[Bug]: flood of errors is_file(): open_basedir restriction in effect. File(/proc/cpuinfo) after 25 > 26 update

[willemb2]

⚠️ This issue respects the following points: ⚠️

• This is a bug, not a question or a configuration/webserver/proxy issue.
• This issue is not already reported on Github (I've searched it).
• Nextcloud Server is up to date. See Maintenance and Release Schedule for supported versions.
• Nextcloud Server is running on 64bit capable CPU, PHP and OS.
• I agree to follow Nextcloud's Code of Conduct.

Bug description

After updating Nextcloud server from 25.0.6 to 26.0 every activity results in an error in the log like:

[PHP] Error: is_file(): open_basedir restriction in effect. File(/proc/cpuinfo) is not within the allowed path(s): (/home/<account>/:/tmp:/var/tmp:/opt/alt/php74/usr/share/pear/:/dev/urandom:/usr/local/lib/php/:/usr/local/php74/lib/php/) at /home/<account>/domains/example.com/public_html/cloud/lib/private/Preview/Generator.php#351

GET /index.php/core/preview?fileId=464&c=c5edf881068c4f84bc6c9eb94f3cdcc9&x=375&y=375&forceIcon=0&a=1
from 2a10:3781:15:1:64d0:faf:896:88ea by <admin account> at 2023-04-23T20:44:04+00:00

This never occurred before the update (installed may 2022)

Steps to reproduce

1. Install Nextcloud on shared hosting using the web installer
2. Use it for a year without notable issues
3. Update from 25.0.6 to 26.0
4. Look in Administration settings > Logging

Expected behavior

Clean log or only warnings

Installation method

Community Web installer on a VPS or web space

Nextcloud Server version

26

Operating system

RHEL/CentOS

PHP engine version

PHP 8.1

Web server

Other

Database engine version

MySQL

Is this bug present after an update or on a fresh install?

Updated to a major version (ex. 22.2.3 to 23.0.1)

Are you using the Nextcloud Server Encryption module?

None

What user-backends are you using?

• Default user-backend (database)
• LDAP/ Active Directory
• SSO - SAML
• Other

Configuration report

No SSH acces, but this is what the Support link provides:

Server configuration detail

Operating system: Linux 3.10.0-962.3.2.lve1.5.79.el7.x86_64 #1 SMP Wed Mar 15 09:10:44 UTC 2023 x86_64

Webserver: Apache/2 (litespeed)

Database: mysql 10.3.38

PHP version: 8.1.17

Modules loaded: Core, date, libxml, openssl, pcre, sqlite3, zlib, bz2, calendar, ctype, curl, hash, filter, ftp, gettext, json, iconv, SPL, pcntl, readline, Reflection, session, standard, mbstring, shmop, SimpleXML, tokenizer, xml, litespeed, bcmath, dom, fileinfo, gd, imagick, imap, intl, exif, mcrypt, mysqli, mysqlnd, PDO, pdo_mysql, pdo_sqlite, Phar, posix, soap, sockets, sodium, sysvsem, xmlreader, xmlwriter, xsl, zip, ionCube Loader, Zend OPcache

Nextcloud version: 26.0.1 - 26.0.1.1

{
    "instanceid": "***REMOVED SENSITIVE VALUE***",
    "passwordsalt": "***REMOVED SENSITIVE VALUE***",
    "secret": "***REMOVED SENSITIVE VALUE***",
    "trusted_domains": [
        "cloud.example.com"
    ],
    "datadirectory": "***REMOVED SENSITIVE VALUE***",
    "dbtype": "mysql",
    "version": "26.0.1.1",
    "overwrite.cli.url": "https:\/\/cloud.example.com",
    "dbname": "***REMOVED SENSITIVE VALUE***",
    "dbhost": "***REMOVED SENSITIVE VALUE***",
    "dbport": "",
    "dbtableprefix": "oc_",
    "mysql.utf8mb4": true,
    "dbuser": "***REMOVED SENSITIVE VALUE***",
    "dbpassword": "***REMOVED SENSITIVE VALUE***",
    "installed": true,
    "mail_smtpmode": "smtp",
    "mail_smtpsecure": "tls",
    "mail_sendmailmode": "smtp",
    "mail_smtphost": "***REMOVED SENSITIVE VALUE***",
    "mail_smtpport": "587",
    "mail_from_address": "***REMOVED SENSITIVE VALUE***",
    "mail_domain": "***REMOVED SENSITIVE VALUE***",
    "mail_smtpauthtype": "LOGIN",
    "mail_smtpauth": 1,
    "mail_smtpname": "***REMOVED SENSITIVE VALUE***",
    "mail_smtppassword": "***REMOVED SENSITIVE VALUE***",
    "maintenance": false,
    "theme": "",
    "loglevel": 2,
    "default_language": "nl",
    "default_locale": "nl_NL",
    "defaultapp": "files",
    "default_phone_region": "NL",
    "skeletondirectory": "\/home\/<account>\/domains\/example.com\/public_html\/clouddata\/skeleton",
    "templatedirectory": ""
}

List of activated Apps

Enabled:
 - activity: 2.18.0
 - auto_groups: 1.5.1
 - bruteforcesettings: 2.6.0
 - circles: 26.0.0
 - cloud_federation_api: 1.9.0
 - comments: 1.16.0
 - contactsinteraction: 1.7.0
 - dashboard: 7.6.0
 - dav: 1.25.0
 - federatedfilesharing: 1.16.0
 - federation: 1.16.0
 - files: 1.21.1
 - files_external: 1.18.0
 - files_pdfviewer: 2.7.0
 - files_rightclick: 1.5.0
 - files_sharing: 1.18.0
 - files_trashbin: 1.16.0
 - files_versions: 1.19.1
 - firstrunwizard: 2.15.0
 - logreader: 2.11.0
 - lookup_server_connector: 1.14.0
 - nextcloud_announcements: 1.15.0
 - notifications: 2.14.0
 - oauth2: 1.14.0
 - password_policy: 1.16.0
 - photos: 2.2.0
 - privacy: 1.10.0
 - provisioning_api: 1.16.0
 - recommendations: 1.5.0
 - related_resources: 1.1.0-alpha1
 - settings: 1.8.0
 - sharebymail: 1.16.0
 - support: 1.9.0
 - survey_client: 1.14.0
 - systemtags: 1.16.0
 - text: 3.7.2
 - theming: 2.1.1
 - twofactor_backupcodes: 1.15.0
 - updatenotification: 1.16.0
 - user_status: 1.6.0
 - viewer: 1.10.0
 - workflowengine: 2.8.0
Disabled:
 - admin_audit
 - apporder: 0.15.0
 - backup: 1.2.0
 - encryption
 - groupfolders: 14.0.1
 - serverinfo: 1.14.0
 - suspicious_login
 - twofactor_totp
 - user_ldap
 - weather_status: 1.4.0

Nextcloud Signing status

No errors have been found.

Nextcloud Logs

Hundreds of:

[PHP] Error: is_file(): open_basedir restriction in effect. File(/proc/cpuinfo) is not within the allowed path(s): (/home/<account>/:/tmp:/var/tmp:/opt/alt/php74/usr/share/pear/:/dev/urandom:/usr/local/lib/php/:/usr/local/php74/lib/php/) at /home/<account>/domains/example.com/public_html/cloud/lib/private/Preview/Generator.php#351

GET /index.php/core/preview?fileId=464&c=c5edf881068c4f84bc6c9eb94f3cdcc9&x=375&y=375&forceIcon=0&a=1
from 2a10:3781:15:1:64d0:faf:896:88ea by <admin account> at 2023-04-23T20:44:04+00:00

Additional info

See this forum topic.

This has similarities with #27759 but that one is closed, was generated by a different .php and was about different directories so IMHO this a new bug.

Like on most shared hosting we cannot edit php.ini but the DirectAdmin panel allowed us to add /proc/cpuinfo to the open_basedir. I still believe this should not be needed.

Opinions I heard/read, but I'm no developer, so I cannot judge:

• Our provider: "open_basedir? Are they really using that?

In the forum topic mentioned above:

• "The problem was introduced by this commit"
• "cpuinfo is not the right wau to do this, alternative suggested"

On php.net:

Caution

open_basedir is just an extra safety net, that is in no way comprehensive, and can therefore not be relied upon when security is needed.

[solracsf]

Can you edit:

/lib/private/Preview/Generator.php

line 296. Replace:

public static function getHardwareConcurrency(): int {
	static $width;
	if (!isset($width)) {
		if (is_file("/proc/cpuinfo")) {
			$width = substr_count(file_get_contents("/proc/cpuinfo"), "processor");
		} else {
			$width = 0;
		}
	}
	return $width;
}

with:

public static function getHardwareConcurrency(): int {
	static $width;
	if (!isset($width)) {
		$width = is_readable("/proc/cpuinfo") ? substr_count(file_get_contents("/proc/cpuinfo"), "processor") : 0;
	}
	return $width;
}

and report back if this fixes the issue.

[willemb2]

After that I get almost the same error but with is_readable() instead of is_file():

[PHP] Error: is_readable(): open_basedir restriction in effect. File(/proc/cpuinfo) is not within the allowed path(s): (/home/loopnl/:/tmp:/var/tmp:/opt/alt/php74/usr/share/pear/:/dev/urandom:/usr/local/lib/php/:/usr/local/php74/lib/php/) at /home/<account>/domains/example.com/public_html/cloud/lib/private/Preview/Generator.php#351

GET /index.php/core/preview?fileId=1929&c=c3e327397686b8bea57acee8cf9881a6&x=375&y=375&forceIcon=0&a=1
from 2a10:3781:15:1:6c27:7a00:66fc:36a0 by hansh at 2023-04-25T12:52:55+00:00

[solracsf]

Thanks. Mind to try:

public static function getHardwareConcurrency(): int {
	static $width;
	if (!isset($width)) {
		if (function_exists('ini_get')) {
			$openBasedir = ini_get('open_basedir');
			if ($openBasedir == '') {
				$width = is_readable('/proc/cpuinfo') ? substr_count(file_get_contents('/proc/cpuinfo'), 'processor') : 0;
			} else {
				$openBasedirPaths = explode(':', $openBasedir);
				foreach ($openBasedirPaths as $path) {
					if (strpos($path, '/proc') === 0 || $path === '/proc/cpuinfo') {
						$width = is_readable('/proc/cpuinfo') ? substr_count(file_get_contents('/proc/cpuinfo'), 'processor') : 0;
					} else {
						$width = 0;
					}
				}
			}
		} else {
			$width = 0;
		}
	}
	return $width;
}

[kesselb]

In serverinfo we are using @file_get_contents('/proc/cpuinfo').
The @ operator will supress the open basedir warning:

php -d open_basedir=/var/www -r "var_dump(file_get_contents('/proc/cpuinfo'));"
php -d open_basedir=/var/www -r "var_dump(@file_get_contents('/proc/cpuinfo'));"

To read /proc/cpuinfo every time we need a preview generator is a bit weird.
I would prefer a static value with a sensible default instead of this magic. Too much magic is just calling for trouble.

[solracsf]

Sure, but I just hate @ 😆
But if that's the way to go...

[kesselb]

I understand. It was just a suggestion. If you prefer to check open_basedir go ahead.

The runtime check for the number of cores is weird anyway. It's unlikely to change ;)

[solracsf]

The runtime check for the number of cores is weird anyway. It's unlikely to change ;)

Agree.

[willemb2]

Thanks. Mind to try:

public static function getHardwareConcurrency(): int {
  static $width;
  if (!isset($width)) {
  	if (function_exists('ini_get')) {
  		$openBasedir = ini_get('open_basedir');
  		if ($openBasedir == '') {
  			$width = is_readable('/proc/cpuinfo') ? substr_count(file_get_contents('/proc/cpuinfo'), 'processor') : 0;
  		} else {
  			$openBasedirPaths = explode(':', $openBasedir);
  			foreach ($openBasedirPaths as $path) {
  				if (strpos($path, '/proc') === 0 || $path === '/proc/cpuinfo') {
  					$width = is_readable('/proc/cpuinfo') ? substr_count(file_get_contents('/proc/cpuinfo'), 'processor') : 0;
  				} else {
  					$width = 0;
  				}
  			}
  		}
  	} else {
  		$width = 0;
  	}
  }
  return $width;
}

That seems to work. I'm not getting new errors. I cannot say something usefull about performance. This is a very small setup, around 10 users, < 100 documents.