When creating a new interworx user I'd like to have by default the
"php_admin_value open_basedir "/home/account/"" set in the httpd config file.

It could be great to have an option to enable or disable this feature.

Pascal

[root@worxnoo etc]# cat /home/interworx/etc/vhost-base.conf
<VirtualHost <<IP_ADDR>>:<<PORT>>>

<<SUEXEC>>

DocumentRoot <<WEBROOT>>
ServerName <<DOMAIN>>

ServerAlias <<ALIASES>>
ServerAdmin webmaster@<<DOMAIN>>

# subdomain logic
RewriteEngine On
RewriteOptions inherit
RewriteCond %{HTTP_HOST} !^www\.<<ESCDOMAIN>> [NC]
RewriteCond %{HTTP_HOST} !^<<ESCDOMAIN>> [NC]
RewriteCond %{HTTP_HOST} ^([A-Z0-9a-z-]+)\.<<ESCDOMAIN>> [NC]
RewriteCond %{DOCUMENT_ROOT}/%1 -d
RewriteRule ^(.+) %{HTTP_HOST}/$1 [C]
RewriteRule ^([0-9A-Za-z-]+)\.<<ESCDOMAIN>>/?(.*)$ %{DOCUMENT_ROOT}/$1/$2 [L]
# end subdomain logic

ErrorLog <<ERRORLOG>>
CustomLog <<XFERLOG>> combined

php_admin_flag engine On

# cgi: <<CGISTATUS>>
<Directory <<WEBROOT>>>
<<CGI1>>
</Directory>

<<CGI2>>

</VirtualHost>

so cool :)

I never seen this template file before.

So something like this should work

php_admin_flag engine On
php_admin_value open_basedir "<<WEBROOT>>/"


Thanks a ton CMI :)

Pascal

Hello,

I added this line in /home/interworx/etc/vhost-base.conf

php_admin_value open_basedir "<<WEBROOT>>/:/usr/share/pear/"


It works fine, every per vhost php scripts can only read the vhost webroot files and /usr/share/pear files.

But does it exist a variable for only /home/account/ ?

Pascal

That one I have no idea about :) If that value will accept ../ in the path though you could

php_admin_value open_basedir "<<WEBROOT>>/../../:/usr/share/pear/"

If that value will accept ../ in the path though you could

php_admin_value open_basedir "<<WEBROOT>>/../../:/usr/share/pear/"I don't think "../" is allowed.
The restriction specified with open_basedir is actually a prefix, not a directory name. This means that "open_basedir = /dir/incl" also allows access to "/dir/include" and "/dir/incls" if they exist. When you want to restrict access to only the specified directory, end with a slash. For example: "open_basedir = /dir/incl/"Based on that, the open_basedir value seems to be nothing more than a loose pattern match against an absolute file path. Adding "../" should cause every file to fail. (Also note that adding a trailing slash makes the pattern match more restrictive, singling out a specific directory.)

So, does anyone know the "home folder" counterpart to <<WEBROOT>>? I seem to have the same need as pascal, but this is the only thread I could find. :(

Additionally, I have read that InterWorx-CP v2.0 was supposed to add support for Safe Mode and open_basedir, but my v2.0.5 (with the default theme) does not appear to offer those settings in NodeWorx. Are those features still on the way?

jimp,

There is no homedir variable exposed (yet) but I'll open a bug report so we can get it made available.

Regarding safe_mode on/off etc we'll have it in a future release, it is near the top of our list :).

Chris

jimp,

There is no homedir variable exposed (yet) but I'll open a bug report so we can get it made available.

Regarding safe_mode on/off etc we'll have it in a future release, it is near the top of our list :).
Are either of these available yet? I still would like to have the homedir variable if possible. Is a list of variables published in the documentation somewhere?

Hi Jimp,

You should be able to use the combination of <<PACKROOT>> (for package root) and <<DOMAIN>>, like this:

<<PACKROOT>>/<<DOMAIN>>

That will get you

/home/username/domain.com

for example.

Paul

That looks like what I need. Thanks! :)