httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Foster, Stephen \(ASPIRE\)" <steve.fos...@hmrcaspire.com>
Subject [users@httpd] Problems using chroot'd apache under Linux SLES10
Date Mon, 17 Sep 2007 11:11:45 GMT
Hi all,

I have created a chroot to run my apache in under SLES10. I have previously done this in solaris
and it worked perfectly , however differences in linux are causing problems for me when starting.

Apache 2.2.4 has been built and installed and the required apache and OS libraries and files
have been copied into the chroot directory hierarchy.
when i start apache it complains of the following:

[Mon Sep 17 13:12:11 2007] [crit] (EAI 2)Name or service not known: alloc_listener: failed
to set up sockaddr for grid2
Syntax error on line 4 of /opt/app/apache/conf/httpd.conf:
Listen setup failed

I have tracked this down to required access to the /var/run/nscd/socket file, i can resolve
this by doing a read-only mount bind of /var/run/nscd into my jail, however this is not ideal
as it exposes my password and shadow files to the world albeit owned by the root user and
not readable by anyone else.

The built apache seems to want to use nscd as a caching-daemon for any name related call regardless
of settings in nsswitch.conf. And i need to use hostnames in my configurations to allow portability
across multiple web servers.

Has anyone successfully jailed apache in SLES10 and got round this issue?

cheers in advance

Steve

Capgemini is a trading name used by the Capgemini Group of companies which includes Capgemini
UK plc, a company registered in England and Wales (number 943935) whose registered office
is at No. 1 Forge End, Woking, Surrey, GU21 6DB.
This message contains information that may be privileged or confidential and is the property
of the Capgemini Group. It is intended only for the person to whom it is addressed. If you
are not the intended recipient, you are not authorized to read, print, retain, copy, disseminate,
distribute, or use this message or any part thereof. If you receive this message in error,
please notify the sender immediately and delete all copies of this message.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message