[mod-security-users] RE: Dynamic Disable Post Scanning / Chroot issue
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
[mod-security-users] RE: Dynamic Disable Post Scanning / Chroot issue
|
From: <mic...@km...> - 2004-10-14 04:02:07
|
Hi Ivan,
Problem on disable post scanning fixed using the CVS version.
Now, i try to use the chroot function of mod_security. So far everything
okay. The environment is Apache2 + PHP + MySQL runing Xoops (a content
management system). To communicate with MySQL, i need to set up a hard
link in the chrooted environment for "mysql.sock".
However, in RedHat 8, logrotate will be used to apache log reorganization.
Following is the details:
/var/log/httpd/*log {
missingok
notifempty
sharedscripts
postrotate
/bin/kill -HUP `cat /var/run/httpd.pid 2>/dev/null` 2> /dev/null
|| true
endscript
}
When signal -HUP is received, apache cannot restart. Initially, the
configuration file not found (httpd.conf). After created the files in the
chrooted environment, it
changed to:
Syntax error on line 6 of /etc/httpd/conf2.d/auth_pgsql.conf:
Cannot load /etc/httpd/modules/mod_auth_pgsql.so into server:
/etc/httpd/modules
/mod_auth_pgsql.so: cannot open shared object file: No such file or
directory
If all modules need to be copied, it defeat the beauty of mod_security's
chroot. Any suggestion or solution on this issue?
Regards,
Michael
-----------------------------------------------------------------------------------------------------------
KMB E-mail Disclaimer
This e-mail may contain confidential, proprietary or legally privileged
information and is intended for the attention and use of the
addressee(s) only. If you are not the intended recipient of this
message, you must not copy, use or disclose any part of its
contents. Please notify the sender immediately and delete this
message from your system.
The KMB Group and each of its affiliates and the sender of this
message shall not be responsible or liable for any errors or omissions
in the contents of this message as secure or error free e-mail
transmission cannot be guaranteed. Information sent via e-mail
could arrive late or contain viruses or be intercepted, corrupted,
lost, destroyed, or incomplete. Unless otherwise stated, any
information given in this message is indicative only and is subject to
our formal written confirmation.
|
