Permission on VServer

software development

#1

Hi!
I’m in a little trouble with permissions on my Virtual Private Server with Dreamhost.

I need PHP recompiled so I recompile it and .php files are handled via .htaccess.

AddHandler phpfiles .php Action phpfiles /cgi-bin/php-custom.cgi This is fine. The problem is that if I run files with custom PHP pratically it’s impossible to do any file operation with PHP. Looks like that PHP (or apache) is running from a specific user (i guess ‘dhapache’) when directory are owned by ‘myusername’ user. For example if i try:

if (!mkdir('/home/myusername/filedirectory')){ echo 'Cannot create the directory'; return; } A ‘Cannt create the directory’ is shown. And this is not fine.

I cannot use ‘exec(‘mkdir /dirpath’);’ or ‘system’ calls because the whole project should be compatible with a lot of OS, such Windows. And, honestly, I think that there’s a lot of unsecure code using system calls.

If I switch off custom-php everything works but with the limitations that I cannon have for my project such max_filesize_upload, max_script_execution and so on.

Can someone help me?


#2

Probably! :wink: The first thing to do is to provide a link to the output of phpinfo() sp we can see what is happening.

It sounds very much like you are running mod_php (dhapache as user running script, no exec, etc). - a look at phpinfo() will confirm that.

Once we know that for a fact, and see the other phpinfo() out put, there are ways to approach your other issues.

–rlparker


#3

Sorry, my fault: I forgot to say that certainly PHP runs as CGI/FastCGI. This is the direct link for phpinfo

www.juststored.com/phphelp.php

Another think: /home/username/data is owned by username.
Noticed a very (very!) strange thing for me: if I run this code:

[code]<?php
// This won’t create anything
mkdir (’/home/username/data/directory_001’);

// This creates a directory!
passthru(‘mkdir /home/username/data/directory_002’);
?>
[/code]The mkdir won’t work but the system call yes.

If i look at top I effectively see php-js.cgi (-js stands for php.cgi recompiled only for juststored) runs with my username which should be fine but any file operation is impossible.

Sorry for my very bad english and thank you a lot.


#4

Yeah, it’s definitely running as CGI/FastCGI.

I am also confused by what is going on with your makdir attempts, and I don’t use a DH vserver :frowning:

Have you asked support about it?

–rlparker


#5

Yeah, asked support but none reply right now, maybe it’s just a matter of time.

The very strange thing is that php-function mkdir won’t work if the created directory is below the path of my website. For example if i try to create a directory directly reachable via www.juststored.com/testdirectory php-mkdir will work, if is below the “www” directory it fails.

I guess, even I think is incredibile, that the file-handling operations in vservers are made not directly by PHP but by a sort kind of wrapper (dhapache?). When my project was under a standard hosting plan everything was ok.


#6

You may be on the tight track with your thinking about that … hopefully when support responds they can shed some light on what is happening.

I’d appreciate hearing what they say! :wink:

–rlparker


#7

Ok… i’m a dumb.

=== Preamble ===
Yesterday a svn up updated my project with a massive number of changes.

The first thing was security schema that act as PHP/CGI protection, a sort of URL filtering (GPC) and some layer of extra security.

The new system required a totally new .htaccess but since I’m a very lazy programmer I used the same on my Windows-development machine. This .htaccess had AddHandler and Action commented so the project was instable. Why? Because from my panel the PHP version was the 4.x!

I didn’t noticed it and I supposed that something incompatible was with DreamHost server and my code. So i started handling PHP.ini and some other fine-tuning on my own code.

When I see the fault with .htaccess I correct this lovely-file and … and …

=== The trouble ===
I got php-js.cgi working but I noticed that all files was unreachable except the ones in the same folder of the website.

Yesterday i slept at 05:00am, not fine! Absolutely not fine. Today I started adding a lot of debugging code to my project: nothing.

=== The solution ===
After tons of top, kill, chgrp i realized that something wrong was with my script. But where? Just watching the php.ini I see a strange line that I forgot to remove. The line was:

open_basedir

The option was set because I was absolutely sure that i was running on PHP5, but in the fact I was with 4.x! ARGH!

Deleting that line solved everything. Now it’s time to

<?php sleep(8 hours); ?>

#8

Ah! I see now what happened … thanks for sharing your experience (it might keep me from doing the same thing some day!) :slight_smile:

I’m glad yo got it fixed.

–rlparker