SOLVED - /dev/urandom in php.ini


I’m running nextcloud 20.0.4 on a stable debian with php7.3 and apache 2.4.

When I add open_basedir = /dev/urandom to /etc/php/7.3/apaches2/php.ini and restart apache my browser stays blank whenever I enter my nextcloud url. Unfortunately nextcloud.log stays empty. Apache’s error log says:
[mpm_prefork:notice] [pid 645] AH00173: SIGHUP received. Attempting to restart
[mpm_prefork:notice] [pid 16441] AH00163: Apache/2.4.38 (Debian) mod_fcgid/2.3.9 OpenSSL/1.1.1d configured – resuming normal operation

Any pointers as to what might be the problem here are much appreciated!

What do you expect to achieve by adding “open_basedir = /dev/urandom”? Afaik this is an invalid definition so that I’m personally not surprised that your server runs into an error condition.

I was following the nextcloud server hardening guideline. They explicitly state that it should be done …

Afaik, the guide doesn’t recommend to “set”" the parameter as you set, but to “include”" /dev/urandom in your configuration.

Please read the description of the open_basedir parameter in the PHP documentation to understand its purpose and how it should be set.

Here you will find information related to the urandom usage:

Cheers j-ed!
I didn’t know how to include more than one directory. A colon works :wink: as in:

open_basedir = /var/www/nextcloud/:/dev/urandom

Edited to reflect j-ed’s last comment.

BTW, /dev/urandom is a random number device and NOT a directory, so that the trailing slash might not be correct :wink: