[opensuse] Howto run Apache web server on read-only root file system
Hi all, I'm running the Apache web server 2.2.17 on an openSUSE 11.4 system. Out of security reasons I need to have the root file system mounted read-only. /var is mounted read/write on a separate partition, thus the log files do not cause any problem. When booting my system I get the following errors, due to read-only rootfs. mv: inter-device move failed: `/tmp/apache2.PLbqAdT67tqh' to `/etc/apache2/sysconfig.d/loadmodule.conf'; unable to remove target: Read-only file system /usr/share/apache2/get_module_list: line 113: /etc/apache2/sysconfig.d/global.conf: Read-only file system /usr/share/apache2/get_module_list: line 114: 3: Bad file descriptor /usr/share/apache2/get_module_list: line 136: 3: Bad file descriptor /usr/share/apache2/get_module_list: line 140: 3: Bad file descriptor /usr/share/apache2/get_module_list: line 141: 3: Bad file descriptor /usr/share/apache2/get_module_list: line 144: 3: Bad file descriptor /usr/share/apache2/get_module_list: line 151: 3: Bad file descriptor /usr/share/apache2/get_includes: line 15: /etc/apache2/sysconfig.d/include.conf: Read-only file system /usr/share/apache2/get_includes: line 16: 3: Bad file descriptor /usr/share/apache2/get_includes: line 43: 3: Bad file descriptor Does anybody have some experience with that topic and can provide a solution? I came up with two ideas. Either link the affected files to some place on var or try to remount rootfs rw in the apache2 init script and afterwards mount it ro again. Any suggestions, which idea to prefer and/or howto implement it in a reasonable way? Thanks, Moni http://www.telemotive.de ----------------------------------------------------------------------------------- Firmensitz: Telemotive AG - Breitwiesen - 73347 Mühlhausen Vorstand: Franz Diller, Markus Fischer, Markus Stolz Vorstandsvorsitzender: Peter Kersten Aufsichtsratsvorsitzender: Dipl. Kaufmann Thomas Derlien Amtsgericht: Ulm HRB 541321 ----------------------------------------------------------------------------------- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On 09/01/2011 02:38 AM, Monika Kistler wrote:
When booting my system I get the following errors, due to read-only rootfs.
mv: inter-device move failed: `/tmp/apache2.PLbqAdT67tqh' to `/etc/apache2/sysconfig.d/loadmodule.conf'; unable to remove target: Read-only file system /usr/share/apache2/get_module_list: line 113: /etc/apache2/sysconfig.d/global.conf: Read-only file system
I think you are going to have to provide a /tmp that is rw. Many processes rely on /tmp for various things during operation. Why not put /tmp on it's own partition and mount it as /tmp and rw? You will also need to check to see if there is some global setting for the 'temp' filesystem location. You may be able to simply point that to some dir on a rw partition and solve the problem that way. Others will have to weigh in on what that global setting is, if any, because I simply don't know. Also, if you point the temp file to something other than /tmp, you may have to rebuild any applications that are configured and built relying on a /tmp being present and rw. I think the best bet is just to make a /tmp and make it rw. Also, check, but I'm fairly certain that /tmp is a designated part of LSB standard. So that would also weigh in favor of a rw /tmp. Good luck, and anyone else that can fill in the gaps above, please chime in. -- David C. Rankin, J.D.,P.E. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
David C. Rankin wrote:
On 09/01/2011 02:38 AM, Monika Kistler wrote:
When booting my system I get the following errors, due to read-only rootfs.
mv: inter-device move failed: `/tmp/apache2.PLbqAdT67tqh' to `/etc/apache2/sysconfig.d/loadmodule.conf'; unable to remove target: Read-only file system /usr/share/apache2/get_module_list: line 113: /etc/apache2/sysconfig.d/global.conf: Read-only file system
I think you are going to have to provide a /tmp that is rw. Many processes rely on /tmp for various things during operation.
/tmp is fine, but the config that was created cannot be moved to /etc which is on root. The problem is that the apache startup script wants to modify the apache config on startup. -- Per Jessen, Zürich (24.6°C) -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Hi David, thanks a lot for your extensive answer.
I think you are going to have to provide a /tmp that is rw.
That indeed is a crucial point, which I unfortunately forgot to mention. Sorry for that. Our /tmp/ is linked to /var/roottmp/, thus it is writable: lrwxrwxrwx 1 root root 13 Jun 8 10:27 tmp -> /var/roottmp/ (A manual mktemp for example works out properly well.)
mv: inter-device move failed: `/tmp/apache2.PLbqAdT67tqh' to `/etc/apache2/sysconfig.d/loadmodule.conf'; unable to remove target: Read-only file system /usr/share/apache2/get_module_list: line 113: /etc/apache2/sysconfig.d/global.conf: Read-only file system
As I understand this error, it is not possible to move `/tmp/apache2.PLbqAdT67tqh' to `/etc/apache2/sysconfig.d/loadmodule.conf', because the latter is not writeable. Which again is due to the read-only rootfs. Cheers, Moni http://www.telemotive.de ----------------------------------------------------------------------------------- Firmensitz: Telemotive AG - Breitwiesen - 73347 Mühlhausen Vorstand: Franz Diller, Markus Fischer, Markus Stolz Vorstandsvorsitzender: Peter Kersten Aufsichtsratsvorsitzender: Dipl. Kaufmann Thomas Derlien Amtsgericht: Ulm HRB 541321 ----------------------------------------------------------------------------------- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On 01/09/11 04:38, Monika Kistler wrote:
Out of security reasons I need to have the root file system mounted read-only.
What security does that provide according to your appreciation ? I only see it as a false sense of security.
/var is mounted read/write on a separate partition, thus the log files do not cause any problem.
When booting my system I get the following errors, due to read-only rootfs.
mv: inter-device move failed: `/tmp/apache2.PLbqAdT67tqh' to `/etc/apache2/sysconfig.d/loadmodule.conf'; unable to remove target: Read-only file system /usr/share/apache2/get_module_list: line 113: /etc/apache2/sysconfig.d/global.conf: Read-only file system /usr/share/apache2/get_module_list: line 114: 3: Bad file descriptor /usr/share/apache2/get_module_list: line 136: 3: Bad file descriptor /usr/share/apache2/get_module_list: line 140: 3: Bad file descriptor /usr/share/apache2/get_module_list: line 141: 3: Bad file descriptor /usr/share/apache2/get_module_list: line 144: 3: Bad file descriptor /usr/share/apache2/get_module_list: line 151: 3: Bad file descriptor /usr/share/apache2/get_includes: line 15: /etc/apache2/sysconfig.d/include.conf: Read-only file system /usr/share/apache2/get_includes: line 16: 3: Bad file descriptor /usr/share/apache2/get_includes: line 43: 3: Bad file descriptor
Well, yes, apache generates a lot of configuration automatically at startup so you can use /etc/sysconfig/apache2, you need /etc writeble by root anyway... IMHO you are attempting to secure the wrong thing, without my appropiate dosis of caffeine I can instantly recall a lot of attack vectors for a webserver that dont require rootfs writable.. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Hi Cristian,
Out of security reasons I need to have the root file system mounted read-only.
once again, I propably wasn't distinct enough...
What security does that provide according to your appreciation ? I only see it as a false sense of security.
... I'm not talking about security in means of securing any attacks. We want to secure file system consistency, as the system I am developping for, is not guranteed to be properly shutdown by the user.
without my appropiate dosis of caffeine I can instantly recall a lot of attack vectors for a webserver that dont require rootfs writable..
I completely agree with you. Cheers, Moni http://www.telemotive.de ----------------------------------------------------------------------------------- Firmensitz: Telemotive AG - Breitwiesen - 73347 Mühlhausen Vorstand: Franz Diller, Markus Fischer, Markus Stolz Vorstandsvorsitzender: Peter Kersten Aufsichtsratsvorsitzender: Dipl. Kaufmann Thomas Derlien Amtsgericht: Ulm HRB 541321 ----------------------------------------------------------------------------------- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Thu, Sep 01, 2011 at 06:25:58PM +0200, Monika Kistler wrote:
Out of security reasons I need to have the root file system mounted read-only.
once again, I propably wasn't distinct enough...
What security does that provide according to your appreciation ? I only see it as a false sense of security.
... I'm not talking about security in means of securing any attacks. We want to secure file system consistency, as the system I am developping for, is not guranteed to be properly shutdown by the user.
Then boot it rw till everything is up and turn the fs in ro afterwards. An overlay fs might also be of use. Lars -- Lars Müller [ˈlaː(r)z ˈmʏlɐ] Samba Team SUSE Linux, Maxfeldstraße 5, 90409 Nürnberg, Germany
An overlay fs might also be of use.
That is an interesting point, which I will keep in mind, thanks for that hint. Moni http://www.telemotive.de ----------------------------------------------------------------------------------- Firmensitz: Telemotive AG - Breitwiesen - 73347 Mühlhausen Vorstand: Franz Diller, Markus Fischer, Markus Stolz Vorstandsvorsitzender: Peter Kersten Aufsichtsratsvorsitzender: Dipl. Kaufmann Thomas Derlien Amtsgericht: Ulm HRB 541321 ----------------------------------------------------------------------------------- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On 02/09/11 05:07, Monika Kistler wrote:
An overlay fs might also be of use.
That is an interesting point, which I will keep in mind, thanks for that hint.
Yes, it is a workaround.. nothing will save you from hardware failure anyway. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Hi all,
I came up with two ideas. Either link the affected files to some place on var or try to remount rootfs rw in the apache2 init script and afterwards mount it ro again.
I finally decided to link all the files, the apache2 init script wants to write on start up, to some location on var. As those files are all located in /etc/apache2/sysconfig.d/, I just had to link this directory to some other directory in /var: lrwxrwxrwx 1 root root 29 Sep 2 2011 /etc/apache2/sysconfig.d -> /var/lib/apache2/sysconfig.d/ The Apache web server is not that critical for our product, so that was the fastest and easiest to handle solution. Tanks to everybody for your great support, Moni http://www.telemotive.de ----------------------------------------------------------------------------------- Firmensitz: Telemotive AG - Breitwiesen - 73347 Mühlhausen Vorstand: Franz Diller, Markus Fischer, Markus Stolz Vorstandsvorsitzender: Peter Kersten Aufsichtsratsvorsitzender: Dipl. Kaufmann Thomas Derlien Amtsgericht: Ulm HRB 541321 ----------------------------------------------------------------------------------- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
participants (5)
-
Cristian Rodríguez -
David C. Rankin -
Lars Müller -
Monika Kistler -
Per Jessen