php-fpm with mod_proxy_fastcgi configuration side effects

[Atrix Computing]

I have problems with php-fpm and mod_proxy_fcgi.  There's several methods to configure a virtual host but each has it's own problems and I'll go over them below.  Basically I just want a fully functional install and configuration.

Using this method within a VirtualHost:

<Directory /home/dir/public_html/www.site.com>

   AllowOverride All

   Options FollowSymLinks

   Require all granted

</Directory>

ProxyPassMatch ^/(.*\.php(/.*)?)$ fcgi://127.0.0.1:9001/home/dir/public_html/www.site.com/$1

Wipes all environment variables which breaks the boost drupal 7 module and any other system that uses environment variables in mod_rewrite.  It also breaks DirectoryIndex for index.html meaning if you got to www.site.com/html and there is an index.html file and no index.php file you get a file not found error.  This seems the same if I use <Location> directives and just ProxyPass.

Example of setting environment variables in htaccess which are wiped:

SetEnv tvar "my value"

RewriteEngine on

RewriteRule .* - [E=boostpath:normal]

So looking through documentation, it is said that mod_rewrite with the P flag for proxy is more robust a solution.  After lots of experimentation and scouring the internet I came up with the following:

<Directory /home/dir/public_html/www.site.com>

   AllowOverride All

   Options FollowSymLinks

   Require all granted

   RewriteEngine On

   RewriteCond %{REQUEST_FILENAME} ^/((.*\.php)(/.*)?)$

   RewriteCond %2 -f

   RewriteRule ^/home/dir/public_html/www.site.com/(.*) fcgi://127.0.0.1:9001/home/dir/public_html/www.site.com/$1 [L,P]

   RewriteOptions Inherit

</Directory>

This resolved the DirectoryIndex issue as well as preserves the environment.  However I now have another issue where php-fpm is running as secureuser:securegroup but php itself is writing as daemon:daemon (which is what apache is running as on my system).  This makes for some very bizarre and inconsistent directory and file ownerships and seems to not completely work all the time.  I need to be able to control the user and group that php is ran as.  Here is my pool config file, the user and group seem to be largely ignored:

[www.site.com]

user=secureuser

group=securegroup

listen=127.0.0.1:9001

pm = dynamic

pm.max_children = 5

pm.start_servers = 2

pm.min_spare_servers = 1

pm.max_spare_servers = 3

pm.max_requests = 200

listen.backlog = -1

catch_workers_output = yes

mainly the user and group are ignored.  Though is I run ps -aux | grep php I do see that php-fpm is running as the right user and group.  So why does php write as daemon:daemon? 

Whichever method I use, mod_rewrite, proxy: directive which for me so far has been not working or the ProxyPass/ProxyPassMatch directive, I need a consistent reliable configuration without any bugs.  I tried server fault but no one answered my posts.  Hoping if I go to the source you guys can help me out.  Apache is 2.4 with mpm_event.