HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   HOWTO-Related Questions (http://www.howtoforge.com/forums/forumdisplay.php?f=2)
-   -   VHosts + basedir + PHP4 and PHP5 at same time (http://www.howtoforge.com/forums/showthread.php?t=9016)

Sid 11th December 2006 16:08

VHosts + basedir + PHP4 and PHP5 at same time
 
Hi everybody,

i have php5 running as apache mod and php4 as cgi.
in my apache config i set an open_basedir for each vhost.
is it possible to set individual basdirs for php4-cgi too?

I want to forbid users to acccess files of other users. all user dirs have the same uid and guid (FTP setup is pureftpd with virtual hosting)

falko 12th December 2006 15:19

Can you post your vhost configuration here?

Sid 12th December 2006 23:04

In httpd.conf:
Code:

ScriptAlias /php4-cgi "/usr/lib/cgi-bin/php4"

AddHandler php-script .php4
Action php-script /php4-cgi

for .php4 files to be parsed with php4-cgi

a sample of a vhost config:
Code:

<VirtualHost *:80>
        ServerAdmin some@email.org
        ServerAlias domain www.domain
        ServerName domain

        DocumentRoot /home/www/domain/htdocs/
                                                                               
        <Directory />
                Options FollowSymLinks
                AllowOverride None
        </Directory>
        <Directory /home/www/domain/htdocs/>
                Options -Indexes FollowSymLinks MultiViews
                AllowOverride None
                Order allow,deny
                allow from all
                php_admin_value open_basedir /home/www/domain
        </Directory>

<Directory "/usr/lib/cgi-bin/php4">
php_admin_value open_basedir /home/www/domain
</Directory>

        ScriptAlias /cgi-bin/ /home/www/domain/cgi-bin/
        <Directory "/home/www/domain/cgi-bin">
                AllowOverride None
                Options ExecCGI -MultiViews +SymLinksIfOwnerMatch
                Order allow,deny
                Allow from all
        </Directory>

        ErrorLog /home/www/domain/log/error.log
        LogLevel warn
        CustomLog /home/www/domain/log/access.log combined
        ServerSignature On
</VirtualHost>

The part <Directory "/usr/lib/cgi-bin/php4">
php_admin_value open_basedir /home/www/domain
</Directory> was just added for testing but has no effect on php4-cgi...

falko 13th December 2006 15:39

I'm not quite sure if open_basedir, safe mode, etc. work for PHP-CGI because it was developed primarily for mod_php. For the CGI versions you can use suExec and suPHP.

Sid 13th December 2006 20:43

safe_mode is already working because it was defined in php.ini
I got an idea... maybe it will work with parameters to php4-cgi...

Sid 14th December 2006 19:20

Now its working fine... the solution if someone is interested:

create a direktory to store a php4 startscript for each user like /var/www/php4

then create a bash script named domain or so in this directory containing
Code:

#!/bin/sh
unset SERVER_NAME
unset SERVER_SOFTWARE
unset GATEWAY_INTERFACE
unset REQUEST_METHOD
/usr/lib/cgi-bin/php4 -d open_basedir=/home/www/domain '$*'

then edit the vhost apache config and add:
Code:

ScriptAlias /php4-cgi "/var/www/php4/domain"
AddHandler php-script .php4
Action php-script /php4-cgi

4 env variables are dropped but safemode with open_basedir is working :)


All times are GMT +2. The time now is 02:56.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.