Return-Path: Delivered-To: apmail-httpd-users-archive@www.apache.org Received: (qmail 79352 invoked from network); 20 Jul 2005 04:58:07 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199) by minotaur.apache.org with SMTP; 20 Jul 2005 04:58:07 -0000 Received: (qmail 66211 invoked by uid 500); 20 Jul 2005 04:57:54 -0000 Delivered-To: apmail-httpd-users-archive@httpd.apache.org Received: (qmail 66183 invoked by uid 500); 20 Jul 2005 04:57:53 -0000 Mailing-List: contact users-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: users@httpd.apache.org list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list users@httpd.apache.org Received: (qmail 66170 invoked by uid 99); 20 Jul 2005 04:57:53 -0000 Received: from asf.osuosl.org (HELO asf.osuosl.org) (140.211.166.49) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 19 Jul 2005 21:57:53 -0700 X-ASF-Spam-Status: No, hits=0.0 required=10.0 tests= X-Spam-Check-By: apache.org Received-SPF: pass (asf.osuosl.org: local policy) Received: from [81.169.141.125] (HELO h170368.serverkompetenz.net) (81.169.141.125) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 19 Jul 2005 21:57:48 -0700 Received: from localhost (localhost [127.0.0.1]) by h170368.serverkompetenz.net (Postfix) with ESMTP id 05EFC464080 for ; Wed, 20 Jul 2005 06:57:50 +0200 (CEST) Received: from h170368.serverkompetenz.net ([127.0.0.1]) by localhost (h170368 [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 10457-09 for ; Wed, 20 Jul 2005 06:57:47 +0200 (CEST) Received: from iD4CC1949.versanet.de (iD4CC1949.versanet.de [212.204.25.73]) by h170368.serverkompetenz.net (Postfix) with ESMTP id 0D1D7464058 for ; Wed, 20 Jul 2005 06:57:47 +0200 (CEST) From: dAniel hAhler To: users@httpd.apache.org Date: Wed, 20 Jul 2005 06:57:55 +0200 User-Agent: KMail/1.8.1 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline Message-Id: <200507200657.55979.apache-users@thequod.de> X-Virus-Scanned: by amavisd-new-20030616-p10 (Debian) at localhost X-Virus-Checked: Checked by ClamAV on apache.org Subject: [users@httpd] suexec with mod_chroot: "command not in docroot" X-Spam-Rating: minotaur.apache.org 1.6.2 0/1000/N Hi, I've installed mod_chroot for Apache (2.0.53-Ubuntu), but have now problems= =20 with suexec complaining: [2005-07-20 06:28:13]: uid: (1003/xxxxx) gid: (1003/1003) cmd:=20 php4-fcgi-starter [2005-07-20 06:28:13]: command not in docroot=20 (/fcgi-scripts/web2/php4-fcgi-starter) php4-fcgi-starter is a script that should start php-fcgi (I'm using=20 mod_fastcgi). My suexec-docroot is "/", because of mod_chroot: # /usr/lib/apache2/suexec2 -V -D AP_DOC_ROOT=3D"/" -D AP_GID_MIN=3D100 -D AP_HTTPD_USER=3D"www-data" -D AP_LOG_EXEC=3D"/var/log/apache2/suexec.log" -D AP_SAFE_PATH=3D"/usr/local/bin:/usr/bin:/bin" -D AP_UID_MIN=3D100 -D AP_USERDIR_SUFFIX=3D"public_html" Therefor I have rebuild the Ubuntu package from source (got the error "cann= ot=20 get docroot information (/var/www)" before). =46rom suexec.c it is this part that throws the error: if ((strncmp(cwd, dwd, strlen(dwd))) !=3D 0) { log_err("command not in docroot (%s/%s)\n", cwd, cmd); exit(114); } I'm not sure, what cwd and dwd are set to, but it errors here.. :( btw: this error message should be changed into something more verbose: log_err("command (%s/%s) not in docroot (%s)\n", cwd, cmd, dwd); like some of the others, too. It is really frustrating and would be much easier in my humble opinion, if= =20 suexec would have a chroot() functianality. Do you have any suggestions? Is it a bug in suexec? Thanks for any ideas and suggestions. --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See for more info. To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org " from the digest: users-digest-unsubscribe@httpd.apache.org For additional commands, e-mail: users-help@httpd.apache.org