You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by "--[ UxBoD ]--" <ux...@splatnix.net> on 2011/05/04 17:05:10 UTC
Re: [users@httpd] Chroot a virtual host
----- Original Message -----
> ----- Original Message -----
> > Hi,
> >
> > I have noticed that when running Joomla, or in-fact any browsing
> > capable PHP code, I am able to navigate above my virtual host
> > document root and look at other virtual host files.
> >
> > How would one stop this ? I have taken a look at mod_chroot but
> > that
> > does not seem to work as ChrootDir can only be used in the main
> > configuration and not in the VirtualHost directive.
> >
> > For reference I am running Apache 2.2.17.
>
> I have tried to create a second instance of HTTP, running on port
> 8080, using the following conf:
>
> LoadModule chroot_module modules/mod_chroot.so
> LoadModule headers_module modules/mod_headers.so
> LoadModule rewrite_module modules/mod_rewrite.so
> LoadModule expires_module modules/mod_expires.so
> LoadModule auth_basic_module modules/mod_auth_basic.so
> LoadModule php5_module modules/libphp5.so
> LoadModule deflate_module modules/mod_deflate.so
>
> LoadFile /lib64/libnss_dns.so.2
>
> AddHandler php5-script php
>
> Listen 8080
>
> ChrootDir /www/somevhost.co.uk
> ServerRoot /
> DocumentRoot /htdocs
>
> RequestHeader Set Host www.somevhost.co.uk
> PidFile /var/run/apache2.pid
> Timeout 300
> KeepAlive On
> MaxKeepAliveRequests 100
> KeepAliveTimeout 15
>
> User somevhost.co.uk
> Group somevhost.co.uk
>
> HostnameLookups Off
> LogLevel warn
>
> ErrorLog /logs/error.log
> CustomLog /logs/access.log combined
>
> <IfModule dir_module>
> DirectoryIndex index.html index.php
> </IfModule>
>
> AccessFileName .htaccess
>
> <Files ~ "^\.ht">
> Order allow,deny
> Deny from all
> </Files>
>
> <Directory /htdocs>
> Order deny,allow
> Allow from all
> AllowOverride All
> </Directory>
>
> Though when I run :-
>
> /usr/local/apache/bin/httpd -f /www/somevhost.co.uk/conf/apache2.conf
> -k start
>
> it complains that it cannot find the DocumentRoot directory which
> would suggest that the Chroot is not taking place. If I use
> absolute paths then HTTPD does indeed start but a phpinfo() returns
> the path as being /www/somevhost.co.uk/htdocs instead of /htdocs.
>
> Any ideas what I could be doing wrong please ?
Finally got this to work as it appears to be a bug in Apache and you have to create a fake root eg. /www/somevhost.co.uk/www.
What I am struggling with is that the Joomla site works fine until you come to try and install a component or module. It loads up to 100% and then it just says it cannot install. All the permissions look fine and it was working before switching to a chroot environment. Any thoughts ?
--
Thanks, Phil