Open_basedir issue

adleviton · June 15, 2021, 2:53pm

Is there anyone out there who might be able to explain I’m getting the error below? The target file is in the allowed paths, correct? What are the concerns about disabling open_basedir altogether?

Warning: is_readable(): open_basedir restriction in effect. File(/home/vagrant/.aws/config) is not within the allowed path(s): (/srv/www/:/tmp:/home/vagrant/.aws/) ...

and same thing happens without the trailing slash

Warning: is_readable(): open_basedir restriction in effect. File(/home/vagrant/.aws/config) is not within the allowed path(s): (/srv/www/:/tmp:/home/vagrant/.aws)

strarsis · June 15, 2021, 3:44pm

This looks like Vagrant. Is this a Trellis development Vagrant box?

adleviton · June 15, 2021, 4:03pm

Yes, you are correct.

strarsis · June 15, 2021, 6:39pm

When you want to restrict access to only the specified directory, end with a slash.

So either you remove the slash for the directory containing .aws/, or explicitly add it.

adleviton · June 15, 2021, 8:40pm

Thanks for finding this @strarsis. My issue was actually that I created the .aws directory in the wrong location

So for anyone else who runs into trouble with AWS SDK:

The config for open_basedir can be found in roles/wordpress-setup/templates/php-fpm.conf.j2. Use a trailing slash depending on your needs. e.g.

php_admin_value[open_basedir] = {{ www_root }}/:/tmp:/home/{{ web_user }}/.aws

Make sure the directory actually exists! In my case, even though the .aws folder is empty, /home/{{ web_user }}/.aws still needs to be present.

system · July 27, 2021, 2:53pm

This topic was automatically closed after 42 days. New replies are no longer allowed.