Skip to content

web - Killer Mike Educates Stephen Colbert - Killer Mike tells you what you should do with your free time

A friend of mine forwarded me a video link with an interview from Killer Mike where he explain that he is talking to kids what life is all about and why Bernie Sanders should be the next president of the United States of America.
Well, president is something else, but what he said about "what to do with your life" and how I got it is pretty cool and fitting to my beliefs.
Go out of your community, especially when you earn enough money to pay your bills and buy stuff you are not need. Spend time with other people. You don't have to gave them money, but show them how to get things done and teach them things. This will give you more than money can buy. Whatever you want to buy will became irrelevant because your heart will be filled up with love.

howto - php composer - File(/etc/pki/tls/certs) is not within the allowed path(s) - on arch linux

Since a few days (or weeks?), I discovered the following issue on one of my Arch Linux system.
Whenever I try to use PHP's composer, I got the following issue:


[ErrorException]
is_dir(): open_basedir restriction in effect. File(/etc/pki/tls/certs) is not within the allowed path(s): (/srv/http/ [...]

Well, it didn't hurt that much since I am using (like every cool webkiddy is doing) docker or vagrant for my development. But this time, I needed to solve it since it is a customer edge case - so I solved it.
The how to I will show you is not the perfect way. I had two things in mind, try to minimize the place I have to adapt the php.ini. And try to keep the system as normal as possible. Until now, I can not estimate the security holes I opened with this setting. I will let you know if this how to turns out to be a "don't try this at home" thing.

So, what have I done?
First of all, I asked curl to tell me where it is looking for certificates by executing:


curl-config --ca
#output: /etc/ssl/certs/ca-certificates.crt

After that I had a look what this path is:

ls -halt /etc/ssl/certs/ca-certificates.crt
#output: [...] /etc/ssl/certs/ca-certificates.crt -> ../../ca-certificates/extracted/tls-ca-bundle.pem

So, with that knowledge it turned out that the following steps are reflecting my requirements mention above.

sudo mkdir -p /etc/pki/tls/certs
sudo ln -s /etc/ssl/certs/ca-certificates.crt /etc/pki/tls/certs/ca-certificates.crt
sudo vi /etc/php/php.ini
#add following lines to "open_basedir" configuration section
# :/etc/pki/tls/certs:/etc/ssl/certs

And that is it, composer should now be back in business.