Setup Cacti on Subdomain with RRDTool error

    Quote from Sunghost


    Syslog:


    edit:
    mainproblem is still the path to php binary, i tried /usr/share/php which is written as open_basedir by default. you wrote /usr/bin/php, should i add this to open_basedir?


    Where did you get that cron job from? It's completely wrong!
    First of all, there is no php bin at /usr/share/php. Do a ls and see for yourself.
    Second, it really doesn't help to have "> /dev/null 2>&1" while trying to debug! Google what this does, and you'll understand.
    By the way: debian has a default cron for cacti which works perfectly. ;)

    The cron is from an howto for debian and is for crontab -e of user cacti, which i not have. i dont know how to find / notize or know what php bin is ?! sorry. i see that its an directory with lot of files and pear and so on, but for what ?! while iam still using squeeze i wouldnt use the cacti package and installed from website, which should be no problem.
    the cron is:

    Code
    1. */5 * * * * vuxxx /usr/share/php /var/www/virtual/domain.de/subdomain/htdocs/poller.php > /dev/null 2>&1

    and your right with dev/null i know that, but thought it would log to syslog but not to bash/screen - ok i have to learn a lot ,) but thats why there are help like this... thx


    ok what i should i do - add the open_basedir with /usr/bin/php ok? and ?
    [hr]
    ok changed as i wrote /usr/bin/php and its ok for cacti ;) thx, but why have i in open_basedir usr/share/php for what and what is the conclusion and disadvantag of doing this?
    [hr]
    Ok after changing the php path i get this:

    Edited once, last by Sunghost ().

    Quote from Sunghost


    while iam still using squeeze i wouldnt use the cacti package and installed from website, which should be no problem.


    It would be a lot easier however if you are new to all of this ;)


    Quote from Sunghost

    but thought it would log to syslog


    No, if you redirect all output into nothing, how should it end up in syslog?


    Quote from Sunghost


    ok changed as i wrote /usr/bin/php and its ok for cacti ;)


    You could have just used 'php'. No need to give the path.


    Quote from Sunghost


    but why have i in open_basedir usr/share/php for what and what is the conclusion and disadvantag of doing this?


    Read the PHP documentation about open_basedir and you will understand that. But keep in mind that there are different php.ini files on your system! The CLI uses a different one than the PHP from apache.

    Quote


    You could have just used 'php'. No need to give the path.


    how do you mean this? i mean the path in cacti which i have to setup. should i only enter php???


    i read the php doc for open_basedir and i know of that and i know the differences in i-mscp for the different php.ini. but i have not enough knowledge to know any point of attack o security risk of that.

    Quote from Sunghost


    how do you mean this? i mean the path in cacti which i have to setup. should i only enter php???


    You are mixing things up. You can use 'php' in the cron directly because it will find the binary. Type in php anywhere on your console and you will see it works. It's defined in the shell path variable. For the same reason you can use things like 'less', 'wget', etc anywhere.


    Quote from Sunghost


    i read the php doc for open_basedir and i know of that and i know the differences in i-mscp for the different php.ini. but i have not enough knowledge to know any point of attack o security risk of that.


    First of all: If you do not modify the defaults, i-MSCP already has safe settings!


    If you include more directories in open_basedir (or disable the feature) the PHP process can access those directories. Directories not listed there can not be accessed. This is a PHP security feature.


    BUT: The user the PHP process is running with, still needs rights on the dir/file.


    So even if someone finds a security hole in the open_basedir function, the attacker will only have the rights he has with the user you are running PHP with. If you run it with root, well, then he might get root rights.

    Quote

    You are mixing things up. You can use 'php' in the cron directly because it will find the binary.

    Ok i know, i do the whole tiime, but in the settings of cacti i must enter the path of it. as far as i understand the cron calls the poll.php which runs futher commands over php to get rrd-data and other thinks. perhaps you give me the line for cron and cacti so i know what you mean with mix things - perhaps we talk about diffent ways ;) actually i got the graph but no data.


    edit: ok after searching i changed the crontab to php /cacti/poller.php and have no errors for this, but still no data in graph - will check
    [hr]
    Well done - it works. Many thx MuhKuh. Finaly i will check the open_basedir changes i have done and try to change it to default. many thx so far

    Edited once, last by Sunghost ().