Your message dated Sat, 13 Aug 2005 14:20:32 +0200
with message-id <[EMAIL PROTECTED]>
and subject line php4: open_basedir restriction + symlinks problem
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 27 Jan 2004 10:44:19 +0000
>From [EMAIL PROTECTED] Tue Jan 27 02:44:19 2004
Return-path: <[EMAIL PROTECTED]>
Received: from mantra.online.bg (mantra.bgit.net) [217.75.128.129]
by spohr.debian.org with smtp (Exim 3.35 1 (Debian))
id 1AlQhb-0008JN-00; Tue, 27 Jan 2004 02:44:17 -0800
Received: (qmail 24794 invoked by uid 0); 27 Jan 2004 10:43:56 -0000
Message-ID: <[EMAIL PROTECTED]>
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: Valery Dachev <[EMAIL PROTECTED]>
To: Debian Bug Tracking System <[EMAIL PROTECTED]>
Subject: php4: open_basedir restriction + symlinks problem
X-Mailer: reportbug 2.37
Date: Tue, 27 Jan 2004 12:43:56 +0200
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2004_01_25
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-5.0 required=4.0 tests=HAS_PACKAGE autolearn=no
version=2.60-bugs.debian.org_2004_01_25
X-Spam-Level:
Package: php4
Version: 4:4.3.3-4
Severity: normal
Tags: security
I have the following problem: my /home partition is mounted in /mnt/home
and I have symlinked: "ln -s /mnt/home /home". That's OK ! Now I have
some users in /home and their sites in it, let's say the user "valery".
Homedir: /home/staff/valery
Sitesdir: /home/staff/valery/sites
Docroot: /home/staff/valery/sites/valery.bgit.net/htdocs
So, I put an open_basedir restriction like this one:
php_admin_value open_basedir "/home/staff/valery/sites/"
I've got the following test script:
<? fopen( '/home/staff/valery/sites/test.txt', 'w+' ) ?>
And I have the following message:
Warning: fopen(): open_basedir restriction in effect.
file(/home/staff/valery/sites/test.txt) is not within the allowed
path(s): (/home/staff/valery/sites/) in
/mnt/home/staff/valery/sites/valery.bgit.net/htdocs/test.php on line 2
You can see that the error message by itself looks quite absurd. The
problem IS in symlinks. I saw this bug reported to PHP website, but at
least in the Debian version it doesn't seems to be fixed. The only
solution is to mount the home partition directly in /home, as changing
the paths to /mnt/home/... doesn't help, as users use /home/... paths in
their websites). There's a way this can be patched, but I was unable to
do that. Thanks in advance !
Best regards,
Valery Dachev
-- System Information:
Debian Release: testing/unstable
Architecture: i386
Kernel: Linux mantra 2.4.23-ow1 #2 Tue Dec 2 02:53:25 EET 2003 i686
Locale: LANG=C, LC_CTYPE=C
Versions of packages php4 depends on:
ii apache-common 1.3.29.0.1-3 Support files for all Apache webse
ii debconf 1.3.22 Debian configuration management sy
ii libbz2-1.0 1.0.2-1 A high-quality block-sorting file
ii libc6 2.3.2.ds1-10 GNU C Library: Shared libraries an
ii libdb4.1 4.1.25-16 Berkeley v4.1 Database Libraries [
ii libexpat1 1.95.6-6 XML parsing C library - runtime li
ii libmm13 1.3.0-1 Shared memory library - runtime
ii libpam0g 0.76-15 Pluggable Authentication Modules l
ii libpcre3 4.3-4 Philip Hazel's Perl 5 Compatible R
ii mime-support 3.24-1 MIME files 'mime.types' & 'mailcap
ii zlib1g 1:1.2.1-3 compression library - runtime
-- debconf information:
php4/update_apache_php_ini: true
---------------------------------------
Received: (at 229891-done) by bugs.debian.org; 13 Aug 2005 12:20:21 +0000
>From [EMAIL PROTECTED] Sat Aug 13 05:20:21 2005
Return-path: <[EMAIL PROTECTED]>
Received: from mail.active24.cz [81.95.104.4]
by spohr.debian.org with esmtp (Exim 3.36 1 (Debian))
id 1E3uzt-0004yX-00; Sat, 13 Aug 2005 05:20:21 -0700
Received: from [192.168.1.2] (r4v190.chello.upc.cz [84.42.149.190])
by mail.active24.cz (Postfix) with ESMTP id C6D3528000AF
for <[EMAIL PROTECTED]>; Sat, 13 Aug 2005 14:23:45 +0200 (CEST)
Subject: Re: php4: open_basedir restriction + symlinks problem
From: Ondrej Sury <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature"; boundary="=-DfJ1CL4bV9nnnTeYEArF"
Date: Sat, 13 Aug 2005 14:20:32 +0200
Message-Id: <[EMAIL PROTECTED]>
Mime-Version: 1.0
X-Mailer: Evolution 2.3.7
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Level:
X-Spam-Status: No, hits=-3.0 required=4.0 tests=BAYES_00 autolearn=no
version=2.60-bugs.debian.org_2005_01_02
--=-DfJ1CL4bV9nnnTeYEArF
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable
According to: http://bugs.php.net/bug.php?id=3D14076
It was fixed long ago. I tested it on sarge and sid, by adding
open_basedir =3D /var/www/ and symlinking /var/www to /var/www.xxx/ and
file was created ok.
if you can reproduce it, feel free to reopen this bug and add test case.
O.
--=20
Ondrej Sury <[EMAIL PROTECTED]>
--=-DfJ1CL4bV9nnnTeYEArF
Content-Type: application/pgp-signature; name=signature.asc
Content-Description: This is a digitally signed message part
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
iD8DBQBC/eWQ9OZqfMIN8nMRAhM6AJ9adUrM+WLfyRsSIJ157Dc3WdNEEACeJp5Y
ARic08gSiPa9VnqfXPuRX3o=
=gnHU
-----END PGP SIGNATURE-----
--=-DfJ1CL4bV9nnnTeYEArF--
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
