SME Server and open_basedir restriction affects cURL

This is another little item that I wanted to document before I forget what was done and why.

Using SME Server 8.0beta6 for my web development server. I like the ibay options for quickly setting up new sites for testing and knowing that it will be consistent with any other ibay and therefore comparison of software app versions is easy.

That said I had an issue with using / linking Gallery 3 and WordPress 3 on my server.

I posted to the forums for each of the applications but figured I’d note the details here as well.

The title of this blog entry is relating to cURL and the open_basedir restriction in Apache on SME Server and this is one of the issues I came across. It may equally apply for anyone using a piece of software that uses cURL features.

In the server or php log (/var/log/messages on SME Server) I kept getting this message:

PHP Warning:  curl_setopt() [function.curl-setopt]: CURLOPT_FOLLOWLOCATION cannot be activated when in safe_mode or an open_basedir is set in /home/e-smith/files/ibays/mysite/html/wp-content/plugins/g3client/client.php on line 72

On SME Server for a permanent adjustment you will need to modify one of the httpd.conf template files.
I documented the basic format for this file in another entry ‘SME Server httpd.conf open_basedir path to include /tmp‘. If you have not done this before you’ll need to start with that part of the process then do the following.

On your SME Server go to

# cd /etc/e-smith/templates-custom/etc/httpd/conf/httpd.conf/

Edit the existing template snippet file 95AddType00PHP2ibays (with your preferred editor)
Find the line with the php_admin_value setting

$OUT .= ” php_admin_value open_basedir $basedir:/tmp:/usr/share/pear:/usr/share/pear-addonsn”;

and insert the if statement immediately above the line with the php_admin_value as shown

if ($ibay->key eq ‘insert_your_ibay_name_here‘) {
$OUT .= “#openbase_dir disabled for this ibayn”;
$OUT .= “#”;
}
$OUT .= ”    php_admin_value open_basedir $basedir:/tmp:/usr/share/pear:/usr/share/pear-addonsn”;

This will comment out ‘#’ the open_basedir line for the specified ibay and cURL will now work as required.

If your SME Server is public facing then this may introduce a security risk so use with caution.

In my case the server is private and only risks being messed up by me.

Leave a Reply

Your email address will not be published. Required fields are marked *