update: [grsec] apache denied attach of shared memory outside of
chroot
Falk Hackenberger - MediaTransfer AG Netresearch & Consulting
f.hackenberger at mediatransfer.com
Tue Jun 28 06:42:31 EDT 2005
Matt Kettler wrote:
> Falk Hackenberger - MediaTransfer AG Netresearch & Consulting wrote:
>
>>why want the apache attach of shared memory outside of chroot?
>>
>>how to do find out the reason for this?
>>
>>the apache 1.3.33 is build with mod_ssl,php and the
>>jakarta-tomcat-connector.
> Is tomcat inside the same chroot as apache?
yes, the tomcat is in the same chroot.
need mount the tmpfs in the chroot?
the /dev-Dir in the chroot hold only /dev/null,
the tomcat and the apache are started by 2 independent scripts.
maybe there is a problem?
the problem ist not solved, but i guess you are right it has to do with
tomcat...
a other problem is, that the httpd dies with signal 11
grsec: From X: signal 11 sent to
/chroot/usr/local/apache/bin/httpd[httpd:31960] uid/euid:1000/1000
gid/egid:103/103, parent
/chroot/apache/usr/local/apache/bin/httpd[httpd:26619] uid/euid:0/0
gid/egid:0/0
any hints?
thanx falk
More information about the grsecurity
mailing list