e-smith server and the php open_basedir restriction

I use the sme server (previously called e-smith) as a server (file, http etc...) and gateway to my private network (btw : it's working great for years now (since version 5) and really easy to install and reinstall).

I'm working on a file browser with extjs & php and I had to face the open_basedir restriction.

In order to get rid off this restriction here is what I did :

First I use the template(-custom) system to alter the way the httpd.conf is generated :
mkdir -p /etc/e-smith/templates-custom/etc/httpd/conf/httpd.conf/
cp /etc/e-smith/templates/etc/httpd/conf/httpd.conf/95AddType00PHP2ibays /etc/e-smith/templates-custom/etc/httpd/conf/httpd.conf/
#edit the file
vi /etc/e-smith/templates-custom/etc/httpd/conf/httpd.conf/95AddType00PHP2ibays


and replace

 $OUT .= "    php_admin_value open_basedir $basedir\n";

by

if($basedir eq 'NONE')
{
$OUT .= " #desactivated with 'NONE' value : php_admin_value open_basedir $basedir\n";
}
else
{
$OUT .= " php_admin_value open_basedir $basedir\n";
}

If i want to disable the open_basedir restriction on an ibay, I just have to set 'NONE' value to the PHPBaseDir variable of the ibay as follow (for example on the 'Primary' ibay):

#change the value
db accounts setprop Primary PHPBaseDir NONE
#signal a modification to the e-smith templating system
signal-event ibay-modify Primary

The signal-event will actually update the /etc/httpd/conf/httpd.conf file
#restart httd server
service httpd-e-smith restart



Another tips :

To allow .htaccess file to be parsed by the apache, you need to allow the web server configuration to be overrided. It's disabled by default :
db accounts setprop Primary AllowOverride All
signal-event ibay-modify Primary
service httpd-e-smith restart


you can now us .htaccess file in your web directory with instruction like
#display php error
php_value display_errors 1
#allow the httpd server to follow file links
Options +FollowSymLinks

Comments

N.S.T. said…
After editing the file (before setting te ibay) you have to expand the template

expand-template /etc/httpd/conf/httpd.conf


and then restart apache

sv t httpd-e-smith

Popular posts from this blog

Open ssh connection through proxy with NTML authentication

Setting up UPS link with an ubuntu server

Limit the upload bandwidth of your apache webserver with mod_bw