You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by ���� �� <b_...@yahoo.com.cn> on 2002/03/01 07:25:13 UTC

help about chroot in apache

hello all guys!
:P
here some questions: I wanna ask u all. Please give me
answers.Thank u .
One of these question is about chroot,as I want to
develop the security level in my computer, I made a
chroot environment.
In this chroot envirnment,
1 .I create some directories ,such as
/chroot;/chroot/dev;/chroot/bin;/chroot/lib;/chroot/usr;/chroot/tmp;/chroot/usr/local;/chroot/etc.
2. create /dev/null in this chroot
            mknod -m 666 /chroot/dev/null c 1 3
3. find some necessary libaries with apache,as
following:
            ldd /usr/local/apache/bin/httpd
4.I copy some files into these directories,as
following:
            cp /bin/sh /chroot/bin/
            cp /bin/cat /chroot/bin: because apache's
starting need print some infomations.
            cp /lib/libm.* /chroot/lib/
            cp /lib/libgdbm.* /chroot/lib/
            cp /lib/libdb.* /chroot/lib/
            cp /lib/libdl.* /chroot/lib/
            cp /lib/libc.* /chroot/lib/
            cp /lib/libnss.* /chroot/lib/

            cp /etc/passwd /chroot/etc

            cp /etc/shadow /chroot/etc
            cp /etc/shadow /chroot/etc
            cp /etc/group /chroot/etc
            cp /etc/resolv.conf /chroot/etc
            cp /etc/hosts /chroot/etc
            cp /etc/localtime /chroot/etc
            cp /etc/ld.so.* /chroot/etc
and next , I tried to start apache(BTW:the apache in
my computer include ssl+php+perl modules,and they can
start normally),as following:
            chroot /chroot
/usr/local/apache/bin/apachectl start
and the monitors told me apache server had already
started,then I tried to shutdown this server,as
following:
            chroot /chroot
/usr/local/apache/bin/apachectl stop
and the information returned to me is " the http
pid(16758?) not running".It proved the apache in the
chroot did not start.


At this time, I consider it as the result of some
crucial libaries not copied,then I copy all the
libaries to /chroot/lib directory. Repeated to start
and shutdown the apache server,I found the result is
same as former.

I don't understand what's wrong with my operation
steps.why can not the pid be created?

Can anybody help me?




__________________________________________________
Do You Yahoo!?
Yahoo! Greetings - Send FREE e-cards for every occasion!
http://greetings.yahoo.com

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org