> I'm definitely not a PHP guru
same
i've ever seen an "open_basedir" of a single file...
PHP docs: "...to the specified directory-tree, including the file itself.". debatable for me...
anyway, updating to this easier and maintainable solution.
Search Criteria
Package Details: pi-hole-server 5.18.3-4
Package Actions
Git Clone URL: | https://aur.archlinux.org/pi-hole-server.git (read-only, click to copy) |
---|---|
Package Base: | pi-hole-server |
Description: | The Pi-hole is an advertising-aware DNS/Web server. Arch adaptation for lan wide DNS server. |
Upstream URL: | https://github.com/pi-hole/pi-hole |
Keywords: | ad block pi-hole |
Licenses: | EUPL-1.2 |
Conflicts: | pi-hole-standalone |
Submitter: | max.bra |
Maintainer: | max.bra (graysky) |
Last Packager: | max.bra |
Votes: | 112 |
Popularity: | 0.126624 |
First Submitted: | 2016-01-13 12:50 (UTC) |
Last Updated: | 2024-08-10 12:32 (UTC) |
Dependencies (18)
- bc (bc-ghAUR)
- bind-tools (bind-developmentAUR, bind-gitAUR, bind)
- inetutils (inetutils-gitAUR, busybox-coreutilsAUR)
- iproute2 (iproute2-gitAUR, busybox-coreutilsAUR, iproute2-selinuxAUR)
- jq (jq-gitAUR)
- logrotate (logrotate-gitAUR, logrotate-selinuxAUR)
- lsof (lsof-gitAUR)
- netcat (nmap-netcatAUR, openbsd-netcat-gitAUR, gnu-netcat-svnAUR, gnu-netcat, openbsd-netcat)
- perl (perl-gitAUR)
- pi-hole-ftlAUR
- procps-ng (procps-ng-gitAUR, busybox-coreutilsAUR)
- sudo (fake-sudoAUR, polkit-fakesudoAUR, sudo-gitAUR, doas-sudo-shimAUR, doas-sudo-shim-minimalAUR, sudo-hgAUR, sudo-selinuxAUR, fudo-gitAUR)
- git (git-gitAUR, git-glAUR) (make)
- lighttpd (optional) – a secure, fast, compliant and very flexible web-server
- nginx-mainline (nginx-quic-openssl-hgAUR, nginx-quic-libresslAUR) (optional) – lightweight http server
- php-cgi (optional) – CGI and FCGI SAPI for PHP needed only for lighttpd
- php-fpm (optional) – FastCGI process manager for php needed for nginx
- php-sqlite (optional) – sqlite db access for nginx
Required by (2)
- padd-git
- pi-hole-whitelist-git (optional)
Sources (15)
- 01-pihole.conf
- https://raw.githubusercontent.com/max72bra/pi-hole-server-archlinux-customization/master/arch-server-admin-5.21-4.patch
- https://raw.githubusercontent.com/max72bra/pi-hole-server-archlinux-customization/master/arch-server-core-5.18.3-4.patch
- lighttpd.pi-hole.conf
- mimic_basic-install.sh
- mimic_setupVars.conf.sh
- nginx.pi-hole.conf
- pi-hole-gravity.service
- pi-hole-gravity.timer
- pi-hole-logtruncate.service
- pi-hole-logtruncate.timer
- pi-hole-server-admin-5.21.tar.gz
- pi-hole-server-core-5.18.3.tar.gz
- pi-hole.tmpfile
- piholeDebug.sh
Latest Comments
« First ‹ Previous 1 .. 69 70 71 72 73 74 75 76 77 78 79 .. 82 Next › Last »
max.bra commented on 2016-06-05 14:35 (UTC)
napgravy commented on 2016-06-05 13:54 (UTC) (edited on 2016-06-05 13:57 (UTC) by napgravy)
I'm definitely not a PHP guru, but the PHP documentation suggests a single file can be specified. http://php.net/manual/en/ini.core.php#ini.open-basedir
I've added "/etc/hosts" here and it seems okay, but to test it out, I modified the Pi-Hole data.php file to add another "file_exists" check on a different file in /etc/. ie.
$hostname = file_exists("/etc/hostname") ? file("/etc/hostname") : array();
I started the admin page in my browser and sure enough, journal errors were generated indicating "/etc/hostname" isn't within the allowed path(s).
Unless I'm missing something, it appears you don't have to expose all of "/etc" -- just "/etc/hosts". :)
EDIT -- just noticed you solved it another way in your recent changes. :)
max.bra commented on 2016-06-04 20:03 (UTC)
hi napgravy, thanks for reporting.
you are right:
[ $hosts = file_exists("/etc/hosts") ? file("/etc/hosts") : array(); ] in data.php line 4, committed on 16 Apr (02f6517b55c59b76f928ed52c476109e2d4c2c4a)
is creating the issue you submitted...
not as easy as it looks: to allow /etc/hosts we need to open_basedir ALL /etc directory, and is not really a good idea although presumably none of our "pihole" is publicly exposed to the network.
give me some time to see what can be done without distorting the original project.
suggestions are welcome.
napgravy commented on 2016-06-04 15:59 (UTC)
Hello!
/srv/http/pihole/admin/data.php attempts a "file-exists" on "/etc/hosts" (line 4)
When you are viewing the pi-hole admin page in your browser, this generates many errors in the journal because "/etc/hosts" is not in the open_basedir path. Easy enough to fix by adding "/etc/hosts" to the open_basedir path in lighttpd.conf. :)
...something to consider for a future package update.
max.bra commented on 2016-04-21 05:38 (UTC)
hi atraii, thanks for reporting.
It happened with commits of 15 and 16 January to make whitelist and blacklist independent. I have not seen them... :-(
Atraii commented on 2016-04-21 00:20 (UTC)
The helper scripts are using the debian service commands (/usr/bin/whitelist.sh) and don't work correctly to restart the systemd service. Just a heads up while you're de-debian'izing the installer.
max.bra commented on 2016-04-13 06:56 (UTC)
hi zer0t3ch, thanks for reporting. done.
zer0t3ch commented on 2016-04-13 00:03 (UTC)
I also just submitted an issue about this on their GitHub tracker.
https://github.com/pi-hole/pi-hole/issues/463
zer0t3ch commented on 2016-04-12 23:32 (UTC)
Should gravity.sh possibly be modified in this package for us? Line 22 is using dpkg-query.
max.bra commented on 2016-04-11 14:04 (UTC)
hi zerojay!
> https://www.reddit.com/r/pihole/comments/4eae4f/pihole_v262_released_major_bug_fixed/
>
> Probably should bump the package due to this major bug in 2.6.1.
sure i should!! thanks for reporting.
> Also, I cannot seem to find pihole.sh, added in 2.6: https://github.com/pi-hole/pi-hole/wiki/The-%22pihole%22-Command
this package, as description said, is an adaptation of original pi-hole distro for archlinux. original pihole distro support raspbian.
pihole.sh is merely a wrapper for other commands already present in this package. and also, pihole.sh manage commands absolutely not supported (uninstall for example) and absolutely not to be executed.
for now, pihole.sh is unnecessary and dangerous.
Pinned Comments
max.bra commented on 2018-02-09 16:45 (UTC) (edited on 2019-10-18 23:14 (UTC) by max.bra)
ArchLinux Pi-hole is not officially supported by Pi-hole project. In case of bugs and malfunctions please DO NOT file a report upstream.
First of all check if the wiki (https://wiki.archlinux.org/index.php/Pi-hole) can help then ask here for assistance and tips.
When it will be excluded that the problem does not depend on ArchLinux we will file a bug upstream.