The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Add shared codebase to PHP open_basedir

Discussion in 'General Discussion' started by conchur, Mar 18, 2009.

  1. conchur

    conchur Member

    Joined:
    Apr 9, 2007
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    1
    I have several users who have requested a Drupal CMS site, and I want to minimise the amount of seperate codebases which need to be updated and maintained.

    I've created a Drupal installation at /usr/local/drupal which will be shared among several virtual users, and I am writing a script which will create the necessary sylinks in a user's public_html folder (or a subdirectory) to access the necessary PHP codebase. Unfortunately I've run into a problem with the open_basedir restrictions, which means the shared code will not run.

    I don't want to disable the open_basedir security check, so I need to add the new path '/usr/local/drupal' to the 'php_admin_value open_basedir' settings for selected virtual hosts in httpd.conf. There's nothing sensitive or account-specific in this codebase, so it would be acceptable to apply the open_basedir change system-wide to all accounts if that's easier.

    But how do I stop these changes being overwritten when the http.conf file is regenerated? I've tried:
    1) editing http.conf directly and checking the modifed file in, but the changes are ignored when I regenerate.
    2) editing the per-site templates at '/var/cpanel/userdata/*', but I didn't see any reference to open_basedir in there.
    3) editing the template at '/var/cpanel/templates/apache2/vhost.default' but that doesn't seem to affect the output (perhaps it's cached per-site? I guess this will work for new accounts which is some progress).

    Any pointers on how to add paths to the open_basedir setting for some or all accounts on a server?

    Thanks!

    root user,
    cPanel 11.24.4-C34634 - WHM 11.24.2 - X 3.9
    CENTOS 4.4 x86_64 on standard
     
  2. conchur

    conchur Member

    Joined:
    Apr 9, 2007
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    1
    Got it!

    I edited the template as in 3) above, only this time made the changes in the right place. There are multiple IfModule tests to check the PHP version, so either add the path to each open_basedir entry or find out which one is actually used on your system.

    After running /scripts/rebuildhttpdconf the new conf was created, and a restart of Apache made everything work as expected.

    This template affects all cPanel accounts simultaneously. This is fine for me since no CMS data is accessible from another virtual server (site-specific settings and files are not symlinked, just the shared files), but may not be the case for all CMS platforms.
     
Loading...

Share This Page