Putting Apache in Jail - Finishing touches for Apache jail preparation
(Page 2 of 5 )
The walls of the jail are now up. Though the following files are not necessary, experience shows that many scripts require them. Add them now to avoid having to debug mysterious problems later.
Construct special devices after using ls to examine the existing /dev folder to learn what numbers should be used:
# mkdir /chroot/apache/dev
# mknod -m 666 /chroot/apache/dev/null c 1 3
# mknod -m 666 /chroot/apache/dev/zero c 1 5
# mknod -m 644 /chroot/apache/dev/random c 1 8
Then, add a temporary folder:
# mkdir /chroot/apache/tmp
# chmod +t /chroot/apache/tmp
# chmod 777 /chroot/apache/tmp
Finally, configure the time zone and the locale (we could have copied the whole /usr/ share/locale folder but we will not because of its size):
# cp /usr/share/zoneinfo/MET /chroot/apache/
etc/localtime
# mkdir
-p /chroot/apache/usr/lib/locale
# set | grep LANG
LANG=en_US.UTF-8
LANGVAR=en_US.UTF-8
# cp -dpR /usr/lib/locale/en_US.utf8 /chroot/ apache/usr/lib/locale
Next: Preparing PHP to work in jail >>
More Apache Articles
More By O'Reilly Media
|
This article is excerpted from chapter two of Apache Security, written by Ivan Ristic (O'Reilly; ISBN: 0596007248). Check it out today at your favorite bookstore. Buy this book now.
|
|