DokuWiki

It's better when it's simple

User Tools

Site Tools

Trace:
config:safemodehack

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
config:safemodehack [2011-06-09 09:08] – [Security Warning] 90.132.213.19config:safemodehack [2023-10-16 22:49] (current) – removed since release 2020 Hogfather Klap-in
Line 1: Line 1:
 +====== Configuration Setting: safemodehack ====== 
 +:!: Removed since release 2020 Hogfather)
 +
 +This tries to solve bug [[bug>179]] where DokuWiki can not write to 
 +directories it created itself. It does so by using FTP to log into your 
 +server and creating the directory that way. It requires the FTP PHP 
 +module to be installed on the server.
 +---------
 +  * Type: Boolean
 +  * Default: 0
 +
 +As the name suggests, this is a hack and not recommended. Safemode 
 +itself is a setting that even the developers of PHP despise, it will be 
 +removed from future PHP versions all together.
 +
 +If you can, disable PHP's safemode instead of using this hack. Many 
 +providers will disable it for your site if you ask them nicely.
 +
 +===== When to use this hack =====
 +
 +On some hosts with restrictive settings there are limitations on PHP'
 +filesystem functions, e.g. mkdir() etc. To be more specific, the 
 +settings are:
 +
 +  - safe_mode = On
 +  - safe_mode_gid = Off
 +
 +A first indication for the need of the SafeMode Hack is the encounter of
 + error messages like this:
 +
 +  Writing ....../data/cache/9/9243162ecf6295fc6a1c487ca46c20fe.i failed
 +
 +The directory ''..../data/cache/9/'' will exist((check this, if doesn'
 +exist you probably have a different problem)) but it will not be 
 +writable by DokuWiki. This is a typical symptom of the safe mode 
 +restriction. DokuWiki can't write to directories created by itself.
 +
 +===== Usage =====
 +
 +To enable it, set ''safemodehack'' to ''1'' and enter your FTP 
 +credentials into the config file. (i.e. ''conf/local.php'' Or just go to
 + the [[plugin:config|Configuration Manager]], which offers a great GUI 
 +for changing settings of DokuWiki.)
 +
 +If you have already tried running DokuWiki without the 
 +[[safemodehack|Safemodehack Option]], you have to **remove the 
 +subdirectories of /data/cache** to have them recreated with the correct 
 +UID in order for everything to work. 
 +
 +Example Config:
 +
 +<code php>
 +$conf['safemodehack'] = 1;
 +$conf['ftp']['host'] = 'localhost';
 +$conf['ftp']['port'] = '21';
 +$conf['ftp']['user'] = 'user';
 +$conf['ftp']['pass'] = 'password';  // plain text (see below)
 +$conf['ftp']['root'] = '/home/user';
 +</code>
 +
 +You may need to relax the directory permissions as well to make sure the
 + webserver is allowed to write to the new directories. The safemodehack 
 +alone may not solve the problem, since your FTP user has probably a 
 +different UID than the webserver. Change the [[config:dmode]] option 
 +from 0755 to 0777 may be required.
 +
 +==== Security Warning ====
 +
 +Using this method requires your ftp password to be stored in plain text 
 +in one of DokuWiki's configuration files.  These files may be world 
 +readable.
 +
 +Since Release Candidate 2009-01-26 the password may be 
 +//obscured//((this is not meant to be security, simply to prevent casual
 + revelation)) by being uuencoded. Setting the password using the 
 +admin/config settings page will do this automatically.
 +
 +==== Which value to use for the root option ====
 +
 +When DokuWiki tries to create a directory it strips the root part from 
 +the path before creating it over FTP. To do so it needs some info about 
 +the environment it will find at your FTP-server.
 +
 +Imagine you installed DokuWiki in ''/home/user/htdocs/dokuwiki'' with 
 +''/home/user/htdocs/dokuwiki/data'' as datadir. When you log in with FTP
 + you are [[man>chroot|chrooted]] to '/home/user', which means 
 +creating a directory ''/foo'' through FTP will really result in a 
 +directory ''/home/user/foo'' on the server. To tell DokuWiki about this 
 +you need to set ''$conf['ftp']['root']'' to ''/home/user/''.
 +
 +So if DokuWiki tries to create the directory 
 +''/home/user/htdocs/dokuwiki/data/mynamespace'' the safemode hack strips
 + the root part resulting in ''htdocs/dokuwiki/data/mynamespace'' this 
 +directory then will be created via FTP.
 +
 +If your FTP Server doesn't use any chroot (eg. you can [[man>cd]] up 
 +to ''/'' of the WebServer) you can leave the root option empty.
 +
 +To find the place where your are chrooted to on a webhost you first have
 + to find out the //absolute path// in which DokuWiki resides. This is 
 +usually something like 
 +''/srv/www/htdocs/your-ftp-username/html/dokuwiki'', but you can find it
 + out, by e.g. checking the PHP environment using this short script:
 +
 +<code php><?php phpinfo(); ?></code>
 +
 +This will print the webserver's PHP settings on the screen where you 
 +will find all the details. When you have the absolute path, log into 
 +your FTP account and compare what you see there with this path. Try 
 +moving to upper directories until it you reach the top. Now look which 
 +part of the absolute path you can see. If you are chrooted you probably 
 +can only see the ''html'' directory.
 +
 +So, if for example the username for your webspace is web123, and if you 
 +are chrooted to /srv/www/htdocs/web123, you have to set the root value 
 +to:
 +
 +<code>$conf['ftp']['root'] = 
 +'/srv/www/htdocs/web123';</code>
 +
 +===== Notes =====
 +
 +  * My ISP has both these safe_mode settings (see [[http://mcode1.free.fr|one of my sites]] for php_info), and I create pages with no need for the hack. It may depend on other variables too ([[mailto:dw-safe@mmichel.freesurf.fr|mathiasm]]). 
 +    * //Possible Answer:// The main difference between my non working settings and those of your ISP is that in your case PHP is run as CGI (Server API: CGI) where as in my case PHP is set up as Apache2 module (Server API: Apache 2.0 Handler). Might that be the cause that makes your installation work despite the safe_mode settings?
 +
 +  * **I did a "mkdir 1 2 3 4 5 6 7 8 9 0 a b c d e f" in data/cache and chmoded all these to 777. This seems to be a workaround, too.**
 +    * This is not really a solution, because DokuWiki needs to create subdirectories for [[:namespaces]] as well, with the above method you'll still not be able to create new namespaces
 +    * **If you don't need new namespaces, this is a workaround!**
 +
 +  * Even if you use the Safemode Hack, [[tips:disabled_functions|disabled php functions]] ((check the ''disable_functions'' value in [[phpfn>phpinfo]] output)) could break PHP output.
 +
 +  * The safemodehack may only work if you have the possibility of using the ftp service. I tried it with only webdavs available. Neither the ftp-hack nor a similar webdav configuration worked. So I'll have to try something else.
 +
 +===== See also =====
 +
 +  * [[:config:|Configuring DokuWiki]]
  
  
  
config/safemodehack.1307603325.txt.gz · Last modified: 2011-06-09 09:08 by 90.132.213.19
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki

Global DokuWiki Links