After upgrading mod_php to 4.4.0-r9 i discovered a strange behaviour regarding error logging. Example /etc/php/apache2-php4/php.ini: safe_mode = On open_basedir = /var/www/_openbasedir <VirtualHost a.b.c.d:80> DocumentRoot /var/www/wwwadm01/html/domain.tld php_admin_value open_basedir /var/www/wwwadm01/html/domain. tld/:/var/www/wwwadm01/tmp/ php_admin_value safe_mode 0 [..] </VirtualHost> /var/www/wwwadm01/html/domain.tld/test.php is a php script owned _not_ by root but by uid 5001. /var/www/wwwadm01/tmp/ is owned by uid 5001, too. The test.php script tries to open a file in /var/www/wwwadm01/tmp/. The script is working as supposed to be, but it generates nonsense error messages like these ones: (Taken from php error_log) PHP Warning: Unknown(): open_basedir restriction in effect. File(/var/www/ wwwadm01/tmp) is not within the allowed path(s): (/var/www/_openbasedir) in Unknown on line 0 PHP Warning: Unknown(): SAFE MODE Restriction in effect. The script whose uid is 0 is not allowed to access /var/www/wwwadm01/tmp owned by uid 5001 in Unknown on line 0, referer: http://foo.bar/... The first log entry is nonsense, since the script is working and even a phpinfo file in this place confirms, that /var/www/wwwadm01/tmp is in local open_basedir and /var/www/_openbasedir is the global open_basedir setting. The second error message is nonsense too, since safe_mode is turned off in <Virtualhost> which is confirmed in phpinfo too: the local safe_mode value is off, only the global safe_mode value is on. Second, the php script is __not__ owned by uid 0 but uid 5001, the same person who owns the /var/www/wwwadm01/tmp directory. I repeat, the scripts are all working as supposed to be, but the error_log is filled with tons of nonsense error messages. Reproducible: Always Steps to Reproduce: 1. 2. 3. # emerge info ; emerge -pv apache mod_php Portage 2.0.51.22-r3 (default-linux/x86/2005.1, gcc-3.3.6, glibc-2.3.5-r2, 2.6. 11-hardened-r15 i686) ================================================================= System uname: 2.6.11-hardened-r15 i686 Intel(R) Celeron(R) CPU 2.40GHz Gentoo Base System version 1.6.13 ccache version 2.3 [disabled] dev-lang/python: 2.3.5-r2, 2.4.2 sys-apps/sandbox: 1.2.12 sys-devel/autoconf: 2.13, 2.59-r6 sys-devel/automake: 1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r1 sys-devel/binutils: 2.15.92.0.2-r10 sys-devel/libtool: 1.5.20 virtual/os-headers: 2.6.11-r2 ACCEPT_KEYWORDS="x86" AUTOCLEAN="yes" CBUILD="i686-pc-linux-gnu" CFLAGS="-O2 -march=pentium4 -fomit-frame-pointer" CHOST="i686-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/kde/2/share/config /usr/kde/3/share/config /usr/share/ config /var/qmail/control" CONFIG_PROTECT_MASK="/etc/gconf /etc/terminfo /etc/env.d" CXXFLAGS="-O2 -march=pentium4 -fomit-frame-pointer" DISTDIR="/usr/portage/distfiles" FEATURES="autoconfig distlocks sandbox sfperms strict" GENTOO_MIRRORS="ftp://ftp.uni-erlangen.de/pub/mirrors/gentoo" MAKEOPTS="-j1" PKGDIR="/usr/portage/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" SYNC="rsync://rsync.de.gentoo.org/gentoo-portage" USE="x86 alsa apache2 arts avi bash-completion berkdb bitmap-fonts bzip2 crypt curl devfs26 eds emboss encode expat foomaticdb gd gdbm gif gstreamer hardened hardenedphp idn imagemagick imap imlib jpeg junit kde libg++ mbox memlimit mhash mmx mmx2 motif mp3 mpm-prefork ncurses nls noantlr nobcel nobeanutils nobsh nocommonslogging nocommonsnet nojdepend nojsch nojython nolog4j nooro nopop3d noregexp norhino noxerces ogg oggvorbis opengl oss pam pcre perl php png posix quicktime rtc sasl sdl sse sse2 ssl tcpd tiff truetype truetype-fonts type1 type1-fonts udev vorbis xml2 xmms xv zlib userland_GNU kernel_linux elibc_glibc" Unset: ASFLAGS, CTARGET, LANG, LC_ALL, LDFLAGS, LINGUAS, PORTDIR_OVERLAY These are the packages that I would merge, in order: Calculating dependencies ...done! [ebuild R ] net-www/apache-2.0.54-r31 +apache2 -debug -doc -ldap -mpm- leader -mpm-peruser +mpm-prefork -mpm-threadpool -mpm-worker -no-suexec (- selinux) +ssl -static-modules -threads 0 kB [ebuild R ] dev-php/mod_php-4.4.0-r9 -X +apache2 +berkdb +crypt +curl - debug -doc -fdftk -firebird -flash -freetds +gd -gd-external +gdbm -gmp +hardenedphp +imap -informix -ipv6 -java +jpeg -kerberos -ldap -mcal +memlimit - mssql +mysql +nls -oci8 -odbc +pam +png -postgres -snmp -spell +ssl +tiff +truetype +xml2 -yaz 0 kB Total size of downloads: 0 kB
1/ /var/www/wwwadm01/tmp is *not* within var/www/wwwadm01/html/domain, to which open_basedir is set for that vhost 2/ open_basedir is *not* affected by whether safe mode is on or off - as noted in php.ini INVALID bug, please read the php documentation.
(In reply to comment #1) > 1/ /var/www/wwwadm01/tmp is *not* within var/www/wwwadm01/html/domain, > to which open_basedir is set for that vhost please reread my posting - it says: open_basedir /var/www/wwwadm01/html/domain.tld/:/var/www/wwwadm01/tmp/ ^^^^^^^^^^^^^^^^^^^^^^ > 2/ open_basedir is *not* affected by whether safe mode is on or off - as noted > in php.ini I didn't say this. The open_basedir and safe_mode problem reported by me have nothing to do with each other, only it happens to be written to the error log when no error occurs. > INVALID bug, please read the php documentation. Please, reread my posting and reopen this bug. You did not understand this problem reported by me.
.
Bleh, I guess I should have my morning coffee first before closing bugs...
Hello, Same strange behaviour : safe_mode = On Then into apache conf <VirtualHost *:80> DocumentRoot /var/www/vhosts/www.website.xxx/htdocs ServerName www.website.xxx ErrorLog /var/www/vhosts/www.website.xxx/logs/www.website.xxx-error.log CustomLog /var/www/vhosts/www.website.xxx/logs/www.website.xxx-access.log combined php_admin_value open_basedir /var/www/vhosts/www.website.xxx:/usr/lib/php php_admin_value session.save_path /var/www/vhosts/www.website.xxx/phpsession ... Error displayed when apache accessing a .html file !!!! Warning: Unknown(): SAFE MODE Restriction in effect. The script whose uid is 0 is not allowed to access /var/www/vhosts/www.website.xxx owned by uid 81 in Unknown on line 0 Regards
dev-php/php, dev-php/mod_php, and dev-php/php-cgi have been replaced by dev-lang/php. Please upgrade (following the guide at http://svn.gnqs.org/projects/gentoo-php-overlay/file/docs/php-upgrading.html?format=raw) to the new-style PHP package and open a new bug if the problem persists. Thank you.