PERL CGI - Apache chroot
Nick Guenther
kousue at gmail.com
Sat Jun 3 10:26:29 PDT 2006
On 6/3/06, MK <public at kubikcz.net> wrote:
> Hello to all
>
> I'm trying to make a simple PERL CGI script for wakeing computers on LAN.
> For this purpose I installed p5-Net-Wake-0.02.tgz PERL modul from packages.
>
> Script works but only in not chrooted Apache.( packet is sent ) For chrooted
> Apache in OpenBSD I followed help instructions on
> http://livenudefrogs.com/~anubis/servers/apache_perl_chroot.shtml.
>
> Script is executed without any complains but packet is not sent. Apache
> error log is clean. I also tryed to make a list of necessary files by
> Systrace -A.
>
> Maybe there is a problem because the modul needs access to:
>
> native-fsread: filename eq "/etc/malloc.conf" then permit
> native-fsread: filename eq "/dev/arandom" then permit
>
> But I'm not sure as I don't have any experience with systrace.
>
> Thank you for any help.
>
Hi MK,
Everything that programs under a chroot need must be in the chroot
with them. Probably the two files you listed are part of the problem
but there may be others too.
Try running tcpdump and watching for the packets (see man tcpdump for
how to filter out uninteresting ones). This will show if it's really
not getting sent.
Then, go into the module's code and start looking for what it might
need. Sprinkle open FH, ">>out.txt"; print FH, "debug info:"-type code
throughout it and try to find where it's dying, if it is.
-Nick
More information about the Openbsd-newbies
mailing list