[BlueOnyx:10381] Re: open_basedir restriction in effect.

SB9-PageKeeper Service ml at sb9.com
Fri Apr 27 23:45:25 -05 2012 

Yo!
Down and dirty php...
I had to move a bluequartz 5100 to BO without the help of cmu because the 
drive failing
sectors took out codb and friends and i had no vsites or groups for the 
cmu..
Hosed the GUI bad! everything else worked...

here are my seat-of-the-pants notes i made to make
things run for now, they are crude but give fast sure unsecure results.

I posted this cron a few days ago but I was wrong by using DD cron's path...
I spent a ton of time trying to make any older php stuff run on my 5106r...

I use curl -s over the web for the cron.. its anything but secure but it 
does work.
this example the cron adds good & bad ip's to the firewall and the hosts 
files...

*/5 * * * * curl -s http://web.url tohack/mydir/index.php >> /dev/null 2>&1; 
/root/mydir/bad.hosts.cron.sh >> /dev/null 2>&1

The very very unsecure way to fix the open base restriction since the update 
i've been using is..
(the update didn't phase us at all last week not 1 php error)
clear the field in the GUI and add a forward slash '/' saving and you get 
something like the below: look very caefully to the first '/:'
that means none nada zip... var whatever!
I hate to say this but its the only way i could get old clients junk to 
work...
I had to get results like A>S>A>P to avoid any phone calls... WARN!! it 
don't get much looser than this...

(php tip:) to delete or make documents the DIRECTORY must be chmod to 777 
and special scripts to 755, files you write 666.


GUI SITE PHP
 Register Globals: On

 Safe Mode: Off

 Safe Mode GID: Off

 Safe Mode include directory: /usr/sausalito/configs/php/

 Safe Mode exec directory: .

 Safe Mode allowed evelope variables: 
PHP_,_HTTP_HOST,_SCRIPT_NAME,_SCRIPT_FILENAME,_DOCUMENT_ROOT,_REMOTE_ADDR,_SOWNER

 Safe Mode protected envelope variables: LD_LIBRARY_PATH

 Open basedir: 
/:/tmp/:/var/lib/php/session/:/usr/sausalito/configs/php/:/home/.sites/64/site14/

 Allow URL fopen: On

 Allow URL include: On

 Upload max filesize: 2M

 Post max size: 8M

 Max execution time: 30

 Max input time: 60

 Memory limit: 16M

I no longer have to put anything in the .siteNN.include anymore (thank you 
micheal. i know its unsecure and very bad practice)

Hope this helps someone. be careful and use at own risk..
David Hahn

----- Original Message ----- 
Sent: Friday, April 27, 2012 4:08 PM
Subject: [BlueOnyx:10378] Re: open_basedir restriction in effect.


> Hi all. My apologies for bugging you on a weekend :(
>
> I still seem to be getting no further. To recap:
>
> I want to run a PHP script via crontab. The entry in /etc/crontab
> is:
> 12,42  * * * * root php /home/.sites/70/site4/update_products.php
>
> update_products.php contains:
>
> $fn="/home/.sites/70/site4/product_list.csv";
> if(file_exists($fn)) { ... }
>
> The file is uploaded via FTP from an AS400 somewhere. If found, it should 
> be
> parsed, then deleted.
>
> Whenever I try to run this through the shell, with "php
> /home/.site/70/site7/update_products.php" I get an error:
>
> PHP Warning:  file_exists(): open_basedir restriction in effect.
> File(/home/.sites/70/site4/product_list.csv) is not within the
> allowed path(s): (/tmp/:/var/lib/php/session/:/usr/sausalito/
> configs/php/) in /home/.sites/70/site4/update_products.php
> on line 10
>
> I am logged in as admin and use su to become root.  I get this error even 
> if
> I copy the file to /web/. However I *can* run the file by browsing to
> http://<domain>/update_products.php
>
> All files and the /site4/ folder are owned by a username of the site. The
> only thing out of the ordinary is that the host name is 'upload', not www.
>
> This is on 5108R, fresh install, no other packages added. It also used to
> work on the server that was reimaged recently, a 2009 install that was
> otherwise up to date.
>
> Any ideas?
>
>
> Dick
>
> -----Original Message-----
> From: blueonyx-bounces at mail.blueonyx.it
> [mailto:blueonyx-bounces at mail.blueonyx.it] On Behalf Of Michael Stauber
> Sent: 27 April 2012 19:16
> To: BlueOnyx General Mailing List
> Subject: [BlueOnyx:10372] Re: open_basedir restriction in effect.
>
> Hi DD,
>
>> It looks like /tmp/:/var/lib/php/session/:/usr/sausalito/configs/php/ is
>> being appended to the lists of approved paths no matter what.
>
> Yes, that is correct. Because the above are "must have" items. They (and 
> the
>
> path to the Vsite in question) will always be filled in automatically.
>
> To that add a ':/'. That's a semicolon and a slash. That will add '/' to
> your
> path as well and grants access to anything everywhere. PROVIDED that the
> file
> that the script wants to access is in a readable directory and that the
> script
> has sufficient permissions to access said file. So please also check the
> ownership and permissions of your product_list.csv and the directory that 
> it
>
> resides in.
>
> -- 
> With best regards
>
> Michael Stauber
> _______________________________________________
> Blueonyx mailing list
> Blueonyx at mail.blueonyx.it
> http://mail.blueonyx.it/mailman/listinfo/blueonyx
>
> _______________________________________________
> Blueonyx mailing list
> Blueonyx at mail.blueonyx.it
> http://mail.blueonyx.it/mailman/listinfo/blueonyx

More information about the Blueonyx mailing list