Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

chrooting apache - pam problem?

Status
Not open for further replies.
localhost

localhost

ISP
Apr 29, 2002
8
DE
hi there,

i've been trying to chroot an apache for 2 days now, making directories, fetch information about libs with ldd, copying libs, binaries, important configs...

finally, when trying to:

chroot /chroot/httpd /www/bin/httpd

all i get is:

bad user name httpd

after reading lots and lots of manuals, howtos and other enlightening stuff, i now guess that its some sort of PAM problem.

anyone tried something like that lately?
any help would be great...

greetings from germany,

127.0.0.1

--
^v^

127.0.0.1 - localhost
 
Sort by date Sort by votes
Save yourself the trouble and use numbers in your configuration file, like:
Code: 
User #99
Group #99
If you insist on using names, I think you would have to add the
Code: 
/etc/passwd
and
Code: 
/etc/group
files to your chroot jail, though they would only need two users/groups: root and httpd.

//Daniel
 
Upvote 0 Downvote
hi daniel,

thanks for your advice and your quick answer.

unfortunately, i already tried adding passwd,group and shadow file, without success. i still get that "unknown user" thing...

one more thing: when i change into the chroot environment with

chroot /chroot/httpd /bin/bash

i get a shell with UID 0. su failes with "user httpd/root does not exist". whoami tells me it can't find a user for UID 0.

strange, isn't it? :)

so far,

127.0.0.1

--
^v^

127.0.0.1 - localhost
 
Upvote 0 Downvote
How did you compile Apache? Do you have glibc installed in your chroot environment?

//Daniel
 
Upvote 0 Downvote
good morning, daniel!

apache 1.3.29, Compiled-in modules:
http_core.c
mod_env.c
mod_log_config.c
mod_mime.c
mod_negotiation.c
mod_status.c
mod_include.c
mod_autoindex.c
mod_dir.c
mod_cgi.c
mod_asis.c
mod_imap.c
mod_actions.c
mod_speling.c
mod_userdir.c
mod_alias.c
mod_access.c
mod_auth.c
mod_digest.c
mod_auth_digest.c
mod_setenvif.c
mod_php4.c
suexec: disabled; invalid wrapper /
libs in /chroot/httpd/lib:

ld-2.3.2.so

libcrypt.so.1
libc.so.6
libdl.so.2
libgcc_s.so.1
libhistory.so.4
libm.so.6
libncurses.so.5
libnsl.so.1
libpam_misc.so.0
libpam.so.0
libreadline.so.4
libresolv.so.2
libz.so.1.1.4

does that help?

cu,

127.0.0.1

--
^v^

127.0.0.1 - localhost
 
Upvote 0 Downvote
I hope you've figured this out already.

I encountered the same problem today and after hunting around for a solution, I managed to find it myself using strace.

I ran:

strace -o file chroot /chroot/ /apache2/bin/httpd

And I hunted through the file looking for problems...until I found that the last thing httpd tries to do before it dies, is look for a library called: /lib/libnss_compat.so.2

Once I put that library in, it worked fine.

But I'm probably missing other libraries too, I'm going to keep hacking away.

Paul
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

AbidingDude
  • Locked
  • Question
Newbie Apache Cache Question
Replies
5
Views
193
AbidingDude
AbidingDude
daniel.warner
  • Locked
  • Question
Desperately need help setting up wildcard certs on Apache/Tomcat
Replies
2
Views
148
daniel.warner
daniel.warner
Frank DBA
  • Locked
  • Question
Apache XForwardedFor Header
Replies
1
Views
93
RhythmAce
RhythmAce
johngiggs
  • Locked
  • Question
Apache RewriteRule or RewriteCond
Replies
4
Views
154
feherke
feherke
TSch
  • Locked
  • Question
Problem with NFS automount
Replies
1
Views
94
iggsterman
iggsterman

Part and Inventory Search

Sponsor

Back
Top