How to pre-load Gimp into webserver's memory?

Question

I have a cropping webpage that lets users upload images, adjust the aspect ratio, shrink/grow the crop area, and crop. The actual cropping is done by a php script which calls Gimp from the command line.

The system works perfectly. But just the loading of Gimp has been measured at ~8 seconds. I'd like to reduce this.

I know from experience that if I load Gimp in one terminal, it takes 8 seconds to load. If I then load another image into Gimp, the load time is drastically reduced. I'd like to apply this to the apache2's APACHE_RUN_USER, which is the username that the webserver runs under.

Is there anyway to get the apache2's APACHE_RUN_USER to load Gimp? I have a script that will load Gimp and just sit:

#!/bin/bash

gimp -i -b - >/dev/null 2&1
read -n 1 INPUT

But I have no idea of how to implement this or even if it's possible. Can someone please give me some insight?

You should consider using a PHP image manipulation library instead of calling external tools. GD has an [imagecrop](http://php.net/manual/en/function.imagecrop.php) function. — that other guy, Sep 26 '17 at 20:19
@thatotherguy Yeah, this whole website has been created without using any libraries. I'd really hate to start using them now. I only setup php for this because it was easier than using a cgi-bin. — Deanie, Sep 26 '17 at 20:22
In that case, if you're mostly doing cropping, how about using `convert` from ImageMagick or `pnmcut` from NetPBM? `convert -crop 320x240+200+100 input.jpg output.jpg` should be way faster than loading all of Gimp (~0.1s on my system) — that other guy, Sep 26 '17 at 21:18
@thatotherguy First, the webpage also adds a watermark to the image, it isn't just converting it. It puts a watermark in the lower right hand side, depending on whether the image corner is light (black watermark) or dark (white watermark). Second, if you've ever tried imageMagick to remove exif data from a file, you will see that they make a bigger file than what you start with. I just can't trust imageMagick, especially the way everyone keeps pushing it. Not to mention the security hole they had last year. Ty for your suggestions, though. — Deanie, Sep 26 '17 at 22:45
Imagemagick never had a security issue despite all the claims. People never used the existing Imagemagick policy.xml file to prevent the issues reported. — fmw42, Sep 27 '17 at 01:49

Cy Rossignol · Accepted Answer · 2017-09-27T03:07:59.960

Interesting question! Gimp includes a TCP Script-Fu server that we can run from the command-line:

gimp -i -b '(plug-in-script-fu-server 1 "127.0.0.1" 10008 "/path/to/log")'

This starts a headless server that listens on 127.0.0.1 at port 10008. It's the same server we can start through the UI under Filters → Script-Fu → Start Server.... You might try adding the -d option to skip loading patterns, gradients, palettes, and brushes, or the -f option to skip fonts (for faster start-up and lower memory usage). We can then send Script-Fu statements written in Scheme to that socket. Here's how with PHP:

$script = '(gimp-message "Hello Gimp!")';

$scriptLength = strlen($script);
$highByte = (int)($scriptLength / 256);
$lowByte = $scriptLength % 256;
$packet = pack('C3a*', ord('G'), $highByte, $lowByte, $script);
$socket = socket_create(AF_INET, SOCK_STREAM, SOL_TCP);                         

socket_connect($socket, '127.0.0.1', 10008) or die('connect error'); 
socket_write($socket, $packet, strlen($packet)) or die('write error'); 
socket_close($socket);

This implements the (really simple) protocol defined in that link up there. It needs much better error-handling for any serious use, but it's fine for a demo. If we invoke this script, we should see connection information in the server log file, and the console should display:

Start Server-Warning: Hello Gimp!

In the UI, this would open a dialog window with that message. Depending on your environment, Gimp or PHP may not have socket creation capabilities. You might try running both as root just to test it out.

As cool as this is, I do sympathize with other commenters: ImageMagick or GD may be better choices for a large application. I hear your concerns, but Gimp is not designed for web-scale deployments. It's foremost a desktop application and uses a lot of resources. If security is a concern, Gimp may expose attack surfaces that we don't normally see in web environments (including, perhaps, a server that executes arbitrary Scheme code!). You may also want to consider the cost of maintaining a homegrown client library used to interact with Gimp.

That said, if you can justify this project, I think it would be a lot of fun.

Notes:

As you may know, Gimp also includes a Python Script-Fu interpreter. We could extend that to create a more robust server in Python.
We could attribute part of the loading time improvement you experience when running a second instance of Gimp to the filesystem cache for recently-accessed files.
Gimp also utilizes X11's D-Bus to dramatically improve loading time when an instance is already running. These facilities may not be available in a bare server environment.

You should be aware of https://nvd.nist.gov/vuln/detail/CVE-2012-4245 when using the server component of GIMP. — Michael Schumacher, Sep 27 '17 at 05:42
Thanks, Michael. I wouldn't mind updating the docs at gimp.org to add a note about the security implications of running this server, but I'm not familiar with the process. Can you point me the right way? — Cy Rossignol, Sep 27 '17 at 08:06

How to pre-load Gimp into webserver's memory?

1 Answers1