3 Sep 20:43
secondary groups unavailable after chroot
Liu, Cindy <Cindy_Liu <at> intuit.com>
2004-09-03 18:43:17 GMT
2004-09-03 18:43:17 GMT
Hello there, We ran into issues with mod_security, in that the secondary groups information for the user account that Apache run under is unavailable after chroot. This can be verified with a "pcred <pid>" call on the child process. Debugging output with TRUSS showed that the system called: initgroups() is called after chroot, in which case the /etc/group, /etc/users, /etc/nsswitch.conf are not accessible anymore. The current work around requires copying above configuration files, together with some libraries into the chroot environment in order for it to work properly. Suggest a better fix can be made to mod_security code, so that it invokes initgroups() call prior to chroot? Thanks, Cindy ------------------------------------------------------- This SF.Net email is sponsored by BEA Weblogic Workshop FREE Java Enterprise J2EE developer tools! Get your free copy of BEA WebLogic Workshop 8.1 today. http://ads.osdn.com/?ad_id=5047&alloc_id=10808&op=click
RSS Feed