--On Saturday, February 13, 2021 9:59 PM -0500 H agents@meddatainc.com wrote:
But my question is also a more general one: short of ridding the system of the old, default php 5 binary, how should I configure a user without a shell such as apache to default to the newer php binary? As mentioned previously, apache itself runs the new php just fine (except for the imap issue above which could also be some other bug...).
CentOS 7 runs apache from systemd. Apache finds programs using the path. So you need to customize the systemd unit file for Apache to run it from within a script that first prefixes the path with the location of your custom PHP binary. Software Collections provides a script for this.
See the systemd documentation for how to customize a unit file. You probably just need a "drop-in" in /etc/systemd/system that replaces the ExecStart value in httpd.service.
Another approach is to run php-fpm for your custom PHP (package rh-php72-php-fpm) and have Apache connect to this via the SetHandler directive. Use SetHandler instead of ProxyPass because the latter doesn't play well with FilesMatch.
# send PHP requests to PHP 7.2 via php-fpm service <FilesMatch .php$> SetHandler "proxy:fcgi://127.0.0.1:9000" </FilesMatch>
This will sandbox PHP into its own process.