Re: [mod-security-users] Failed to access DBM file
Brought to you by:
victorhora,
zimmerletw
From: Brian R. <Bri...@br...> - 2008-10-02 15:36:33
|
Come_Again Come_Again wrote: > > My apache errorlog file is full with this kind of errors: > > [Thu Oct 02 16:14:20 2008] [error] [client 77.161.197.138] ModSecurity: > Failed to access DBM file "/var/log/modsecurity/data/resource": > Permission denied [hostname "www.mydomain.com"] [uri > "/forum/index.php/topic,343178.30.html"] [unique_id > "1Tmxkn8AAQEAACqYoCgAAAAJ"] > > > For testing I've made this directory /var/log/modsecurity/data/ rwx for > uga, but to no avail. I'm still getting this error. > > I'm running Ubunty Hardy and I've also tried to disable AppArmor but > still i'm getting this error. You should try to do the following, which will verify access is correct or you will get an error: $ sudo su - www-data $ cd /var/log/modsecurity/data \ && touch resource.pag \ && touch resource.dir In short, the www-data (or whatever user you are using to run apache) will need at a bare minimum of +x for all paths up to /var/log/modsecurity and +rwx on /var/log/modsecurity/data. Typically, it would be o+x for paths up to /var/log/modsecurity and 2770 (rwxrws---) to /var/log/modsecurity/data with a www-data group. If you are using chroot, then those will be in the jail. If that still is not working, then I'll need some context as there are a few places in the code you can get that error. Please send to me privately: 1) ModSecurity version 2) Complete level 9 debug output showing a few of these errors (sanitize it first if need be) 3) Need to see permissions on all paths and files: ls -lad /var ls -lad /var/log ls -lad /var/log/modsecurity ls -lad /var/log/modsecurity/data ls -la /var/log/modsecurity/data/ thanks, -B -- Brian Rectanus Breach Security |