Open_basedir in default /usr/local/directadmin/data/users/*/php/php-fpm54.conf

Jan_E

Verified User
Joined
Apr 29, 2011
Messages
121
Location
Amsterdam, NL, EU
My CB 2.0 setup:
Code:
php1_release=5.3
php2_release=5.4
php1_mode=mod_php
php2_mode=php-fpm
The build was successful and I could change a domain to PHP-FPM by adding this to the Custom HTTPD setup:
Code:
<IfModule mod_fastcgi.c>
	<FilesMatch "\.(inc|php|php3|php4|php44|php5|php52|php53|phtml|phps)$">
		SetHandler php54-fcgi
	</FilesMatch>
</IfModule>
But then some of my PHP-libraries in /usr/local/lib/php/share did not work anymore. No big deal, I thought. Just create a symlink from /usr/local/php54/lib/php/share to /usr/local/lib/php/share. Still no dice.

Digging deeper I found that the default open_basedir in /usr/local/directadmin/data/users/admin/php/php-fpm54.conf was set to
Code:
php_admin_value[open_basedir] = /home/admin/:/tmp/:/var/tmp/:/usr/local/php53/lib/:/usr/local/php54/lib/
A strange path, because /usr/local/php53 does not even exist. I decided to add /usr/local/lib/php
Code:
php_admin_value[open_basedir] = /home/admin/:/tmp/:/var/tmp/:/usr/local/lib/php:/usr/local/php53/lib/:/usr/local/php54/lib/
We've got a liftoff! I did not test yet what happens if I rewrite_confs, but it would be best if CB 2.0 produces a correct (or even overcomplete) open_basedir.

Happy 2013!

Jan
 

Jan_E

Verified User
Joined
Apr 29, 2011
Messages
121
Location
Amsterdam, NL, EU
./build rewrite_confs destroys the changes to the php-fpm54.conf's. I wrote a small script to add /usr/local/lib/php once again to the openbasedir setup:
Code:
cd /usr/local/directadmin/data/users/
for i in $(find . -name 'php-fpm54.conf' -type f)
do
        perl -pi -e "s/tmp\/:\/usr\/local\/php53/tmp\/:\/usr\/local\/lib\/php:\/usr\/local\/php53/gi" "$i"
done
for i in $(find . -name 'php-fpm54.conf' -type f)
do
        ls -la "$i"
done
for i in $(find . -name 'php-fpm54.conf' -type f)
do
	grep "/usr/local/lib/php" "$i"
done
Edit: made the script more readable and added some minimal checks.

I also found out that at every save of a Custom HTTPD Config the php-fpm54.conf is rewritten with the faulty paths. So I had to add the beginning of my error-correction script as user_httpd_write_post.sh to Directadmin's scripts/custom:
Code:
cd /usr/local/directadmin/data/users/
for i in $(find . -name 'php-fpm54.conf' -type f)
do
        perl -pi -e "s/tmp\/:\/usr\/local\/php53/tmp\/:\/usr\/local\/lib\/php:\/usr\/local\/php53/gi" "$i"
done
 
Last edited:

Jan_E

Verified User
Joined
Apr 29, 2011
Messages
121
Location
Amsterdam, NL, EU
Even better is it to add /usr/local/lib/php/ to the second line of /usr/local/directadmin/data/templates/php-fpm.conf:
Code:
|?OPEN_BASEDIR_PATH=`HOME`/:/tmp/:/var/tmp/:/usr/local/lib/php/:/usr/local/php53/lib/:/usr/local/php54/lib/|
I have done that now and thrown away my user_httpd_write_post.sh.
 

DirectAdmin Support

Administrator
Staff member
Joined
Feb 27, 2003
Messages
9,051
Hello,

Thanks, I've added /usr/local/lib/php to the template to the php-fpm for the next release.

For now, use the standard way to customize it:
Code:
cd /usr/local/directadmin/data/templates/custom
cp ../php-fpm.conf .
nano php-fpm.conf
and edit the custom copy.

John
 
Top