These files are in the chroot directory meaning: /chroot/www/etc/httpd/conf.d/auth_mysql.conf /chroot/www/etc/httpd/modules/mod_auth_mysql.so /chroot/www/usr/lib/mysql/libmysqlclient.so.10 Why does it complain that it wan not there ? Any idea ? Rick Stevens > calvin@xxxxxxxxxxxxxx wrote: >> I am trying to chroot my httpd and so far has not been successful >> getting >> the error below when I run it in chroot. I have FC3 and installed httpd, >> mysql during installation. I did lsof -p to find out all the files that >> httpd needed and copied them over the chroot directory. I changed >> user/group to the user/group I want it to run as. The file it is looking >> for are both in the original location and the chroot directory. I >> followed >> instruction in chrooting httpd from links I found on google. >> >> Mar 6 02:37:07 www chroot: Syntax error on line 6 of >> /etc/httpd/conf.d/auth_mysql.conf: >> Mar 6 02:37:07 www chroot: Cannot load >> /etc/httpd/modules/mod_auth_mysql.so into server: libmysqlclient.so.10: >> cannot open shared object file: No such file or directory >> >> >> Anyone have any idea how I could resolve this problem. I even updated my >> apache to 2.0.52 hoping it might fix it but still get the same error. > > Once you chroot to a specific directory, anything above it in the normal > directory tree is unavailable. That's what "chroot" means..."change > the filesystem root for this process". If you have a process "chroot" > to, say /usr/local/apache/htdocs, from that point on the process uses > that directory as "/". You can't go above it. You won't have access to > /usr/lib or /lib or any of that since they're above your "root". > > The only way to make it work is to create /usr/local/apache/htdocs/lib > and /usr/local/apache/htdocs/usr/lib and copy the files you need to > those directories. Then when you chroot to /usr/local/apache/htdocs, > you'll have a "/lib" and "/usr/lib" available to you. This is called > "being in a chroot jail". It's a big security enhancement, but to make > it all work, you have to understand just what you're doing. > ---------------------------------------------------------------------- > - Rick Stevens, Senior Systems Engineer rstevens@xxxxxxxxxxxxxxx - > - VitalStream, Inc. http://www.vitalstream.com - > - - > - A day for firm decisions!!! Well, then again, maybe not! - > ---------------------------------------------------------------------- > > -- > fedora-list mailing list > fedora-list@xxxxxxxxxx > To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list >
