Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 2 > Installation/Configuration

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 12th March 2008, 15:04
kainhofer kainhofer is offline
Junior Member
 
Join Date: Mar 2007
Posts: 6
Thanks: 0
Thanked 1 Time in 1 Post
Default ispconfig 2.2.21 and system-wide php scripts...

A few days agot upgraded ispconfig to 2.2.21 (from 2.2.1x) and since then, none of my websites are able to run squirrelmail (installed in /usr/share/squirrelmail and symlinked to ~/web/webmail, same effect also with an Alias of /webmail to /usr/share/squirrelmail) or access the DB.php PHP package (installed in /usr/share/php/DB.php) from a custom php script.

Checking/Unchecking "PHP Safe mode" does not have any effect.

If I make a symlink from /home/www/web6/web/webmail to /usr/share/squirrelmail (or add an appropriate alias to the apache config), then I get an error message in error.log:
Code:
"No user or group set - set suPHP_UserGroup"
which I don't understand, since suPHP_UserGroup is called correctly in Vhosts_ispconfig.conf (and works for other php scripts like dokuwiki, installed inside the user's home dir).

If I simply copy over all files from /usr/share/squirrelmail to /home/www/web6/webmail/, then I get the error message

Code:
"Warning: file_exists() [function.file-exists]: open_basedir restriction in effect. File(config/config.php) is not within the allowed path(s): (/home/www/web6) in /home/www/web6/web/webmail2/index.php on line 15"
The other problem appears when trying to include the DB.php pear package for database access from php. There, I always get the error message:

Code:
  Warning: require(DB.php) [function.require]: failed to open stream: No such file or directory in /home/www/web6/web/php/news.class.php on line 2

Fatal error: require() [function.require]: Failed opening required 'DB.php' (include_path='.:/usr/share/php:/usr/share/pear') in /home/www/web6/web/php/news.class.php on line 2
which is even weirder, since the DB.php file is in /usr/share/php!


How can I restore the state from before the upgrade, i.e. that the users are allowed to run squirrelmail (and no, I don't want them to use the :81/squirrelmail/ package, since I changed the webmail URL only a few months ago and it was hard enought telling all my users about the changed URL and make the update their bookmarks, etc. I can't change that again!) and that the PHP scripts are allowed to use system-wide installed php packages, too.

Thanks a lot,
Reinhold
Reply With Quote
Sponsored Links
  #2  
Old 13th March 2008, 11:33
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lneburg, Germany
Posts: 36,804
Thanks: 840
Thanked 5,614 Times in 4,425 Posts
Default

The latest ISPConfig comes with a more secure suphp configuration which will not allow to call system wide scripts for security reasons.

If you really want to use system wide scripts, you will have to change the suphp wrapper script in /home/admispconfig/ispconfig/tools/suphp/usr/bin
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #3  
Old 13th March 2008, 17:56
kainhofer kainhofer is offline
Junior Member
 
Join Date: Mar 2007
Posts: 6
Thanks: 0
Thanked 1 Time in 1 Post
Default

Thanks for the hint, I was looking for a suphp.conf file and only looked in /root/ispconfig, but not in /home/admispconfig...

I think it's really unfortunate that providing system-wider scripts (and even packages!!!) is no longer possible. This way, every!!! user e.g. has to copy the whole webmail package into his own userdir. Also, providing e.g. a dokuwiki farm is not possible now.
Imagine what a security nightmare it will be if a flaw e.g. in squirrelmail is found! Telling all domain owners about this and making sure that they really upgrade is so much more work than upgrading the system-wide installation once...

Anyway, I'm simply removing the open_basedir setting, since I really need system-wide scripts.

However, I'm still having a problem with symlinked ~/web/webmail/ to /usr/share/squirrelmail/. Whenever I call www.domain.tld/webmail/, I get a server error and the log file contains
"No user or group set - set suPHP_UserGroup"
That's weird, since the vhost section for that domain contains a suPHP_UserGroup definition!

Cheers,
Reinhold
Reply With Quote
  #4  
Old 13th March 2008, 18:44
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,748 Times in 2,579 Posts
 
Default

Can you post the vhost configuration?
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Freebsd 6.1 support misterm Installation/Configuration 10 9th April 2009 10:29
ERROR: The PHP binary coming with ISPConfig does not work properly on your system! Th shadowspank Installation/Configuration 9 9th February 2008 19:55
php eating cpu shajazzi Server Operation 15 15th August 2007 02:19
ERROR: The PHP binary coming with ISPConfig does not work properly on your system! xinefnarg Installation/Configuration 2 28th March 2006 17:45
Downgrade php5 to php4.4.2 llizards Installation/Configuration 4 14th March 2006 00:58


All times are GMT +2. The time now is 09:37.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.