httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From dAniel hAhler <apache-us...@thequod.de>
Subject [users@httpd] suexec with mod_chroot: "command not in docroot"
Date Wed, 20 Jul 2005 04:57:55 GMT
Hi,

I've installed mod_chroot for Apache (2.0.53-Ubuntu), but have now problems 
with suexec complaining:

[2005-07-20 06:28:13]: uid: (1003/xxxxx) gid: (1003/1003) cmd: 
php4-fcgi-starter
[2005-07-20 06:28:13]: command not in docroot 
(/fcgi-scripts/web2/php4-fcgi-starter)

php4-fcgi-starter is a script that should start php-fcgi (I'm using 
mod_fastcgi).

My suexec-docroot is "/", because of mod_chroot:
# /usr/lib/apache2/suexec2 -V
 -D AP_DOC_ROOT="/"
 -D AP_GID_MIN=100
 -D AP_HTTPD_USER="www-data"
 -D AP_LOG_EXEC="/var/log/apache2/suexec.log"
 -D AP_SAFE_PATH="/usr/local/bin:/usr/bin:/bin"
 -D AP_UID_MIN=100
 -D AP_USERDIR_SUFFIX="public_html"

Therefor I have rebuild the Ubuntu package from source (got the error "cannot 
get docroot information (/var/www)" before).

From suexec.c it is this part that throws the error:
   if ((strncmp(cwd, dwd, strlen(dwd))) != 0) {
        log_err("command not in docroot (%s/%s)\n", cwd, cmd);
        exit(114);
    }

I'm not sure, what cwd and dwd are set to, but it errors here.. :(

btw: this error message should be changed into something more verbose:
 log_err("command (%s/%s) not in docroot (%s)\n", cwd, cmd, dwd);
like some of the others, too.

It is really frustrating and would be much easier in my humble opinion, if 
suexec would have a chroot() functianality.

Do you have any suggestions? Is it a bug in suexec?

Thanks for any ideas and suggestions.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message