Re: mod_fcgid problem in chroot: (38)Function not implemented

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Dear all,

To reply to myself: I resolved the problem by doing: 

mount --rbind /dev /chroot/apache/dev/

Kind regards,
Robbie
From: Robbie Roerbak <robbieroerbak@xxxxxxxxxxx>
Sent: 31 January 2024 17:45
To: users@xxxxxxxxxxxxxxxx <users@xxxxxxxxxxxxxxxx>
Subject: mod_fcgid problem in chroot: (38)Function not implemented
 
Dear all,

Wishing you a good day. My day could have been better, I've been battling a problem with mod_fcgid in combination with ModSecurity's SecChrootDir feature, which chroots the webserver into /chroot/apache. The virtualhosts live under this and it's a nice feature.

As soon as I enable mod_fcgid, Apache fails to start with the following error message:

[fcgid:emerg] [pid 5344] (38)Function not implemented: mod_fcgid: Can't create shared memory for size 1200712 bytes

My OS is Ubuntu 20.04 LTS.

I've tried:
  • ensuring /chroot/apache/var/run/fcgid_shm and fcgidsock exist with mode 1777
  • creating /chroot/apache/dev/shm with mode 1777
  • using 'strace apache2ctl start' to see what syscall is being attempted, and hacking the apachectl script to start Apache directly even in the presence of $need_systemd so that it runs Apache directly - still I don't get any useful information from this
  • The error disappears whenever I disable the chroot functionality, but for security reasons I'd really like to keep the chroot enabled.

Can anyone give me a hint to further debug this problem?

Kind regards,
Robbie
[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux