[users@httpd] Re: mod_fcgid problem in chroot: (38)Function not implemented

[Robbie Roerbak <ro...@outlook.com>]

Dear all,

To reply to myself: I resolved the problem by doing:

mount --rbind /dev /chroot/apache/dev/

Kind regards,
Robbie
________________________________
From: Robbie Roerbak <ro...@outlook.com>
Sent: 31 January 2024 17:45
To: users@httpd.apache.org <us...@httpd.apache.org>
Subject: [users@httpd] mod_fcgid problem in chroot: (38)Function not implemented

Dear all,

Wishing you a good day. My day could have been better, I've been battling a problem with mod_fcgid in combination with ModSecurity's SecChrootDir feature, which chroots the webserver into /chroot/apache. The virtualhosts live under this and it's a nice feature.

As soon as I enable mod_fcgid, Apache fails to start with the following error message:

[fcgid:emerg] [pid 5344] (38)Function not implemented: mod_fcgid: Can't create shared memory for size 1200712 bytes

My OS is Ubuntu 20.04 LTS.

I've tried:

  *
ensuring /chroot/apache/var/run/fcgid_shm and fcgidsock exist with mode 1777
  *   creating /chroot/apache/dev/shm with mode 1777
  *
using 'strace apache2ctl start' to see what syscall is being attempted, and hacking the apachectl script to start Apache directly even in the presence of $need_systemd so that it runs Apache directly - still I don't get any useful information from this
  *
The error disappears whenever I disable the chroot functionality, but for security reasons I'd really like to keep the chroot enabled.

Can anyone give me a hint to further debug this problem?

Kind regards,
Robbie