Hello, I'm running a Gentoo-hardened box with PHP 5.2.14-pl0-gentoo (Suhosin included) and Apache 2.2.16. mod_php is running in a chroot, using mpm_peruser. Everything works OK, except the PHP DNS resolving, which I need to access HTTP resources. It fails with both the curl and http extensions. With some stracing of the Apache child processes I found that PHP is trying to access the following files: hosts, nsswitch.conf, resolv.conf and the libnss libraries. I've copied them to the chroot, but the resolving still fails. strace showed failed accesses to /dev/urandom and /dev/log, but mounting /dev in the chroot didn't help. My php.ini can be found at [1]. I'm setting the following additional flags in the vhost configuration: engine on open_basedir "/htdocs:/sessions:/tmp" session.save_path "/sessions" upload_tmp_dir "/tmp" Does anybody run similar chroot-ed PHP? Any help will be appreciated! Thanks in advance! [1] http://forkbomb.nl/temp/php.ini
Attachment:
signature.asc
Description: PGP signature
