Changed Title to show Issue is about 4.0.

Confirmed issue on my plesk server, the following error is shown in the php error log.

[21-Jun-2018 10:16:12] WARNING: [pool testbed.example.co.uk] child 29054 said into stderr: "NOTICE: PHP message: PHP Warning: is_dir(): open_basedir restriction in effect. File(/var/lib/php/session) is not within the allowed path(s): (/var/www/vhosts/example.co.uk/:/tmp/) in /var/www/vhosts/example.co.uk/testbed.example.co.uk/libraries/vendor/joomla/session/src/Handler/FilesystemHandler.php on line 53"

[21-Jun-2018 10:16:12] WARNING: [pool testbed.example.co.uk] child 29054 said into stderr: "NOTICE: PHP message: PHP Warning: mkdir(): open_basedir restriction in effect. File(/var/lib/php/session) is not within the allowed path(s): (/var/www/vhosts/example.co.uk/:/tmp/) in /var/www/vhosts/example.co.uk/testbed.example.co.uk/libraries/vendor/joomla/session/src/Handler/FilesystemHandler.php on line 55"

The value for open_basedir = {WEBSPACEROOT}{/}{:}{TMP}{/}

the exact same webhost has no issues with a J3.8 install

Changing open_basedir = none allows the install to carry on

Changing open_basedir = none allows the install to carry on

@Kubik-Rubik could you take a look at this please

@brianteeman Yes, I will check tomorrow morning. Thank you for mentioning me!

if there is a plesk expert then we should take advantage of their expertise - thanks buddy

Okay, just analysed it in detail, this happens due to security restrictions in Plesk's PHP handler.

You need to add the path /var/lib/php/session to the open_basedir value to be able to start the installation process in Joomla! 4.

Go to the PHP settings and change the open_basedir value to:

{WEBSPACEROOT}{/}{:}{TMP}{/}{:}{/}var{/}lib{/}php{/}session{/}

TODO We should check why this is required in Joomla! 4 but not in all previous versions!

Before:

After:

See here for more information: https://support.plesk.com/hc/en-us/articles/115000278993-A-website-hosted-in-Plesk-is-not-accessible-open-basedir-restriction-in-effect

EDIT

We get the path diretly from the PHP settings (libraries/vendor/joomla/session/src/Handler/FileSystemHandler.php):

$path = $path ?: ini_get('session.save_path');

and the path is pre-defined to /var/lib/php/session which is not writeable due to the restriction mentioned above.

Hmm, I will report this internally to Plesk's dev team and see what we can do here! Thank you for reporting this.

@Kubik-Rubik Is there anything "we" need to do

@brianteeman Not at the moment, I'm still on this topic internally. I will keep you informed here!

great - thanks

Assuming there's not much more to be done here so closing

Hello,

I like to reopen this issue, since it is still ongoing in Joomla 4 Alpha 7.

The var/lib/php/sessions directory can be only read by root in Ubuntu 16.04. and Plesk.

A trace of the issue looks like this:

(1/1) RuntimeException
Could not create session directory "/var/lib/php/sessions"

in FilesystemHandler.php line 57
at FilesystemHandler->__construct('/var/lib/php/sessions')
in SessionFactory.php line 80
at SessionFactory->createSessionHandler(array('force_ssl' => false, 'name' => 'ea09bb364ef1bffd889e76b7a59035fc', 'expire' => 900))
in Session.php line 114
at Session->Joomla\CMS\Service\Provider{closure}(object(Container))
in Resource.php line 175
at Resource->getInstance()
in Container.php line 96
at Container->get('Joomla\Session\SessionInterface')
in Application.php line 53
at Application->Joomla\CMS\Installation\Service\Provider{closure}(object(Container))
in Resource.php line 175
at Resource->getInstance()
in Container.php line 96
at Container->get('Joomla\CMS\Installation\Application\InstallationApplication')
in app.php line 65
at require_once('/var/www/vhosts/sts-xxxxxx.de/php7x.sts-xxxxxxx.de/j4/installation/includes/app.php')
in index.php line 36

Since this is a standard setting in Plesk that seems to be set for security reasons, I guess another approach is necessary to address this problem. Setting another directory "session" with less secure settings seems like circumventing security.

This issue was not present in J 4 Alpha 4 if I am not mistaken, I happen to install only J 4 Alpha 7 on the same server after Alpha 4. The server is running J 3 versions without any issues.

Same here with version alpha 11.
Direct Admin
PHP 7.2.16

@Kubik-Rubik is there any plans from plesk on this subject?

@wilsonge I already discussed this with some core developers. This is not related to Plesk, but a bug in Joomla!'s filesystem handler. This problem will not only occur on Plesk servers but also on other systems (see comment above with Direct Admin). I will provide a fix for it asap!

@wilsonge @Pinkeltje @Twincarb @OrgasmicSweets

Please test this patch: joomla-framework/session#41

@Kubik-Rubik that makes some sense - i've dropped a comment there for some extra sanity checks however :)

@wilsonge Thanks, George. Already replied there! ;-)

The fix was merged. Thanks, George!

Issue can be closed. :-)

Merged over there. can you do a PR here to update composer. composer update joomla/session

Sure! Give me some minutes, need to update my fork... :-D

Set to "closed" on behalf of @alikon by The JTracker Application at issues.joomla.org/joomla-cms/20821

with #25424 and joomla-framework/session#41
thanks @Kubik-Rubik