Writing outside /httpdocs

[fastdrive]

Hello,

is it possible to read/modify a password file outside the /httpdocs folder?
I use php command fopen(), but it constantly gives me a read error. I assume a permission error.

Password file is in the /var/www/vhosts/< domain> /pss/ folder.
I tried to chown to apache:apache but no success

Any ideas?I want to write a small php-admin program to addusers to this password file and it shouldn't be under the /httpdocs folder.

Thx
Andreas

 

[kturby]

If you're using php, you'd probably need to add that directory to the openbasedir path to be able to modify it. If you look in your domain's error_log, you'll probably see a related error.

If this is the problem, you can set it on a per domain basis using the vhost.conf file in the conf directory. It requires you have root access. For example, for a domain called mydomain.com:

1) Create a file /var/www/vhosts/mydomain.com/conf/vhost.conf

2) Add the following 3 lines:

<Directory /var/www/vhosts/mydomain.com/httpdocs>
php_admin_value open_basedir "/var/www/vhosts/mydomain.com/pss"
</Directory>

3) Save and exit.

4) Update with websrvmng. For example:

/usr/local/psa/admin/sbin/websrvmng -a -v

5) Then, restart the httpd service. For example:

service httpd restart

If you have any problem or error -- check the file for syntax issues. You can undo it simply by deleting the vhost.conf file and repeating steps 4 and 5.

If you want, you can check the "sanity" of your configuration BEFORE you make any changes by doing steps 4 and 5 before you start.

Hope that helps!

 

[fastdrive]

Bingo! The error log shows:

fopen(): open_basedir restriction in effect. File(/var/www/vhosts/...

Why you are a 'junior' member? You should be promoted senior, man

I will do as you suggested.

 

[kturby]

I've only been using Plesk for the past 30 days.

However, I've been using systems for the past 30 years. It makes a difference, at times.

 

[fastdrive]

Ok, phpdoesn't work at all now. The err log says something about a missing include:

PHP Warning: (null)(): Failed opening '/var/www/vhosts/<mydomain>/httpdocs/back.php' for inclusion (include_path='.:') in Unknown on line 0, referer: www/xy.php?[/url][/url]

What include path is missing?

 

[kturby]

As I mentioned, simply remove the conf file and rerun the websrvmng command and then restart httpd to undo.

As far as your problem, I don't know for sure. As you can see, the only thing the above alters is your domain's open base dir.

So, the logical thing would be to look at what your open base dir settings are prior to that -- and see the difference afterwards. Perhaps you need to include more in your domain specific path definition for open base dir?

You should be able to poke around with things like phpinfo() and look in /etc/php.ini, and perhaps /etc/httpd/conf.d for clues on what your default ("before") settings are. In may simply be a matter of putting additional paths in that open base dir directive.

 

[fastdrive]

Damn, it needed the entry from a file named
httpd.include

/var/www/vhosts/<domain>/httpdocs:/tmp

/tmp is probably some mystery path Plesk needs...

I didn't know that with colons you can simply add entries.

Everything is working now

 

[kturby]

Yes, when you said none of the php was working, it was apparent you needed more (at least the paths that were there prior).

...and yes -- you can have multiple paths. I should have provided that to you in the example, because you'd almost always at least have your httpdocs path included.

Glad you got it sorted out. The main thing is always try to have a fallback (undo) -- and don't panic. The worst stuff I've ever done to my systems is while in a panic.

 

[tomcat8118]

fastdrive, can you please post your complete solution showing all the command lines you used? thank you

 

[breun]

Answer's in the KB: http://kb.swsoft.com/article_41_432_en.html

 

[seimen]

thanks for your explanation. sadly still it doesn't work on my plesk/fedora/php5 installation

my php-files are trying to load a library, which is located in a sub-directory and contains other directories with files to be loaded.
e.g.
I got files in the '/tick' directory inside an httpdocs directory.
those files load (require_once) other files in the 'tick/tack' directory.

how can i enter various open_basedir? is this necessary?

I tried:
<Directory /var/www/vhosts/mydomain.ch/httpdocs>
php_admin_value open_basedir "/var/www/vhosts/mydomain.ch/httpdocs:/tmp:/tick:/tick/tack"
</Directory>
and:
<Directory /var/www/vhosts/mydomain.ch/httpdocs>
php_admin_value open_basedir "/var/www/vhosts/mydomain.ch/httpdocs:/tmp:/tick/tack"
</Directory>
and:
<Directory /var/www/vhosts/mydomain.ch/httpdocs>
php_admin_value open_basedir "/var/www/vhosts/mydomain.ch/httpdocs:/tmp:/tick"
</Directory>
being the first directory a file is loaded from..
nothing works.

thanks for your help!

 

[seimen]

ok, my directories are inside my httpdocs, but still:

<Directory /var/www/vhosts/mydomain.ch/httpdocs>
php_admin_value open_basedir "/var/www/vhosts/mydomain.ch/httpdocs:/tmp:/var/www/vhosts/mydomain.ch/httpdocs/test:/var/www/vhosts/mydomain.ch/httpdocs/test/tick:/var/www/vhosts/mydomain.ch/httpdocs/test/tick/tack:/var/www/vhosts/mydomain.ch/httpdocs/test/tick/tack/toe"
</Directory>

does not work. what am I doing wrong?

 

[fastdrive]

You add multiple open_basedir's using the colon. My entry is:

php_admin_value open_basedir "/var/www/vhosts/<domain>/httpdocs:/tmp:/var/www/vhosts/typo3_src-4.0"

As you see, the dir path is not limited below a domain. In this example, one can have just one installation of Typo3 and use it on different domains.

To sort out your problem, I recommend going back to the original version of the .conf file. Then add your paths one after the other, seperated with colons.