Re: Running inside a chroot

Tue, 13 Nov 2007 00:36:50 -0800 

On Sun, Nov 11, 2007 at 01:22:40PM +0000, Paul Whittaker wrote:
> Hello,
> 
> I'm looking for some help getting mathopd to serve pages when it's
> running inside a chroot using the RootDirectory config option.
> 
> [...]


> User www-data
> StayRoot Off  # Reduce possibility of leaving chroot if compromised.
> RootDirectory /var/www
> 
> Log access.log
> ErrorLog errors.log


Just to be safe, I would define these two with a full path, relative to the
chroot:  /access.log and /errors.log


> Control {
>        Types {
>                text/html { * }
>        }

For your convenience, you might wish to add index declaration here:

        IndexNames      { index.html }

> }
> 
> Server {
>        Port 80
>        Address 0.0.0.0
>        Virtual {
>                AnyHost # Without this I get a 400 Bad Request instead

And here is why it doesn't work:  you missed a Control{} block, so mathopd
doesn't know where your html files are stored.
Looking at your directory tree, you should add:
                Control {
                        Alias /
                        Location /
                }
inside Virtual{} block.
Actually, I don't really think this is what you want, because the above will
serve your whole chroot() tree to the world, including /etc and log files.
Storing html files in a specified directory (say: /html) will definitely be
a better choice:  Alias /    Location /html


>        }
> }



Here is my minimalistic working example:  (OpenBSD, sparc64 architecture,
mathopd 1.5p5, command-line: /usr/local/sbin/mathopd -n < /test/mathopd.conf)

# pwd
/test

# find . -ls
241280    4 drwxr-xr-x    3 root     wheel         512 Nov 13 08:46 .
241283    4 drwxr-xr-x    2 root     wheel         512 Nov 13 08:45 ./html
241284    4 -rw-r--r--    1 root     wheel           8 Nov 13 08:45 
./html/index.html
241285    4 -rw-r--r--    1 www      wheel         815 Nov 13 08:50 ./access.log
241286    4 -rw-r--r--    1 www      wheel         519 Nov 13 08:50 ./error.log
241282    4 -rw-r--r--    1 root     wheel         322 Nov 13 08:50 
./mathopd.conf

# cat mathopd.conf
User www
StayRoot Off
RootDirectory /test

Log /access.log
ErrorLog /error.log
Control {
       Types {
               text/html { * }
        }
        IndexNames      { index.html }
}

Server {
       Port 80
       Address 0.0.0.0
       Virtual {
                AnyHost
                Control {
                        Alias /
                        Location /html
                }
       }
}





-- 
Janusz Gumkowski
http://www.am.torun.pl/~ja                   PGP key ID: 0x61DF6E3A

Reply via email to