php safe mode warning

Discussion in 'Installation/Configuration' started by sc0ut, Dec 17, 2005.

  1. sc0ut

    sc0ut New Member

    Hi,
    I upgraded few days ago PHP on my SuSE 9.2 server with ISPConfig on 4.4 version (from 4.3.11) and apache 2.0.51 on 2.2, and on sites that have PHP Safe mode enabled, I get error message like this:

    Warning: Unknown(): SAFE MODE Restriction in effect. The script whose uid is 0 is not allowed to access /home/www/web20/phptmp owned by uid 10016 in Unknown on line 0

    Owners of php scripts and phptmp are the same, and file/dir permissions are 777 for phptmp and 755 for php scripts

    Since PHP Safe mode is disabled in php.ini, and enabled for each site through ISPConfig, I guess this issue has nothing to do with settings in it...


    What could be wrong?
     
  2. falko

    falko Super Moderator Howtoforge Staff Moderator HowtoForge Supporter ISPConfig Developer

    Please compare the owner and group of the PHP script and of the /home/www/web20/phptmp directory. They have to be the same.
     
  3. sc0ut

    sc0ut New Member

    The thing that is strange is that user/group for phptmp and php scritps are the same:

    Code:
    ns3:/home/www/web20 # ls -la phptmp/
    total 2
    drwxrwxrwx  2 web20_admin web20 1024 Nov 28 23:59 .
    drwxr-xr-x  8 web20_admin web20 1024 Dec 15 08:58 ..
    -r--------  1 root        root     0 Nov 28 06:19 .no_delete
    ns3:/home/www/web20 #  
    
    ns3:/home/www/web20/web # ls -la *.php
    -rwxr-xr-x  1 web20_admin web20 50589 Jul  4 00:15 SSI.php
    -rwxr-xr-x  1 web20_admin web20  3534 Nov 28 07:03 Settings.php
    -rwxr-xr-x  1 web20_admin web20  3220 Jun 23 00:15 Settings_bak.php
    -rwxr-xr-x  1 web20_admin web20 13687 Jul 13 20:59 index.php
    -rwxr-xr-x  1 web20_admin web20  5181 Jun 23 00:15 ssi_examples.php
    
    
    
     
  4. falko

    falko Super Moderator Howtoforge Staff Moderator HowtoForge Supporter ISPConfig Developer

    Do you have any include files in your PHP script that have wrong permissions?
     
  5. sc0ut

    sc0ut New Member

    There should be no includes outside of web directory of the script, actually it's a forum script (SMF), and I did: chown -R web20_admin:web20 web/ to be sure there's no files or dirs with wrong owners there...
    I got the same error on some other sites, but since they have quiet simple php scripts, I turned off safe mode so they can work OK...
    I'm compiling PHP 5.1.1 right now on the server, to try it out, maybe SuSE made something strange in updated rpm's on their ftp server :)
     
  6. till

    till Super Moderator Howtoforge Staff HowtoForge Supporter ISPConfig Developer

    What is the setting of the include path in your php.ini?
     
  7. sc0ut

    sc0ut New Member

    Include path is commented, so it shouldn't make trouble, but I have this enabled:

    Code:
    extension_dir = "./"
    extension_dir = /usr/lib/php/extensions
    
    Could this make trouble?
     
  8. falko

    falko Super Moderator Howtoforge Staff Moderator HowtoForge Supporter ISPConfig Developer

    I don't have any extension_dir directive in my php.ini... I suggest that you comment them out and restart Apache to see if that changes anything.
     
  9. sc0ut

    sc0ut New Member

    Code:
    
    ns3:/usr/lib/php/extensions # ls
    .            dbase.so    gettext.so   mcrypt.so      shmop.so     wddx.so
    ..           dbx.so      gmp.so       mhash.so       snmp.so      xslt.so
    bcmath.so    domxml.so   iconv.so     mime_magic.so  sockets.so   yp.so
    bz2.so       exif.so     imap.so      mysql.so       swf.so       zlib.so
    calendar.so  filepro.so  ldap.so      pgsql.so       sysvsem.so
    ctype.so     ftp.so      mbstring.so  qtdom.so       sysvshm.so
    curl.so      gd.so       mcal.so      session.so     unixODBC.so
    ns3:/usr/lib/php/extensions #  
    
    
    php.ini comment says that this directory is: Directory in which loadable extensions (modules) reside.
    I tried to comment it, restart apache, but got the same error on pages...
     
  10. falko

    falko Super Moderator Howtoforge Staff Moderator HowtoForge Supporter ISPConfig Developer

    Can you have a look at /etc/passwd to find out which user has the id 10016?
     
  11. sc0ut

    sc0ut New Member

    This is the uid 10016 part of /etc/passwd:

    web20_admin:x:10016:10020::/home/www/web20:/bin/false
     
  12. falko

    falko Super Moderator Howtoforge Staff Moderator HowtoForge Supporter ISPConfig Developer

    Which script exactly gives you that message? Can you post the output of
    Code:
    ls -la /path/to/script
    ?
     
  13. sc0ut

    sc0ut New Member

    Code:
    ns3:/home/www/web20/web # ls -la index.php
    -rwxr-xr-x  1 web20_admin web20 13687 Jul 13 20:59 index.php
    ns3:/home/www/web20/web #     
    
     
  14. till

    till Super Moderator Howtoforge Staff HowtoForge Supporter ISPConfig Developer

    Are there any pages included in your index.php?
     
  15. sc0ut

    sc0ut New Member

    There are, but all of them with ./ path, so they all are inside of /home/www/user/web dir.

    I disabled safe mode for this site in ISPConfig, but I enabled safe mode globally in php.ini, and I'm not getting errors.

    Could this safe mode problem have something to do with Apache 2.2 config files syntax?
     
  16. falko

    falko Super Moderator Howtoforge Staff Moderator HowtoForge Supporter ISPConfig Developer

    Can you run
    Code:
    chmod 664 /home/www/web20/web/index.php
    and check if you still get the Safe Mode error (with Safe Mode disabled globally and enabled for that site through ISPConfig)?
     
  17. sc0ut

    sc0ut New Member

    When I turn off safe mode in php.ini, and chmod all files in web dir (chmod -R 664 *) I get following error (safe mode enabled in ISPConfig for that site):
    Code:
    
    Warning: main(): Unable to access /home/www/web20/web/Sources/QueryString.php in /home/www/web20/web/index.php on line 51
     
     Warning: main(/home/www/web20/web/Sources/QueryString.php): failed to open stream: Permission denied in /home/www/web20/web/index.php on line 51
     
     Fatal error: main(): Failed opening required '/home/www/web20/web/Sources/QueryString.php' (include_path='.:') in /home/www/web20/web/index.php on line 51
    
    
    When I chmod files to 755, I get "standard" :) error:

    Code:
    
    Warning: Unknown(): SAFE MODE Restriction in effect. The script whose uid is 0 is not allowed to access /home/www/web20/phptmp owned by uid 10016 in Unknown on line 0
    
    
    How "safe" is to have safe mode enabled globaly in php.ini?
     
  18. falko

    falko Super Moderator Howtoforge Staff Moderator HowtoForge Supporter ISPConfig Developer

    That's because you did a
    Code:
    chmod -R 664 *
    which means you also chmoded the directory /home/www/web20/web/Sources/ to 664 - but directories always have to be executable. Please run
    Code:
    chmod 755 /home/www/web20/web/Sources/
    and try again.
     
  19. sc0ut

    sc0ut New Member

    Did that, and again got:

    Code:
    Warning: Unknown(): SAFE MODE Restriction in effect. The script whose uid is 0 is not allowed to access /home/www/web20/phptmp owned by uid 10016 in Unknown on line 0
      <   ĘĚKI* ˙˙   gs€ 
    
    
     

Share This Page