Follow Techotopia on Twitter

On-line Guides
All Guides
eBook Store
iOS / Android
Linux for Beginners
Office Productivity
Linux Installation
Linux Security
Linux Utilities
Linux Virtualization
Linux Kernel
System/Network Admin
Programming
Scripting Languages
Development Tools
Web Development
GUI Toolkits/Desktop
Databases
Mail Systems
openSolaris
Eclipse Documentation
Techotopia.com
Virtuatopia.com
Answertopia.com

How To Guides
Virtualization
General System Admin
Linux Security
Linux Filesystems
Web Servers
Graphics & Desktop
PC Hardware
Windows
Problem Solutions
Privacy Policy

  




 

 

29.20. Test the new chrooted jail

Finally, we must test the new chrooted jail configuration of our Apache Web Server. The first thing to do is to restart our syslogd daemon with the following command:
        [root@deep ]/# /etc/rc.d/init.d/syslog restart
      

        Shutting down kernel logger:                               	[  OK  ]
        Shutting down system logger:                               	[  OK  ]
        Starting system logger:                                    	[  OK  ]
        Starting kernel logger:                                		[  OK  ]
      

Now, start the new chrooted jail Apache with the following command:
        [root@deep ]/# /etc/rc.d/init.d/httpd start
      

        Starting httpd:                                            		[  OK  ]
      

If you don't get any errors, do a ps ax | grep httpd and see if we're running:
        [root@deep ]/# ps ax | grep httpd
      

        14373 ?        S      0:00 httpd -DSSL
        14376 ?        S      0:00 httpd -DSSL
        14377 ?        S      0:00 httpd -DSSL
        14378 ?        S      0:00 httpd -DSSL
        14379 ?        S      0:00 httpd -DSSL
        14380 ?        S      0:00 httpd -DSSL
        14381 ?        S      0:00 httpd -DSSL
        14382 ?        S      0:00 httpd -DSSL
        14383 ?        S      0:00 httpd -DSSL
        14384 ?        S      0:00 httpd -DSSL
        14385 ?        S      0:00 httpd -DSSL
        14386 ?        S      0:00 httpd -DSSL
        14387 ?        S      0:00 httpd -DSSL
        14388 ?        S      0:00 httpd -DSSL
        14389 ?        S      0:00 httpd -DSSL
        14390 ?        S      0:00 httpd -DSSL
        14391 ?        S      0:00 httpd -DSSL
        14397 ?        S      0:00 httpd -DSSL
        14476 ?        S      0:00 httpd -DSSL
        14477 ?        S      0:00 httpd -DSSL
        14478 ?        S      0:00 httpd -DSSL
      

If so, lets check to make sure it's chrooted by picking out one of its process numbers and doing ls -la /proc/that_process_number/root/.
        [root@deep ]/# ls -la /proc/14373/root/
      
If you see:

        dev
        etc
        home
        lib
        usr
        var
      
congratulations!

As mentioned above, if you use Perl, you'll need to copy or hardlink any system libraries, perl libraries /usr/lib/perl5, and binaries into the chroot area. The same applies for SSL, PHP, LDAP, PostgreSQL and other programs.

 
 
  Published under the terms of the Open Publication License Design by Interspire