[mod-security-users] Re: mod_security, apache2 and chroot -> help
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
[mod-security-users] Re: mod_security, apache2 and chroot -> help
|
From: David F. <Da...@me...> - 2005-01-15 12:38:38
|
Hi hanji, Have you really created these directories WITHIN the chroot jail? I assume you mean that these directories ARE the chroot area. > I've created the following directories within the chroot jail > > /var/chroot/apache/var/run > /var/chroot/apache/var/www > /var/chroot/apache/usr/lib/apache2 If you have this: SecChrootDir /var/chroot/apache You need to change the other config lines to these: ServerRoot /usr/lib/apache2 DocumentRoot /var/www/localhost/htdocs since the server doesn't "see" the first part of the path after the chroot command moves the apparent root directory to /var/chroot/apache I'm not sure if you really needed to move your /usr/lib/apache2 files to inside the chroot area. I have found that everything except the documents and the directory into which the pid file gets written can be left outside. The exception to this is adding these libraries libnss_dns.so.2 libnss_files.so.2 libresolv.so.2 which get used by php, and some Smarty php extension that are read when php files are accessed. The libraries above are always linked to the php module dynamically (I can't remember why, but you can't avoid it) so if you use php they need to be in there. I hope this help, David. -- ------------------------------------------------- Email: Da...@me... ------------------------------------------------- |
