wiki:experiences:igraltist:jail_apache2
=>  Releases

Current version
Git/Latestdiff: 1.5.6

Latest Snapshots
Produced after each commit or rebase to new upstream version

GIT
RSBAC source code, can be unstable sometimes

=>  Events

No events planned

This is an old revision of the document!

This is the modified apache2 init-script 

 diff -u apache2_orginal apache2
 --- apache2_orginal	2008-07-01 14:33:17.000000000 +0200
 +++ apache2	2008-07-02 18:11:08.000000000 +0200
 @@ -115,6 +115,8 @@
    fi
    done
    fi
 +	echo "sleeping a bit, otherwise the port is blocking from dieing apache"
 +	sleep 2
  }
   # Stupid hack to keep lintian happy. (Warrk! Stupidhack!).
 @@ -126,7 +128,9 @@
      #ssl_scache shouldn't be here if we're just starting up.
     [ -f /var/run/apache2/ssl_scache ] && rm -f /var/run/apache2/*ssl_scache*
     log_begin_msg "Starting web server (apache2)..."
 -   if $APACHE2CTL start; then
 +#	if $APACHE2CTL start; then
 +	    $ENV run-jail apache2 /usr/sbin/apache2ctl start
 +	    if [ "$?" -eq 0 ]; then
             log_end_msg 0
          else
             log_end_msg 1
 @@ -148,7 +152,9 @@
      fi
      log_begin_msg "Reloading web server config..."
if pidof_apache; then
 -       if $APACHE2CTL graceful $2 ; then
 +  	      $ENV run-jail apache2 /usr/sbin/apache2ctl graceful reload
 +             #if $APACHE2CTL graceful $2 ; then
 +		    if [ "$?" -eq 0 ]; then
                     log_end_msg 0
                  else
                     log_end_msg 1
 @@ -160,7 +166,9 @@
     if ! apache_sync_stop; then
        log_end_msg 1
     fi
 -	if $APACHE2CTL start; then
 +	   $ENV run-jail apache2 /usr/sbin/apache2ctl start
 +	   if [ "$?" -eq 0 ]; then
 +#	   if $APACHE2CTL start; then
             log_end_msg 0
         else
             log_end_msg 1
 ;
 ; RSBAC JAIL definition for apache2
 ; 20060502
 ;  
 ; Tested by:
 ; Fuleki Miklos (RAk)
 ; Peter Busser (peter)
 ; Robert Penz (robert)
 ;
 ""
 "0.0.0.0"
 (allow-dev-read
  allow-dev-write
  allow-all-net-family
  allow-inet-raw
  private-namespace)
 (setuid
  setgid
  net-bind-service
  kill)
 (sysctl)
 (rlimit)
 /etc/init.d/apache2 start 
 Starting web server (apache2)...	
 This is execute now:
 rsbac_jail  -d -D -n -r -N -C  SETUID SETGID NET_BIND_SERVICE KILL -G  sysctl -M  rlimit  /usr/sbin/apache2ctl  start
//
wiki/experiences/igraltist/jail_apache2.1215839257.txt.gz · Last modified: 2008/07/12 07:07 by 127.0.0.1

wiki/experiences/igraltist/jail_apache2.1215839257.txt.gz · Last modified: 2008/07/12 07:07 by 127.0.0.1
This website is kindly hosted by m-privacy