* Togan Muftuoglu [Jan 19. 2002 08:47]:
compartment gives a message "Succesfully forked" and then I have httpd
shouting :-( and apache does not start what is I am missing
bad user name wwwrun
It's been a while since I played with this, but you may not have the
user specified in your httpd.conf file, as far as I remember, or I have
also done this whitout using this particular SuSE user (wwwrun).
Have a look at the changed Compartment script below; as far as I
remember it worked at some point, but have honestly no idea anymore...:
Joost
#!/bin/sh
# script being changed for apache...1/2001, by
#
# auto_chroot_script for named from the bind8 package and SuSEcompartment v0.8
# (c) 2000 by Marc Heuse
#
#
# compartment call (where this script is /chroot/bin/init_bind8):
# /usr/sbin/compartment --chroot /chroot/bind8 --init /chroot/bin/init_bind8 \
# --cap CAP_NET_BIND_SERVICE --fork --group root /usr/sbin/named
#
CHROOT_DIR="/chroot/apache" # chroot directory
OWNER="bin.bin" # user.group owner of all chrooted files
DEV_LOG="/chroot/dev/log" # add "-a /chroot/dev/log" to the syslogd start
DIR_LIST_755="/var/tmp /etc/httpd /lib /usr/bin /bin /dev /usr/local/httpd/htdocs/gif /usr/local/httpd/cgi-bin /usr/include/apache/xml /usr/local/httpd/icons /usr/lib/apache /usr/sbin /sbin/init.d /webhome"
DIR_LIST_1775="/tmp /var/run /var/log/httpd /var/state/httpd"
FILE_LIST="/usr/sbin/httpd /bin/sh /bin/cat /sbin/init.d/apache /usr/sbin/rcapache /usr/local/httpd/htdocs/gif/* /usr/local/httpd/htdocs/* /usr/local/httpd/cgi-bin/* /usr/local/httpd/icons/* /usr/lib/apache/* /usr/include/apache/* /usr/include/apache/xml/* /etc/localtime /etc/httpd/* /etc/nsswitch.conf /usr/bin/perl* /usr/lib/perl5/*/*/* \
/etc/resolv.conf /etc/services /etc/hosts /dev/null "
CHOWN_ROOT=""
CHGRP_ROOT="$DIR_LIST_1775"
# start
umask 022
export PATH="/usr/sbin:/sbin:/usr/bin:/bin"
rm -rf "$CHROOT_DIR"
mkdir -p -m 755 "$CHROOT_DIR" || exit 1
cd "$CHROOT_DIR"
for i in $DIR_LIST_755; do
mkdir -p -m 755 "$CHROOT_DIR/$i"
done
for i in $DIR_LIST_1775; do
mkdir -p -m 1775 "$CHROOT_DIR/$i"
done
#ln -s . usr
#ln -s bin sbin
#ln -s tmp var/tmp
for i in $FILE_LIST; do
LIB=`ldd $i 2> /dev/null |grep -v "not a "| awk '{print$ 3}'`
cp -a $i "$CHROOT_DIR/$i"
for j in $LIB; do
test -e "$CHROOT_DIR/$j" || cp -p "$j" "$CHROOT_DIR/lib"
done
done
ldconfig -r "$CHROOT_DIR" 2> /dev/null
chown -R $OWNER "$CHROOT_DIR"
for i in $CHOWN_ROOT; do
chown root "$CHROOT_DIR/$i"
done
for i in $CHGRP_ROOT; do
chgrp root "$CHROOT_DIR/$i"
done
test -e "$DEV_LOG" || {
echo "Warning: $DEV_LOG not found. Add \"-a $DEV_LOG\" to the syslogd startup."
exit 1
}
ln "$DEV_LOG" dev/log
cd $CHROOT_DIR
touch etc/passwd etc/group etc/shadow
chmod 400 etc/shadow
echo 'www:x:888:888:Web Account:/webhome:/usr/bin/False' > etc/passwd
echo 'www:x:888:' > etc/group
echo 'www:*:10882:-1:99999:-1:-1:-1:134537804' > etc/shadow
echo 'int main(int argc, char *argv[]) { return(1); }' > /tmp/False.c
cc -o bin/False /tmp/False.c
chmod 111 usr/bin/*
chmod 777 tmp
chmod +t tmp
mknod -m 666 dev/null c 1 3
chown -R 888:888 $CHROOT_DIR/usr/local/httpd/htdocs
chmod ugo+x $CHROOT_DIR/usr/local/httpd/cgi-bin*
----- End forwarded message -----
Joost