PHPmyadmin, Neginx Error.Log - Check Group Www-Data Has Read Access and Open_Basedir

phpmyadmin, neginx error.log - Check group www-data has read access and open_basedir

Here's my configuration:

drwxr-xr-x 3 root root 4096 feb 14 10:05 phpmyadmin/

that's for folder. And for those two files:

-rw-r-----  1 root     www-data   60 feb 14 10:05 blowfish_secret.inc.php
-rw-r-----  1 root     www-data    0 feb 14 10:05 config.inc.php

Hope this will help. Also check for php5-mcrypt extension. If it's not working properly, use

sudo php5enmod mcrypt

to install it, and then just restart ngnix. here are commands:

chmod 755 /var/lib/phpmyadmin
chmod 664 /var/lib/blowfish_secret.inc.php
chmod 664 /var/lib/config.inc.php

those commands should work. :)

phpmyadmin complains about permissions and open_basedir - but they all appear correct

Turns out this is a rather misleading message from phpmyadmin:

Check group www-data has read access and open_basedir restrictions.

But anyone running multiple sites, using php-fpm and concerned at all about security will have separate pools for each site.

The solution, in my particular case was:

chown -R phpma:phpma /var/lib/phpmyadmin
chown -R phpma:phpma /etc/phpmyadmin
chown -R phpma:phpma /usr/share/phpmyadmin

Then sudo dpkg-reconfigure -plow phpmyadmin

Incidentally, it appears that doing a package install on Ubuntu splatters files all over the place, and it goes a little something like this:

/etc/phpmyadmin/config.inc.php

includes the following files in this order, which really won't need touching unless you want to up the login cookie validity.

/var/lib/phpmyadmin/blowfish_secret.inc.php // self explanatory
/var/lib/phpmyadmin/config.inc.php // LoginCookieValidity etc
/etc/phpmyadmin/config-db.php // Leave this one alone
/usr/share/phpmyadmin/config.inc.php // auth, host, connection etc

I hope this helps someone else at any rate.

phpMyAdmin errors while accessing config.inc.php and blowfish_secret.inc.php

There are a couple of odd things about your setup, one of which is that package managers would usually put configuration files in etc/phpmyadmin, not /var/lib/phpmyadmin. In addition, version 4.6.6 is quite old.

If you want to continue to troubleshoot your existing installation, I suggest you start looking in to whether there are any open _basedir restrictions. Look at the output of phpinfo().

Create a new text file in your webserver root directory. You can call it whatever you'd like, such as phpinfo.php. The text file should contain

<?php
phpinfo();

Load that up in your browser and search the output for open_basedir. That will show what you have configured, and also near the top there's a section that will tell you which configuration files are being read, so you can start guessing where to fix it if there is a misconfiguration.

Upgrading

If your PHP and MySQL versions will support it (and PHP 7.2 will, so you are probably okay), I suggest installing the recent version from the phpMyAdmin PPA. You should first remove what you can on your local system of the existing phpMyAdmin package, including the /var/lib/phpmyadmin and /etc/phpmyadmin folders (the usual disclaimer about making a backup first applies even though none of this should be destructive). You may wish to save your configuration file config.inc.php if you've made customizations that you want to keep.

These should be compatible and updated.

Easy automatic install

Probably you only need two lines to add the PPA, then you can search for 'phpmyadmin' with your favorite package managing tool such as aptitude:

sudo add-apt-repository ppa:phpmyadmin/ppa
sudo apt-get update

Manual install

If your system doesn't have apt-repository or something else goes wrong, there are manual instructions there, which are basically this:

You probably have to add the PPA as an apt source, which you can do with

sudo echo "deb http://ppa.launchpad.net/phpmyadmin/ppa/ubuntu bionic main" > /etc/apt/sources.list.d/phpmyadmin.list

Try to update apt: apt-get update. You'll probably get a key error, which we expect because you don't have the proper key to verify downloads yet. When you get the error, note the key ID.

Retrieve the key: apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 2EA3055293CB3F45 (at the moment, that is the key that I needed, but that could change, so it's better to copy and paste it from the error message and substitute that in this command).

Finally, you can update the package list again with apt-get update then install the phpmyadmin package with your favorite apt-flavored tool.

Error in phpMyAdmin after updating to v4.8.0: The $cfg['TempDir'] (./tmp/) is not accessible

Solution was to create a folder called tmp like this: /usr/share/phpmyadmin/tmp.

Also make sure that the user (or group) running the webserver (e.g. Apache) has write access to the newly created tmp folder. Consequently, change the ownership to that user or add write access for all users. The latter one might not be really advisable.

Cannot start session without errors in phpMyAdmin

Problem usually lies on your browser end.

You need to flush your browser cache, delete the cookies for the server/host and then retry loading phpMyAdmin.

If you want to go all out, clear out the session folder on the server as well.

One possible reason for this is a session data mismatch between the browser and the webserver causing it to not be able to pull out the required session info and dumping this error dialogue on your lap.

open_basedir restriction in effect. File(/) is not within the allowed path(s):

Modify the open_basedir settings in your hosting account and set them to none. Find the open_basedir setting given under 'PHP Settings' area of your Plesk/cPanel. Set it to 'none' from the dropdown given there.
I have shown them in the Plesk panel picture.

PHPMyAdmin 500 Internal Server Error in Apache

One thing is that it could be because the PHPMyAdmin version and the PHP version do not work together well.

You can see this answer https://stackoverflow.com/a/65969268/12154890. I don't wanna post the same thing multiple times.

phpMyAdmin not using config file

The official distribution of phpMyAdmin (the file you downloaded from phpmyadmin.net) defaults to the configuration file in the main phpMyAdmin directory. Because of standards (usually FHS or some close variation), most Linux distributions require their packages to put configuration files in /etc/ and the actual program files elsewhere. Odds are you either at one time had the packaged version on your system or followed a guide meant for the distribution's version.

You should edit/copy/modify the config.inc.php in your main phpMyAdmin directory where you uncompressed the download, rather than the files in /etc/phpmyadmin/ which aren't used by your phpMyAdmin.

My guess is the reason for this error now instead of with version 4.9 is probably related to a security hardening decision to require a stronger blowfish secret phrase in more recent phpMyAdmin versions.

---

Related Topics