#1  
Old 10th October 2006, 13:37
Ben Ben is offline
Moderator
 
Join Date: Jul 2006
Posts: 1,029
Thanks: 7
Thanked 62 Times in 56 Posts
Default pear + safe_mode?

Hi folks,

got the followin problem, I have an application using pear / excel spreadsheet to create excel files.
Safe mode is on for the web.
The first error is that in can not open the pear files because the dir is not in the open_basedir list. If I now add it, that error is gone but because of safe mode we have a uid conflict because the pear stuff is owned by root.
Sure switching safe_mode off the whole stuff works.
But I'm looking for a solution that I can use pear with any web (if possible without switching to suphp), that means changing the pear files owner to the web one won't help.
Any ideas?
Reply With Quote
Sponsored Links
  #2  
Old 11th October 2006, 11:10
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lneburg, Germany
Posts: 35,778
Thanks: 821
Thanked 5,332 Times in 4,184 Posts
Default

If i remember correctly, there is a setting in PHP to define a directory that is outside the open_basedir directory for includes. Have you tested this option?

The other solution is to install a local copy of the pear files for the website, but thats nor really elegant
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #3  
Old 11th October 2006, 20:52
Ben Ben is offline
Moderator
 
Join Date: Jul 2006
Posts: 1,029
Thanks: 7
Thanked 62 Times in 56 Posts
Default

Hi Till,

sure, I could just throw it in the include path, but then open_basedir restriction takes effekt due to safe_mode.
If I add it as well to the open_basedir, I have a safemode restriction because of uid of root (pear files owned by root), vs. apache2 user under which the php script that tries to include the pear stuff... so that's my "real" problem

Regarding the copy, is it possible to create symlinks having another owner, than the file they link to=
Reply With Quote
  #4  
Old 12th October 2006, 10:37
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lneburg, Germany
Posts: 35,778
Thanks: 821
Thanked 5,332 Times in 4,184 Posts
Default

I dont meant the normal include setting, I meant the safemode_include_dir (forgot the correct name in the first post .

From php.ini:

Quote:
; When safe_mode is on, UID/GID checks are bypassed when
; including files from this directory and its subdirectories.
; (directory must also be in include_path or full path must
; be used when including)
safe_mode_include_dir =
But I have not tested this, especially with open_basedir. Maybe it is possible to set this to a local website directory that is symlinked to a global pear directory...
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #5  
Old 26th October 2006, 08:10
Ben Ben is offline
Moderator
 
Join Date: Jul 2006
Posts: 1,029
Thanks: 7
Thanked 62 Times in 56 Posts
Default

To finish that post for others having the same problem, yes, safe_mode_include_dir helps.

@Till: Already entered it there but just with some typos in the path
Reply With Quote
  #6  
Old 30th October 2006, 10:50
Ben Ben is offline
Moderator
 
Join Date: Jul 2006
Posts: 1,029
Thanks: 7
Thanked 62 Times in 56 Posts
Default

@till: Well it does not really help, because the php.ini settings are overwritten by the vhost.conf settings. Adding it to the httpd additional stuff won't help, because these values are written before the php stuff in the conf though they have no effect.

Is there a way to change that, to either always allow pear, make the user check "allow pear" or most flexible, an additional box for the admin to add pathes to openbasedir...

In my case I changed linke 1448 from config.lib.php
PHP Code:
php_admin_value open_basedir "/usr/src/php/:".$mod->system->server_conf["server_path_httpd_root"]."/"."web".$web["doc_id"]."/\" 
Reply With Quote
  #7  
Old 31st October 2006, 17:20
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,740 Times in 2,575 Posts
 
Default

You could put an .htaccess file in the directory. You might have to enable
Code:
AllowOverride all
for that directory.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Problems with opensrs as pear not loading in hosts kallaana Installation/Configuration 1 25th August 2006 09:04
Pear MDB on Fedora Core5 with ISPConfig maxgen Installation/Configuration 2 19th July 2006 17:48
Installing PEAR - OPENSUSE Ajazza Installation/Configuration 3 11th May 2006 17:51
PEAR Support with Perfect Setup SuSE 9.3 SidSkiba Installation/Configuration 8 31st August 2005 08:42


All times are GMT +2. The time now is 16:18.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.