Ivan Ristic wrote:
>> Can you tell me, though, what are the conditions the parent process
>> ID != 1? The children, of course, have the PPID of the 'mother'
>> Apache process; but the parent itself always seems to have PPID 1.
>> Are you referring to Apache being started from within a new shell,
>> or something?
> I haven't been able to pin-point that. My guess is that is a
> problem with timing since the ppid of the main process must,
> eventually, become 1. In the end I switched to a new, reliable,
The chroot issue is really why I am looking forward to 1.8. I cannot deploy
mod_security in a production environment yet, until that is resolved.
> BTW, I've also added a check to v1.8. If chroot fails for any
> reasons, Apache will refuse to serve requests.
I have a request, though. Can you make it so, that, instead of not serving
requests, Apache will exit? (with a log message, of course). I have several
cron scripts that monitor if any of the major daemons went down, and restart
them. Apache not serving requests, though, is not a condition I can easily,
and reliably, alert myself to (like a down daemon).
Besides, I believe it is quite fair for mod_security to treat not being able
to chroot as a critical, abortable, error, like Apache missing a log-file
(after which Apache exists too). Starting up "normally", but simply not
serving any requests, is the worst, really.
System Administrator Asarian-host.org
"If you were supposed to understand it,
we wouldn't call it code." - FedEx