations:

  • change the mutex mechanism when the default mechanism selected by APR has a functional or performance problem
  • change the directory used by file-based mutexes when the default directory does not support locking

Supported modules

This directive only configures mutexes which have been registered with the core server using the ap_mutex_register() API. All modules bundled with httpd support the Mutex directive, but third-party modules may not. Consult the documentation of the third-party module, which must indicate the mutex name(s) which can be configured if this directive is supported.

The following mutex mechanisms are available:

  • default | yes

    This selects the default locking implementation, as determined by APR. The default locking implementation can be displayed by running httpd with the -V option.

  • none | no

    This effectively disables the mutex, and is only allowed for a mutex if the module indicates that it is a valid choice. Consult the module documentation for more information.

  • posixsem

    This is a mutex variant based on a Posix semaphore.

    Warning

    The semaphore ownership is not recovered if a thread in the process holding the mutex segfaults, resulting in a hang of the web server.

  • sysvsem

    This is a mutex variant based on a SystemV IPC semaphore.

    Warning

    It is possible to "leak" SysV semaphores if processes crash before the semaphore is removed.

    Security

    The semaphore API allows for a denial of service attack by any CGIs running under the same uid as the webserver (i.e., all CGIs, unless you use something like suexec or cgiwrapper ).

  • sem

    This selects the "best" available semaphore implementation, choosing between Posix and SystemV IPC semaphores, in that order.

  • pthread

    This is a mutex variant based on cross-process Posix thread mutexes.

    Warning

    On most systems, if a child process terminates abnormally while holding a mutex that uses this implementation, the server will deadlock and stop responding to requests. When this occurs, the server will require a manual restart to recover.

    Solaris and Linux are notable exceptions as they provide a mechanism which usually allows the mutex to be recovered after a child process terminates abnormally while holding a mutex.

    If your system is POSIX compliant or if it implements the pthread_mutexattr_setrobust_np() function, you may be able to use the pthread option safely.

  • fcntl:/path/to/mutex

    This is a mutex variant where a physical (lock-)file and the fcntl() function are used as the mutex.

    Warning

    When multiple mutexes based on this mechanism are used within multi-threaded, multi-process environments, deadlock errors (EDEADLK) can be reported for valid mutex operations if fcntl() is not thread-aware, such as on Solaris.

  • flock:/path/to/mutex

    This is similar to the fcntl:/path/to/mutex method with the exception that the flock() function is used to provide file locking.

  • file:/path/to/mutex

    This selects the "best" available file locking implementation, choosing between fcntl and flock , in that order.

Most mechanisms are only available on selected platforms, where the underlying platform and APR support it. Mechanisms which aren't available on all platforms are posixsem, sysvsem, sem, pthread, fcntl, flock, and file.

With the file-based mechanisms fcntl and flock, the path, if provided, is a directory where the lock file will be created. The default directory is httpd's run-time file directory relative to ServerRoot . Always use a local disk filesystem for /path/to/mutex and never a directory residing on a NFS- or AFS-filesystem. The basename of the file will be the mutex type, an optional instance string provided by the module, and unless the OmitPID keyword is specified, the process id of the httpd parent process will be appended to make the file name unique, avoiding conflicts when multiple httpd instances share a lock file directory. For example, if the mutex name is mpm-accept and the lock file directory is /var/httpd/locks , the lock file name for the httpd instance with parent process id 12345 would be /var/httpd/locks/mpm-accept.12345 .

Security

It is best to avoid putting mutex files in a world-writable directory such as /var/tmp because someone could create a denial of service attack and prevent the server from starting by creating a lockfile with the same name as the one the server will try to create.

The following table documents the names of mutexes used by httpd and bundled modules.

Mutex name Module(s) Protected resource
mpm-accept prefork and worker MPMs incoming connections, to avoid the thundering herd problem; for more information, refer to the performance tuning documentation
authdigest-client mod_auth_digest client list in shared memory
authdigest-opaque mod_auth_digest counter in shared memory
ldap-cache mod_ldap LDAP result cache
rewrite-map mod_rewrite communication with external mapping programs, to avoid intermixed I/O from multiple requests
ssl-cache mod_ssl SSL session cache
ssl-stapling mod_ssl OCSP stapling response cache
watchdog-callback mod_watchdog callback function of a particular client module

The OmitPID keyword suppresses the addition of the httpd parent process id from the lock file name.

In the following example, the mutex mechanism for the MPM accept mutex will be changed from the compiled-in default to fcntl , with the associated lock file created in directory /var/httpd/locks . The mutex mechanism for all other mutexes will be changed from the compiled-in default to sysvsem .

Mutex sysvsem default
Mutex fcntl:/var/httpd/locks mpm-accept
RU          EN