Re: [mod-security-users] suExec doesn't work using SecChroot

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

I saw this entry in the strace output -

13591 open("/var/log/apache2/suexec_log", O_WRONLY|O_APPEND|O_CREAT,
0666) =3D -1 EACCES (Permission denied)
13591 write(2, "failed to open log file\n", 24) =3D 24

Do you have the directory and suexec_log in the chroot structure and
with the appropriate permissions?

--=20
Ryan C. Barnett
ModSecurity Community Manager
Breach Security: Director of Application Security Training
Web Application Security Consortium (WASC) Member
CIS Apache Benchmark Project Lead
SANS Instructor, GCIA, GCFA, GCIH, GSNA, GCUX, GSEC
Author: Preventing Web Attacks with Apache
=20
=20

> -----Original Message-----
> From: mod...@li... [mailto:mod-
> sec...@li...] On Behalf Of Marco
Squarcina
> Sent: Monday, June 25, 2007 12:37 PM
> To: Christian Bockermann
> Cc: Mod Security
> Subject: Re: [mod-security-users] suExec doesn't work using SecChroot
>=20
> On Mon, Jun 25, 2007 at 05:41:13PM +0200, Christian Bockermann wrote:
> > [...]
> >   - Can you strace your apache-startup? Or does it fail as in the
> > thread?
>=20
> Ok I managed to get a strace. I'm not good at all doing this kind of
> things, so I apologize if I did something wrong:
>=20
> strace command:
> 	strace -f -o apache.pid /usr/sbin/apache2 -D DEFAULT_VHOST
\
> 		-D PHP5 -D SECURITY -d /usr/lib/apache2
\
> 		-f /etc/apache2/httpd.conf -k start
>=20
> strace output:
> 	http://www.minimalblue.com/apache.pid
>=20
> Thanks for your help :)
> --
> Marco Squarcina >|<  www.minimalblue.com >|< GPG key: 6E47BFC5
>=20
>=20
>
------------------------------------------------------------------------
-
> This SF.net email is sponsored by DB2 Express
> Download DB2 Express C - the FREE version of DB2 express and take
> control of your XML. No limits. Just data. Click to get it now.
> http://sourceforge.net/powerbar/db2/
> _______________________________________________
> mod-security-users mailing list
> mod...@li...
> https://lists.sourceforge.net/lists/listinfo/mod-security-users