LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (http://www.linuxquestions.org/questions/linux-security-4/)
-   -   chroot jail (http://www.linuxquestions.org/questions/linux-security-4/chroot-jail-4959/)

simon 08-01-2001 12:24 PM

chroot jail
 
I'm trying to set up a chroot jail to run Apahe from. So far everything seems to have worked but when I try to run apache (I'm using apachectl to start/stop apache) I get
"/usr/sbin/apachectl: /chroot/httpd/: is a directory
/usr/sbin/apachectl start: httpd started"

When I use ps the httpd process is not running. The page does not load in my browser and when I try to stop apache it tells me that it isn't running. The line in apachectl that specifies where httpd is located is "HTTPD=chroot /chroot/httpd/ /usr/sbin/httpd -DSSL"

Anyone have any ideas for what I can try?

simon 08-01-2001 01:24 PM

I got it sort of working by putting the chroot command and its parameters in quotes. Now the error message I get is

"chroot: cannot execute /usr/sbin/httpd: No such file or directory
/usr/sbin/apachectl start: httpd could not be started"

httpd is in /usr/sbin in my chroot area. When I try to run it from there directly I get errors saying that it couldn't open the config file. This is because its looking for the config file in the wrong place (because when I run it it doesn't think its in the / directory). How can I get chroot to recognize that httpd is there and run it?

simon 08-01-2001 03:16 PM

I found some info on the net that suggested that a possible cause was that I didn't have all of the shared libraries I needed in the chroot directory. For some reason when I run ldd I get this error

"httpd: error in loading shared libraries: httpd: cannot open shared object file: No such file or directory"

ldd was working properly yesterday. I tried it on other programs outside the chroot directory and it has the exact same problem. Any suggestions would be greatly appreciated.

r3b00t 08-05-2001 08:21 PM

Get and build lsof. Start your httpd normally (eg. not rooted), and do lsof -p <pid of httpd> to get a listing of all open files httpd needs.

Rereate this set of files, devices and all that is needed by httpd (eg. the lsof output) in the /chroot/httpd directory. Once you have done this, try to start httpd. If you copied all the needed files in place, httpd should be running (if you're that lucky...). Probaby there will be some paths in your configfile pointing to the wrong position, but that's easily fixed.

After that, youre done.... :p


All times are GMT -5. The time now is 09:24 AM.