ISPConfig 2 open_basedir problem, PHP 5.2.10/ISPConfig 2.2.35

Discussion in 'Installation/Configuration' started by zetnsh, Mar 28, 2010.

  1. zetnsh

    zetnsh New Member

    Hi there,

    Trying to deploy a new ISPConfig 2 install as a replacement for an older server. I'm running ISPConfig 2.2.35 on Ubuntu 9.10, with suPHP.

    One website I'm trying to get running uses PHP's curl functions, and in particular I'm getting this error:

    Code:
    Warning: curl_setopt() [function.curl-setopt]: CURLOPT_FOLLOWLOCATION cannot be activated when in safe_mode or an open_basedir is set in /var/www/web8/....... on line xxx
    (details removed for security reasons!

    Now, PHPs safe mode is definately NOT turned on for this site, but testing phpinfo() on that server reveals that open_basedir is set to /var/www/web8

    That's certainly NOT set anywhere in a php.ini, and it's not set anywhere in Vhosts_ispconfig.conf, so I'm struggling to find where that is being turned on, and it's not anywhere from the website code. On the old server it's migrating from, open_basedir doesn't appear to have a value.

    More information: PHP is at version 5.2.10 on the newer ubuntu server, and at 5.1.6 on the older fedora server I'm trying to decommission. On the new server ISPConfig is at version 2.2.35 and the old server at version 2.2.19.

    I've also noticed that the newer PHP seems to contain the Suhosin patch (hardened PHP) whilst the old one doesn't. Could that be it?

    Any help gratefully received,

    Neil
     
    Last edited: Mar 28, 2010
  2. falko

    falko Super Moderator ISPConfig Developer

    Please post the vhost configuration of web8.
     
  3. zetnsh

    zetnsh New Member

    Hope you don't mind, I've changed the domain name and IP for privacy reasons

    Code:
    <VirtualHost xxx.xxx.xxx.xxx:80>
    <Directory /var/www/web8>
        AllowOverride All
    ExpiresActive On
    ExpiresByType image/gif A2592000
    ExpiresByType image/jpeg A2592000
    ExpiresByType image/png A2592000
    ExpiresByType application/x-javascript A2592000
    ExpiresByType text/css A2592000
    </Directory>
    ServerName www.sampledomain.co.uk:80
    ServerAdmin webmaster@sampledomain.co.uk
    DocumentRoot /var/www/web8/web
    ServerAlias www.sampledomain.eu sampledomain.eu sampledomain.co.uk
    DirectoryIndex index.html index.htm index.php index.php5 index.php4 index.php3 index.shtml index.cgi index.pl index.jsp Default.htm default.htm
    ScriptAlias  /cgi-bin/ /var/www/web8/cgi-bin/
    AddHandler cgi-script .cgi
    AddHandler cgi-script .pl
    ErrorLog /var/www/web8/log/error.log
    AddType application/x-httpd-php .php .php3 .php4 .php5
    suPHP_Engine on
    suPHP_UserGroup web8_webmaster web8
    AddHandler x-httpd-php .php .php3 .php4 .php5
    suPHP_AddHandler x-httpd-php
    Alias /error/ "/var/www/web8/web/error/"
    ErrorDocument 400 /error/invalidSyntax.html
    ErrorDocument 401 /error/authorizationRequired.html
    ErrorDocument 403 /error/forbidden.html
    ErrorDocument 404 /error/fileNotFound.html
    ErrorDocument 405 /error/methodNotAllowed.html
    ErrorDocument 500 /error/internalServerError.html
    ErrorDocument 503 /error/overloaded.html
    AliasMatch ^/~([^/]+)(/(.*))? /var/www/web8/user/$1/web/$3
    AliasMatch ^/users/([^/]+)(/(.*))? /var/www/web8/user/$1/web/$3
    </VirtualHost>
    
    Also not convinced suPHP is working properly, but can't prove it yet...
     
  4. zetnsh

    zetnsh New Member

    Further to this information, I'm not convinced there isn't a problem with the ISPConfig install. Bear in mind this is an installation transferred from a previous install as per this post:

    http://www.howtoforge.com/forums/showpost.php?p=16488&postcount=2

    When I make a change via the ISPConfig admin interface, it doesn't actually seem to be happening on the server. The apache config seems to be syntactically correct (apache2ctl configtest reports no problems) but Vhosts_ispconfig.conf is never changed no matter what I do.

    I have found the latest config file here:

    /home/admispconfig/ispconfig/web/multidoc/edit/vhosts/Vhosts_ispconfig.conf

    But that's not being updated at all, however it seems that /home/admispconfig/ispconfig/web/multidoc/edit/vhosts/Vhosts_ispconfig.conf is being updated

    Finally, I tested an identical server config (but without ISPConfig) also running Ubuntu Karmic, to see if open_basedir was being forced, and it wasn't, so it's definately something with my setup.

    A few issues here, I really really hope someone can help!

    Thanks once again, Neil
     
  5. zetnsh

    zetnsh New Member

    I have solved the first part of this at least, I edited /home/admispconfig/ispconfig/tools/suphp/usr/bin/php-wrapper and removed " -d open_basedir=${BASEDIR}", which immediately solved the problem. Not sure this would survive any upgrade though.

    Still need to get the rest of the control panel working though...
     
  6. falko

    falko Super Moderator ISPConfig Developer

    That path seems to be totally wrong. On Ubuntu and Debian, the file should be in /etc/apache2/vhosts. What's the output of
    Code:
    ls -la /etc/apache2/vhosts/
    ?
     
  7. zetnsh

    zetnsh New Member

    I know! It's really wierd. I have set the correct path in the ISPConfig settings by the way...

    ls -la /etc/apache2/vhosts/ gives the following output:

    Code:
    total 20
    drwxr-xr-x 2 root root 4096 2010-03-28 22:16 .
    drwxr-xr-x 8 root root 4096 2010-03-30 09:17 ..
    -rw-r--r-- 1 root root 9944 2010-03-28 22:16 Vhosts_ispconfig.conf
    
    BUT - the file date is wrong on that. Odd!

    Thanks once again, Neil
     
  8. falko

    falko Super Moderator ISPConfig Developer

    What's the value of the server_path_httpd_conf field in the isp_server table in the ISPConfig database? It should be /etc/apache2
     
  9. zetnsh

    zetnsh New Member

    Interesting! It's

    Code:
    /home/admispconfig/ispconfig/web/multidoc/edit
    Which anyone can see is not quite right... can you tell me what it should be for my system? Ubuntu 9.10 Karmic...
     
  10. zetnsh

    zetnsh New Member

    Incidentally, I've tried changing this to /etc/apache2 and it's no better
     
  11. falko

    falko Super Moderator ISPConfig Developer

    Did you do any changes in ISPConfig after you changed the database field so that the backend could rewrite the configuration?
     
  12. zetnsh

    zetnsh New Member

    Yes - I did, I made a several changes including some in the extra configuration directives bit which should have forced a rewrite I would have thought. I just can't find where it's getting that setting from at all
     
  13. zetnsh

    zetnsh New Member

    This may also help: I think quite a few things in here are wrong, and I'll compare them against the previous (correctly working) installtion:

    Code:
     mysql> select * from isp_server\G
    *************************** 1. row ***************************
                                    doc_id: 1
                                doctype_id: 1010
                               server_host: www
                             server_domain: xxxxxxxxxxxxx.co.uk
                                 server_ip: ??.???.???.???
                          server_netzmaske: 255.255.255.0
                            server_sprache: de
                            server_db_type: mysql
                            server_db_user:
                        server_db_passwort:
                    server_path_httpd_conf: /etc/apache2
                    server_path_httpd_root: /var/www
                         server_httpd_user: www-data
                        server_httpd_group: www-data
                     server_path_frontpage: /usr/local/frontpage/version5.0/bin/owsadm.exe
                   server_path_httpd_error: /home/admispconfig/ispconfig/web/multidoc/edit
                               server_name: HistoryDirect Web/Mail Server
                                server_mta: postfix
            server_sendmail_virtuser_datei: /etc/postfix/virtusertable
                        server_sendmail_cw: /etc/postfix/local-host-names
                            server_ftp_typ: proftpd
                 server_proftpd_conf_datei: /etc/proftpd.conf
                        server_proftpd_log: /var/log/xferlog
                          server_bind_user: named
                         server_bind_group: named
                    server_bind_named_conf: /var/named/chroot/etc/named.conf
                  server_bind_zonefile_dir: /home/admispconfig/ispconfig/web/multidoc/edit
                                userid_von: 10000
                               groupid_von: 10000
                              passwd_datei: /etc/passwd
                               group_datei: /etc/group
                            server_ipliste: 10.0.12.16
                              shadow_datei: /etc/shadow
                   server_bind_ns1_default: ns0.historydirect.co.uk
                   server_bind_ns2_default: ns1.historydirect.co.uk
                     server_path_httpd_log: /var/log/httpd/ispconfig_access_log
                            server_soap_ip:
                          server_soap_port:
                      server_soap_encoding:
                        server_admin_email: root@localhost
                   server_bind_standard_mx: 0
             server_bind_adminmail_default: hostmaster@historydirect.co.uk
                      server_mail_log_save: 0
                       server_ftp_log_save: 0
                       server_httpd_suexec: 1
                                      dist: fedora60
                         dist_init_scripts: /home/admispconfig/ispconfig/web/multidoc/edit
                             dist_runlevel: /home/admispconfig/ispconfig/web/multidoc/edit
                                dist_smrsh: /home/admispconfig/ispconfig/web/multidoc/edit
                               dist_shells: /etc/shells
                     dist_bind_init_script: named
                         dist_bind_pidfile: /var/named/chroot/var/run/named/named.pid
                        dist_bind_hintfile: named.ca
                       dist_bind_localfile: named.local
                          dist_cron_daemon: crond
                             dist_cron_tab: /var/spool/cron/root
                          dist_mysql_group: mysql
                         dist_httpd_daemon: httpd
                                 dist_pop3:
                         dist_pop3_version:
                          dist_ftp_version: standalone
                           dist_httpd_conf: /etc/apache2/apache2.conf
                             dist_mail_log: /var/log/mail.log
                               use_maildir: 1
                                virusadmin: admispconfig@localhost
                         spamfilter_enable: 1
                   server_enable_frontpage: 0
      client_salutatory_email_sender_email: NULL
       client_salutatory_email_sender_name: NULL
               client_salutatory_email_bcc: NULL
           client_salutatory_email_subject: NULL
           client_salutatory_email_message: NULL
         res_salutatory_email_sender_email: NULL
          res_salutatory_email_sender_name: NULL
                  res_salutatory_email_bcc: NULL
              res_salutatory_email_subject: NULL
              res_salutatory_email_message: NULL
                            standard_index: NULL
                       user_standard_index: NULL
           traffic_suspension_sender_email: NULL
            traffic_suspension_sender_name: NULL
              traffic_suspension_email_bcc: NULL
          traffic_suspension_email_subject: NULL
          traffic_suspension_email_message: NULL
         traffic_notification_sender_email: NULL
          traffic_notification_sender_name: NULL
            traffic_notification_email_bcc: NULL
        traffic_notification_email_subject: NULL
        traffic_notification_email_message: NULL
       res_traffic_suspension_sender_email: NULL
        res_traffic_suspension_sender_name: NULL
          res_traffic_suspension_email_bcc: NULL
      res_traffic_suspension_email_subject: NULL
      res_traffic_suspension_email_message: NULL
     res_traffic_notification_sender_email: NULL
      res_traffic_notification_sender_name: NULL
        res_traffic_notification_email_bcc: NULL
    res_traffic_notification_email_subject: NULL
    res_traffic_notification_email_message: NULL
    1 row in set (0.00 sec)
    
    mysql>
    
    I can see instantly that dist is wrong at "fedora60"... maybe that should be ubuntu910 or something?
     
    Last edited: Apr 1, 2010
  14. zetnsh

    zetnsh New Member

    I HAVE FIXED IT!!!

    I had a hunch this was an operating system issue with ISPConfig not set up for the right O/S.

    All I did was to re-install ISPConfig2 on a new server (fine - I had 2 to confugure anyway), and copy it's isp_server table across to the broken server, and then I just edited things like the IP addresses and hostnames. Restarted the ISPConfig service, and it now works as it should. Thanks for the tip :)

    Neil
     

Share This Page