Need help ASAP with open_base_dir

[NotSoHappy]

I have been getting a ton of open base directory restriction errors since installing. How do I override this for all current and future domains setup through plesk? I am with rackspace and they refuse to help because they say the normal way of fixing this using apache is not working.

Please help. I have TONS of broken sites.

 

[NotSoHappy]

Come on guys.... how do I get support here?!?!?!

 

[sieb@]

http://forum.plesk.com/showthread.php?threadid=15580

 

[jamesyeeoc]

Originally posted by NotSoHappy
Come on guys.... how do I get support here?!?!?!

1) Try the forum search to see if an answer to your problem has already been asked and answered.

2) Give enough details about your problem for others to be able to give decent answers.

3) Have patience

4) If you are waiting for Plesk staff to give answers, you should open a support ticket with them. Their policy is that Plesk staff does not monitor these forums. These forums are a 'self-help' resource for Plesk users.

There are many people here (including myself) who spend countless hours helping others. It is difficult to help when the posted problem is generic or vague with no specific details.

Your current problem "ton of open base directory restriction errors" can be resolved, normally by editing/adding appropriate open_basedir statements in either the global php.ini file, or in domain specific vhost.conf or vhost_ssl.conf files.

The specific statements will depend on the exact directory access requirements of each software package on your site.

 

[NotSoHappy]

You see the problem is I dont want to have to do this on a per domain basis. That was Rackspace's solution. I want it disabled for ALL DOMAINS that are already setup, and all that are setup in the future. Whats the point of an automated control panel if I have to manually create a file for each one.

PLEASE HELP

 

[jamesyeeoc]

Ok, did you miss the part of my post about editing the global php.ini file?

Your current problem "ton of open base directory restriction errors" can be resolved, normally by editing/adding appropriate open_basedir statements in either the global php.ini file, or in domain specific vhost.conf or vhost_ssl.conf files.

If you edit the global file, then it will affect ALL domains on the server, present and future, at least until you change the php.ini file again.

Oh, and remember to restart Apache.

Without knowing the *exact* errors occuring, no one can give you the *exact* open_basedir setting. Although you say you want it disabled for all domains, so you would want:

open_basedir none

 

[NotSoHappy]

php.ini has no affect whatsoever on my setup. That's what rackspace told me to do too, and when they noticed it didnt work they blamed plesk because of the way the server was configured. Thats why I am lost here.

 

[jamesyeeoc]

The only time I have ever seen php.ini not affect domains on a Plesk server was when either:

1) there was an error in the file (syntax, misspelling, etc)

2) php.ini was edited using Windows and now contains ^M (or CR carraige return) characters in the file. This can be resolved by running dos2unix /etc/php.ini and restarting apache. Or are you using nano, pico, vi, emacs??

Sidenote: Re: PLEASE HELP, yup, that's what we're trying to do

Please post the section of your php.ini file which has your open_basedir statement.

 

[NotSoHappy]

Here is the exact part of my /etc/php.ini:

; Descrip here
; Descrip here
; Descrip here

open_basedir = none

 

[jamesyeeoc]

And you are *sure* you need it to be 'none' to get rid of your errors (you still have not posted any specific errors from logs).

And you have not said if you ever used a Windows editor (even notepad) to edit the php.ini file or not.

 

[NotSoHappy]

Im using nano directly from ssh comand line to edit it.

Here is one of my clients sites. Big error right at the top:

http://www.giftbasketdepot.com/

 

[jamesyeeoc]

Ok, then 'none' is not what you are looking to do. 'None' would imply no access to any directories.

The error you are getting is telling us that you need to ADD the following:

/home/httpd/vhosts/giftbasketdepot.com/httpdocs/install

to the existing open_basedir statement, which is:

/home/httpd/vhosts/giftbasketdepot.com/httpdocs:/tmp

So try putting (in /etc/php.ini):

open_basedir /home/httpd/vhosts/giftbasketdepot.com/httpdocs:/home/httpd/vhosts/giftbasketdepot.com/httpdocs/install:/tmp

all on one line, no line breaks (be careful with nano, i have seen it write line breaks where you didn't put one; also seen vi do it).

Order of priority precedence for php directives:

Domain vhost.conf or vhost_ssl.conf
Domain httpd.include
Apache httpd.include
Apache httpd.conf
/etc/php.ini

This means that if you have open_basedir in the php.ini file, and also in the domain httpd.include, the one in the httpd.include will take priority and the one in the php.ini will be ignored.

If you have open_basedir set in the vhost.conf file, and in the domain httpd.include, and in the php.ini (all 3 different), then the one in the vhost.conf file will be the 'effective' one, the other 2 will be ignored.

 

[NotSoHappy]

Ok but then there we go again having to put in entries for every domain. I want NO errors of any typen regading open base directory restrictions for any domains. I have about 4 domains with this problem right now using all types of different software. I came from a host who ran plesk and didnt have this problem. I moved the exact domains to my server and every one of them broke.

I really do appreciate all the help. I am just frustrated that there is no switch for this in the software someplace. I have had 4 clients screaming at me for weeks now.

 

[jamesyeeoc]

Then if you want to forego any type of security at all, you can do something like:

open_basedir /home/httpd/vhosts:/tmp

which will allow anything under the /home/httpd/vhosts directory and /tmp to be accessed with no restrictions.

Or if you really want to leave security behind and allow any script full access to your entire server (and possibly wreak havoc):

open_basedir /:/tmp

I do not recommend this for security reasons, but your previous host may have done something similar to allow you the freedom you seek.

 

[NotSoHappy]

I did the top entry you posted and it didnt do anything

http://www.giftbasketdepot.com/

What is the best way to get support? I am running off a temp key to test things out. I dont want to buy until I know this can be resolved.

 

[jamesyeeoc]

And you restarted Apache (httpd service) right? Either from the control panel (Server - Service Managment) or from the SSH shell prompt (service httpd restart)

Also see my post above regarding priority and precedence of files. If any of the other files also have an open_basedir statement, then the one in the php.ini will be ignored in favor of the other one.

I don't believe Plesk gives support for the free/trial version. This issue is also not a Plesk issue, it has to do with Apache and PHP. You could try emailing them ([email protected]). If you were a paid owner, you could login to their client support and open a service ticket (better than email option).

These support forums are for Plesk users/admins to assist each other, they are not monitored by Plesk staff.

 

[NotSoHappy]

Yep I restarted it, and php.ini is the only thing ive changed.

I guess Ill have to get in touch with them. My server admin swears its a plesk problem and wont support me. I wish I could tell them its a php / apache prob.

 

[jamesyeeoc]

Did you check the other files I listed to see if there are any other open_basedir statements which are overriding the php.ini?

You may not have modified them, but if they exist, they may have some default open_basedir statement which you would need to remove/modify.

In any case, the best way to do this, would require you to create specific vhost.conf files for each domain, customized for exactly what each domain needs. But the choice is yours as the admin of your server. Good luck.

 

[NotSoHappy]

Where is apaches main httpd.conf and httpd.include file found?

 

[jamesyeeoc]

/etc/httpd/conf/httpd.conf
/etc/httpd/conf/httpd.include

/home/httpd/vhosts/domain.com/conf/
(for the others)