mod_php revisited

Howdy all,

So, removing mod_php from the default install won the twitter vote and lost the vote; more people voted to remove it than voted to keep it. But, the folks who want to keep it enabled by default were really quite vocal about it. So, I hate to say it, but I think we have to keep enabling mod_php in a default full install for a while longer.

That said, I realized we have a good way to compromise. In Virtualmin 6, we have the --minimal installation target. This one shrinks the default installation, both in terms of disk space (by a little) and memory usage (by a lot) by skipping installation of the ClamAV daemon and the SpamAssassin daemon (clients are still installed, so users with Cloudmin Connect can scan mail remotely). I believe that would be an ideal place to disable mod_php by default!

One of the reasons I want to kill mod_php is that it blows up the size of Apache in memory by a huge amount (it nearly doubles the size of every process). And, the --minimal installation mode is intended for memory-restricted environments. It’s a match made in heaven, I think.

So, the next version of the yum groups and metapackages will exclude mod_php from the default installation, making it work on somewhat smaller systems, and providing us a good test pool for the eventual (I hope) removal of mod_php from all default installations in the future.

I’m posting here to once again get some feedback. Is there any reason even the --minimal installation should have mod_php enabled by default, given that it requires more memory, is slower, and is less secure than either of the other preferred execution modes (fcgid or php-fpm)?