mod-security-users

[mod-security-users] Error using chroot functionality

[Daniel P. <dan...@ho...>]

I compiled mod_security-1.8.2 into apache_1.3.31. Everything seems to be ok. 
I wanted to chroot it to /chroot/apache. I also tried to bring the log files 
into the chrooted file system under /chroot/apache/logs/access_log ang 
error_log. When I try to start the service I get an error that [error] (2)No 
such file or directory: could not open transfer lof file 
/chroot/apache/logs/access_log

The log and the directory do exist and the necessary file rights do exist!! 
any help would be appreciated.

_________________________________________________________________
MSN Premium: Up to 11 personalized e-mail addresses and 2 months FREE*   
http://join.msn.com/?pgmarket=en-ca&page=byoa/prem&xAPID=1994&DI=1034&SU=http://hotmail.com/enca&HL=Market_MSNIS_Taglines

Re: [mod-security-users] Error using chroot functionality

[Ivan R. <iv...@we...>]

Daniel Pinsky wrote:

> I compiled mod_security-1.8.2 into apache_1.3.31. Everything seems to be
> ok. I wanted to chroot it to /chroot/apache.

  Is your goal to have most of the files outside the
  jail or inside? What is the non-chroot path?


> The log and the directory do exist and the necessary file rights do
> exist!! any help would be appreciated.

  Did you configure module ordering as described in the manual?

-- 
ModSecurity (http://www.modsecurity.org)
[ Open source IDS for Web applications ]

[mod-security-users] Re: Error using chroot functionality

[Ulf S. <ste...@ze...>]

Daniel Pinsky <dan...@ho...> wrote:

> I compiled mod_security-1.8.2 into apache_1.3.31. Everything seems to be ok. 
> I wanted to chroot it to /chroot/apache. I also tried to bring the log files
> into the chrooted file system under /chroot/apache/logs/access_log ang
> error_log. When I try to start the service I get an error that [error] (2)No
> such file or directory: could not open transfer lof file
> /chroot/apache/logs/access_log
>
> The log and the directory do exist and the necessary file rights do exist!! 
> any help would be appreciated.

Could it be that you need to specify /logs/access_log as log directive? I'm
not familiar with mod_security's chroot feature but if you "manually" chroot
apache, you first call chroot() and afterwards apache evaluates the log
directive. That means that at the time apache reads its log directive there's
no more /chroot/apache/logs but only /logs. However, this could be wrong when
using mod_security to perform the chroot.


Regards,

Ulf

-- 
Ulf Stegemann
zeitform Internet Dienste