Re: Apache in chroot on Solaris 9

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: users@xxxxxxxxxxxxxxxx
Subject: Re: Apache in chroot on Solaris 9
From: Igor Cicimov <icicimov@xxxxxxxxx>
Date: Thu, 6 Aug 2009 12:27:02 +1000
In-reply-to: <92D3C2F9-166F-427A-9891-55990CA94E3C@xxxxxxxxxxxx>
Reply-to: users@xxxxxxxxxxxxxxxx

Thanks Nick, that was a good pointer. I enabled the su command in chroot and copied over some of the libraries linked to it:

cp /usr/lib/libbsm.so.1 /chroot/usr/lib/libbsm.so.1
cp /usr/lib/libproject.so.1 /chroot/usr/lib/libproject.so.1
cp /usr/lib/libpam.so.1 /chroot/usr/lib/libpam.so.1
cp /usr/lib/libproc.so.1 /chroot/usr/lib/libproc.so.1
cp /usr/lib/librtld_db.so.1 /chroot/usr/lib/librtld_db.so.1
cp /usr/lib/libelf.so.1 /chroot/usr/lib/libelf.so.1

and that did the trick. I guess the libpam was missing and that was the reason for authentication not working properly.

Now I have some other problems. When I try to start the server with SSL enabled I get the following error:

[Thu Aug 06 12:04:31 2009] [info] Init: Seeding PRNG with 136 bytes of entropy
[Thu Aug 06 12:04:31 2009] [info] Init: Generating temporary RSA private keys (512/1024 bits)
[Thu Aug 06 12:04:32 2009] [info] Init: Generating temporary DH parameters (512/1024 bits)
[Thu Aug 06 12:04:32 2009] [error] (2)No such file or directory: Cannot create SSLMutex

Also the mod_rewrite complains too:

[Thu Aug 06 12:21:35 2009] [crit] (2)No such file or directory: mod_rewrite: could not create rewrite_log_lock
Configuration Failed

I have the following devices created in chroot:

# ls -l /chroot/dev
total 0
crw-rw-rw-   1 root     other     13, 2 Aug 5 18:02 null
crw-r--r--   1 root     other    190, 0 Aug 5 18:03 random
crw-rw-rw-   1 root     other     41, 0 Aug 5 17:27 udp
crw-r--r--   1 root     other    190, 1 Aug 5 18:03 urandom
crw-rw-rw-   1 root     other     13, 12 Aug 5 18:02 zero

Thanks again for your help.

Cheers,

Igor

On Thu, Aug 6, 2009 at 10:30 AM, Nick Kew <nick@xxxxxxxxxxxx> wrote:

On 6 Aug 2009, at 01:06, Igor Cicimov wrote:

Hi all,

I have built and install apache2.2.11 on solaris 9 and all is working fine but when I put the server in chroot I faced some problems. More specifically the server complains about the user I'm running apache under and says "can't find the user with the given UID". My chroot is /chroot and when i built it I have transfered the /etc/passwd, /etc/group, /etc/netconfig, /etc/resolv.conf and /etc/hosts files into /chroot/etc directory and I have transfered all the libraries linked to the httpd process that I could find with ldd and truss. Any idea what am I still missing?

man chroot

What happens when (in a shell) you perform the same chroot then su
to the apache user/group?

If that doesn't tell you anything useful, tell us whether you're apache
within a chroot, or using Apache's ChrootDir.

--
Nick Kew

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
" from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx

Follow-Ups:
- Re: Apache in chroot on Solaris 9
  - From: Igor Cicimov

References:
- Apache in chroot on Solaris 9
  - From: Igor Cicimov
- Re: Apache in chroot on Solaris 9
  - From: Nick Kew

Prev by Date: Re: Apache in chroot on Solaris 9
Next by Date: Re: Apache in chroot on Solaris 9
Previous by thread: Re: Apache in chroot on Solaris 9
Next by thread: Re: Apache in chroot on Solaris 9
Index(es):
- Date
- Thread

[Index of Archives] [Open SSH Users] [Linux ACPI] [Linux Kernel] [Linux Laptop] [Kernel Newbies] [Security] [Netfilter] [Bugtraq] [Squid] [Yosemite News] [MIPS Linux] [ARM Linux] [Linux Security] [Linux RAID] [Samba] [Video 4 Linux] [Device Mapper]

Powered by Linux