SOLVED Adding open_basedir for multiple users

Hello,


Have you checked out our documentation on this here: PHP open_basedir Tweak - Version 68 Documentation - cPanel Documentation

 

Hi,

We've actually been trying to test this on my test server using php-fpm as well and are experiencing issues getting open_basedir to be enabled globally the value added in the yaml file doesn't put out any errors for us but it also doesn't enable open_basedir. We did find that adding it to the /opt/cpanel/ea-phpXX/root/etc/php-fpm.conf file and restarting php-fpm did respect the change when rebuilding the php-fpm config it gets deleted.

I'd like to see if it would be possible for you to open a ticket for this (enabling open_basedir globally for php-fpm). If you can please use the link in my signature and update this thread with the ticket ID.

Thank you,

 

Just for future reference I wanted to provide the solution to this issue should anyone come across this thread.

The line shown below was added to the file "/var/cpanel/ApachePHPFPM/system_pool_defaults.yaml"

Code:

php_value_open_basedir: { name: 'php_value[open_basedir]', value: "[% documentroot %]" }

Once that is added, you then need to rebuild your PHP-FPM configs which can be done with the command below.

Code:

/usr/local/cpanel/scripts/php_fpm_config --rebuild

Rebuilding the configuration will also restart PHP-FPM for you after it's done so the changes should go into effect immediately. You can check that the open_basedir directive was added to your users pools with the one liner below. This simply prints the number of files that contain the open_basedir directive in it.

Code:

grep -c open_basedir /opt/cpanel/ea-php70/root/etc/php-fpm.d/* | awk -F':' '{SUM+=$2}END{print SUM}'

If you wish to check that the directive is active with an account, the php script below can be added to a site and when accessed will print whether it's enabled or not.

PHP:

<?php
echo 'Open_basedir: ',(ini_get('open_basedir') ? 'Enabled' : 'Disabled');
?>


You can read more about how to make changes like these to your PHP-FPM system and user pool configurations at the links below.

PHP-FPM Configuration Template Locations

PHP-FPM System and User Pool Directives

Hope this helps!

 

@Ricky G. thanks for providing the solution!