ISPConfig 3, a ninja sets my open_basedir

Question

I have a PHP library that I'd like to share to several vhosts on my server, but the open_basedir directive is causing troubles.

I use ISPConfig 3 to manage the sites.

PHP Warning: include(): open_basedir restriction in effect. File(/var/toaster/latest/__server/core/cms.php) is not within the allowed path(s): ([cut:several paths]) in [cut] on line 5

phpinfo() says:

Loaded Configuration File: /etc/php5/cgi/php.ini
open_basedir: [cut:several paths] (local & master value)

/etc/php5/cgi/php.ini says:

;open_basedir =

/usr/local/ispconfig/server/conf/vhost.conf.master says:

<tmpl_if name='security_level' op='==' value='20'>
php_admin_value open_basedir <tmpl_var name='php_open_basedir'>
</tmpl_if>

but /etc/apache2/sites-enabled/[cut: domain].vhost says:

absolutely nothing about open_basedir

---

All this means that something unknown to me sets my open_basedir directive. What, Where?

Answer 1

Was much easier and obvious than expected.
In the "Options" panel of the "Web Domain" in ISPConfig there is a textbox labeled PHP open_basedir. I still don't know which exact config file that is going to create or edit, but it works.

Also worth mentioning for this textbox - the default value when creating a new site can be changed in:

System >> Server Config >> Web >> PHP Settings >> PHP open_basedir

Answer 2

Thank you so much for the answer! I looked everywhere, and the answer was right there on the options screen! Thank you, thank you, thank you!

After further investigation, ISPConfig executes php-cgi when a vhost starts. The starter script is in /var/www/php-fcgi-scripts/web?/.php-fcgi-starter, where the ? represents the site number within the client. The open_basedir is passed as a parameter to the startup. That's why overriding in the individual php.ini doesn't work. At least, that's how it's configured when the site is fast-cgi / su-exec.