Webhook open_basedir restriction /dev/null

Question

Webhook open_basedir restriction /dev/null

rabauss opened this issue 5 years ago · comments

The undocumented feature of webhooks for gitlab is quite nice.
Allthough we had some trouble with open_basedir restriction:

Warning: fopen(): open_basedir restriction in effect. File(/dev/null) is not within the allowed path(s)

In a nutshell, I could not figure out where the output is redirected to dev/null. Maybe someone can help and optimize that, so the php.ini does not have to be updated.

The exception above is thrown in AbstractWebhook -> getResponse. Unfortunately the exception is not returned in https://github.com/ludofleury/satisfy/blob/bc3ecffe447927582f1b5609a6541fc78e305713/src/Playbloom/Satisfy/Webhook/AbstractWebhook.php#L44
This could get implemented like this:

 throw new ServiceUnavailableHttpException(null, $exception->getMessage());

Ramūnas Dronga · Answer 1 · Fri Jul 05 2019 22:07:08 GMT+0800 (China Standard Time)

@rabauss are You sure there is no /dev/null in Your satis configurations?

Ralf Baussenwein · Answer 2 · Mon Jul 08 2019 21:10:58 GMT+0800 (China Standard Time)

I could not find any setting to dev/null

Ramūnas Dronga · Answer 3 · Tue Jul 09 2019 23:01:48 GMT+0800 (China Standard Time)

I see, UnixPipes tries to open blackhole file as command output, when it is disabled.
https://github.com/symfony/symfony/blob/master/src/Symfony/Component/Process/Pipes/UnixPipes.php#L49
@rabauss please check latest master, should be fixed.

Ralf Baussenwein · Answer 4 · Mon Jul 22 2019 15:27:30 GMT+0800 (China Standard Time)

Thanks, for the fix!
For our scenario with our own gitlab it's working.