zEitEr
Super Moderator
mod_ruid2 does not deny "browsing" the server from its root "/" directory
[HOWTO] mod_ruid2
- Thread starter daveyw
- Start date
NoBaloney2
NoBaloney Internet Svcs.
If it's running php as user, then I suppose yes, it could read files readable to any user. So I'm thinking we should still leave it on for users unless they need it off for some reason.
However, didn't I read somewhere that it's deprecated? If so, then what's being suggested to replace it?
Jeff
However, didn't I read somewhere that it's deprecated? If so, then what's being suggested to replace it?
Jeff
Arieh
Verified User
open_basedir isn't deprecated and isn't going to be either (can't find any clue that it does). Safe mode however is deprecated as of 5.3: http://php.net/manual/en/features.safe-mode
zEitEr
Super Moderator
Yes, I confirm that, open_basedir isn't deprecated
http://www.php.net/manual/en/migration53.ini.php
http://php.net/manual/en/ini.core.php
http://www.php.net/manual/en/migration53.ini.php
http://php.net/manual/en/ini.core.php
NoBaloney2
NoBaloney Internet Svcs.
Thanks. I was simply confused.; I was thinking of safe mode.
Then are the best default settings for new sites in DirectAdmin open_basedir on and safe_mode off?
Jeff
Then are the best default settings for new sites in DirectAdmin open_basedir on and safe_mode off?
Jeff
when should CB 2.0 and/or DA 1.40.2 should be expected...?
asekeris
Verified User
I think i have a problem with mod_ruid2.
Installation and conversion of the existing users all a success with thanks to all responses in this thread.
Now my problem:
When i upload files/folders with proftp all new folders get 755 instead of 711.
I am not sure of this is related to my real problem but something i noticed after several ties.
Before installing of mod_ruid2 of for example prestahop with setting all the needed folders 777 during install then after the install magically my local language (dutch) was added to the shop.
After the installation of mod_ruid2 and a fresh install of prestashop my dutch language does not get installed automatic and it is also not possible to add it afterwards.
No errors in the browser or the logs.
Could this be the 755 permissions on the folders?
Sorry forgot it is on Centos 5.7-64 with everything up to date.
Installation and conversion of the existing users all a success with thanks to all responses in this thread.
Now my problem:
When i upload files/folders with proftp all new folders get 755 instead of 711.
I am not sure of this is related to my real problem but something i noticed after several ties.
Before installing of mod_ruid2 of for example prestahop with setting all the needed folders 777 during install then after the install magically my local language (dutch) was added to the shop.
After the installation of mod_ruid2 and a fresh install of prestashop my dutch language does not get installed automatic and it is also not possible to add it afterwards.
No errors in the browser or the logs.
Could this be the 755 permissions on the folders?
Sorry forgot it is on Centos 5.7-64 with everything up to date.
Last edited:
We are using the configuration on our hosting servers without any problems. All users are able to install CMS systems etc. No need for chmod 777 since you are using mod_ruid2.
Permission on folders must be 755 and files 644.
Permission on folders must be 755 and files 644.
asekeris
Verified User
Installation is in both situations succeeded and with mod_ruid2 there was no need to set any folders to 777.
Sofar i agree.
Only normally all user folders are 711 after the installation of mod_ruid2 according to the first post except that every new uploaded folders gets 755
Tried a new install of prestashop with all folders set to 711 after upload and problem remains.
Prestashop is not able to add translations without any visible errors.
Sofar i agree.
Only normally all user folders are 711 after the installation of mod_ruid2 according to the first post except that every new uploaded folders gets 755
Tried a new install of prestashop with all folders set to 711 after upload and problem remains.
Prestashop is not able to add translations without any visible errors.
Last edited:
asekeris
Verified User
Just noticed it breaks mrtg.
Images no longer displayed.
Images no longer displayed.
Possible the files have wrong permissions. Only the 2 lines you pasted we can't help you. Check log files etc.
asekeris
Verified User
I was first trying to solve the problem and just mentioned the problem.
For mrtg to work again the ownership of the mrtg folder has to be set back to root:
Graphs get updated again and also the png's are build only the page does not show correct and the log says:
All files in /mrtg are 644 root:root
Folders are 755 root:root
For mrtg to work again the ownership of the mrtg folder has to be set back to root:
Code:
chown -R root:root /var/www/html/mrtgGraphs get updated again and also the png's are build only the page does not show correct and the log says:
Code:
[Fri Feb 24 15:03:35 2012] [error] [client xx.xx.xx.xx] (13)Permission denied: file permissions deny server access: /var/www/html/mrtg/memory-day.png, referer: http://xx.xxxx.xx/mrtg/All files in /mrtg are 644 root:root
Folders are 755 root:root
Last edited:
Arieh
Verified User
I got my mrtg dir webapps:webapps just as the other things in /var/www/html like phpmyadmin. The dir shouldn't need root as owner/group for mrtg to work; if it would run as root it can access it anyway and if its another user it doesn't make sense.
Indeed, no files in the /var/www/html/ should be root:root but webapps:webapps, same as the HowTo.
asekeris
Verified User
Still running around in circles and not making any progress.
Set the mrtg folder and its files back to webapps:webapps and the html files of mrtg can be displayed now.
As long as mrtg does not touch the generated png's everything works but after the generating of new files by mrtg these files go back to root:root and can not be displayed.
This is the log entry for the failed file:
For me it looks like mod_ruid2 does not allow the access to files owned by root although the permission is 644.
I think something is wrong in my setup and this problem emerged after the installation of mod_ruid2 and this mrtg hickup is related to my other prestahop problem
Set the mrtg folder and its files back to webapps:webapps and the html files of mrtg can be displayed now.
As long as mrtg does not touch the generated png's everything works but after the generating of new files by mrtg these files go back to root:root and can not be displayed.
This is the log entry for the failed file:
Code:
[Fri Feb 24 20:05:47 2012] [error] [client XX.xx.xx.xx] (13)Permission denied: file permissions deny server access: /var/www/html/mrtg/network-day.png, referer: http://xx.xx.xx/mrtg/network.htmlI think something is wrong in my setup and this problem emerged after the installation of mod_ruid2 and this mrtg hickup is related to my other prestahop problem
asekeris
Verified User
Code:
-rw-r--r-- 1 root root 2,4K feb 24 22:20 /var/www/html/mrtg/network-day.pngI hope you can give me a clue where to look.
Tested with a simple index.html and a .jpg and the moment the .jpg is owned by root perm. 644 the problem occurs.
Try this below, can you then open the image in your browser?
Code:
chown webapps:webapps /var/www/html/mrtg/network-day.pngasekeris
Verified User
The moment i set the ownership to something else then root i can display the image so webapps works and for example apache to.
As far as i know mrtg does not have an option for the ownership of the generated files.
As far as i know mrtg does not have an option for the ownership of the generated files.