Open_basedir restriction OC 10.1.6

HI ,

i am not able to get owncloud to work. OC wrote a log of 400 GB (!) that openbasedir is in use:

"reqId":"0UCTedsLQ3W7wfnssD2k","level":3,"time":"2018-01-31T18:06:03+00:00","remoteAddr":"","user":"myUser","app":"PHP","method":"POST","url":"\/owncloud\/index.php\/login?user=myUser","message":"realpath(): open_basedir restriction in effect. File(\/) is not within the allowed path(s): (\/var\/www\/xxxx\/xxxx\/web2\/web:\/var\/www\/xxxxx\/xxxx\/web2\/private:\/var\/www\/xxxx\/xxxx\/web2\/tmp:\/var\/www\/xxxxx\/web:\/srv\/www\/xxxx\/web:\/usr\/share\/php5:\/usr\/share\/php:\/tmp:\/usr\/share\/phpmyadmin:\/etc\/phpmyadmin:\/var\/lib\/phpmyadmin:\/var\/www\/xxxx\/xxxx\/web2\/web\/xxx:\/var\/www\/xxxx\/xxxx\/web2\/web\/xxx\/data:\/var\/www\/xxx\/xxx\/web2\/web\/05\/remote.php\/dav\/calendars:\/dev\/random:\/dev\/urandom) at \/var\/www\/xxx\/xxx\/web2\/web\/xxx\/lib\/private\/Files\/Storage\/Local.php#370"}

Any ideas ?

thank you

Server version: Apache/2.4.25 (Debian)
PHP 7.0.27-0+deb9u1


first I would change the owncloud logging level to 3 or 4 to minimize the size of the log file.

then I would check the permissions on your directories in owncloud, especially on the data dir. It should belong to your web server user, www-data or apache

HI dmitry,

thank you for your quick answer. the data dir is set to the webvservers user and group, as the hole owncloud dirs also.

Tryed to use the occ installer and got:

sudo -u user php occ maintenance:install
PHP Warning: require_once(): open_basedir restriction in effect. File(/var/www/xxxx/xxxxx/console.php) is not within the allowed path(s): (/dev/urandom) in /var/www/xxxx/xxxxx/occ on line 11
PHP Warning: require_once(/var/www/xxxxx/xxxxxx/console.php): failed to open stream: Operation not permitted in /var/www/xxxx/xxxxx/occ on line 11
PHP Fatal error: require_once(): Failed opening required '/var/www/xxxx/xxxxxx/console.php' (include_path='.:/usr/share/php:/usr/share/php/PEAR') in /var/www/xxxx/xxxx/occ on line 11

if have no clue about open_basedir... so i hope someone here can gibe me a hint.

Have a look here and change that value in your php.ini to reflect the folders where the to be executed php files are, or just make the value empty:

I don‘t have any experience with apache, but maybe this can also be set in a .htaccess-file.

Doesn't work at all. regardless what i am setting in the opebbasedir OC allways says:

open_basedir restriction in effect. File(\/) is not within the allowed path(s)

so im gessing a bug here

did you restart apache after changing php.ini?

yes of course

(well 20 chars to reply)

mind posting the relevant part of the php.ini file?

content of .php-fcgi-starter


export PHPRC

The variable PHP_FCGI_CHILDREN is onyl useful for lighty or nginx as apache

mod_fcgi will control the number of childs themself and never use the additional processes.



export TMP=/var/www/xxxx/xxxxx/web2/tmp
export TMPDIR=/var/www/xxxxx/xxxxx/web2/tmp
export TEMP=/var/www/xxxx/xxxxx/web2/tmp
exec /usr/bin/php-cgi \
-d open_basedir="/var/www/xxxxx/xxxxx/web2/web:/var/www/xxxxx/xxxxx/web2/private:/var/www/xxxxxx/xxxxx/web/tmp:/var/www/DOMAINNAME/web:/var/www/DOMAINNAME/web/05:/srv/www/" \
-d upload_tmp_dir=/var/www/xxxx/xxxxx/web2/tmp \
-d session.save_path=/var/www/xxxxx/xxxxxxx/web2/tmp \
-d sendmail_path="/usr/sbin/sendmail -t -i -f webmaster@xxxxxx" \

You cannot edit php.ini? I'm not familiar with such an fcgi setup - sorry

Well with openbase dir = one OC works, so i can perfom the update. Also OC works fine, but if i put basedir back on, i get:

message":"realpath(): open_basedir restriction in effect. File(\/) is not within the allowed path(s): (see above)

what is realpath here and why is in Local.php line 370:

$realPath = $realPath . '/';

Would be nice to have some answers here, because my hole family is cut off calender and contacts and i don't want to have basedir set = none

sry, for my bad english, natural german speaker

Well never mind.

I migrated to nextcloud 13 . runs with the same openbasedir setting like charm...