chroot in lsws - myth?

Discussion in 'Bug Reports' started by chipus, Jun 19, 2012.

  1. chipus

    chipus New Member

    Hi developers.

    I apologize for my bad English, had to use the services of google.

    1. create a folder chroot
    2. installing lsws 4.1.24 Ent to /chroot/lsws , in the installation activate the option chroot to folder /chroot

    -------------------------
    immediately see the problem, the control panel does not start: error: 2012-06-19 11:34:49.824 [STDERR] lscgid: chdir():/lsws/admin/fcgi-bin/: No such file or directory

    temp fix this problem: ln -s /chroot/lsws /lsws
    Well, start up an administrative panel.

    an see on the disk 2 folders:
    /chroot/tmp/lshttpd
    and
    /tmp/lshttpd

    In admin panel i see error: 2012-06-19 12:20:42.201 ERROR Failed to open the status report: /chroot/tmp/lshttpd/.status.tmp!

    before starting lsws to do command: mount --bind /tmp/lshttpd /chroot//tmp/lshttpd



    3. The server is configured as follows:
    Configuration -> Server ->
    Enable chroot: Yes
    Chroot path: /croot

    Virtual Host Template -> PHP_SuEXEC -> Security
    ExtApp Resource Control
    ExtApp Chroot Mode -> Same as Server

    In my opinion Chroot fully configured.
    Restart the server to be sure that the configuration is applied.
    The tests are performed on the virtual server is configured by default.

    Change /chroot/lsws/DEFAULT/html/phpinfo.php
    -------------------------
    <HTML>
    <BODY>
    <?php

    print_r(system("ls -l /"));
    // phpinfo()

    ?>
    </BODY>
    </HTML>
    ----------------------------

    The output of the script was surprised:
    <HTML>
    <BODY>
    total 25
    drwxr-xr-- 6 root root 368 Sep 19 2011 backup
    drwxr-xr-x 2 root root 2672 Feb 11 2010 bin
    drwxr-xr-x 4 root root 1024 Feb 16 2010 boot
    drwxr-xr-x 9 root root 216 Jun 19 11:29 chroot
    drwxr-xr-x 15 root root 3680 Jun 18 03:10 dev
    drwxr-xr-x 62 root root 4408 Jun 19 11:54 etc
    drwxr-xr-x 10 root root 264 Apr 11 2011 home
    lrwxrwxrwx 1 root root 5 Apr 22 2010 lib -> lib64
    drwxr-xr-x 3 root root 3728 Apr 22 2010 lib32
    drwxr-xr-x 13 root root 4696 Jan 9 2011 lib64
    lrwxrwxrwx 1 root root 12 Jun 19 11:38 lsws -> /chroot/lsws
    drwxr-xr-x 5 root root 144 Jul 23 2009 mnt
    drwxr-xr-x 10 root root 224 Oct 13 2010 opt
    dr-xr-xr-x 250 root root 0 Mar 10 2011 proc
    drwx------ 15 root root 632 Nov 25 2011 root
    drwxr-xr-x 2 root root 5264 Oct 21 2010 sbin
    drwxr-xr-x 2 root root 168 Nov 25 2009 service
    drwxr-xr-x 12 root root 0 Mar 10 2011 sys
    drwxrwxrwt 16 root root 3232 Jun 19 12:00 tmp
    drwxr-xr-x 16 root root 512 Sep 3 2010 usr
    drwxr-xr-x 15 root root 384 Aug 4 2009 var
    drwxr-xr-x 15 root root 384 Aug 4 2009 var</BODY>
    </HTML>




    Those, php lsapi of running out of /chroot.
    But it is not the last strange thing.


    Internal variables $VH_ROOT and $DOC_ROOT, calculated by adding the prefix /chroot
    instead of the expected( /lsws/DEFAULT and /lsws/DEFAULT/html): /chroot/lsws/DEFAULT and /chroot/lsws/DEFAULT/html
    If you are using an depricated open_base_dir, the situation is more complicated

    Target file must be available both, inside chroot, and outside.
    If you have the target file is available only outside chroot, you will get the expected 403.
    If you have the target file is only available within the chroot, you get a blank page, without a errors in the server logfiles.


    In my opinion, at the moment enable Chroot in lsws does not make sense. Requires a serious revision of this issue.


    Pavlo.
    Last edited: Jun 19, 2012
  2. NiteWave

    NiteWave Administrator

    how did you run /chroot/lsws/DEFAULT/html/phpinfo.php ? command line or through URL.
  3. chipus

    chipus New Member

    URL: http://retiree.ns-root.com:8088/phpinfo.php
    I can provide access to the Control Panel LSWS, if necessary.
  4. webizen

    webizen New Member

  5. chipus

    chipus New Member

    thanks for the fast solution my problem, chroot in this version working properly.

    Remained a small bug in apache configuration
    Virtual Hosts ->hostname -> General ->Apache Style Configurations

    php_admin_value open_basedir "$DOC_ROOT:$VH_ROOT/lib:/usr/local/lib/php:$VH_ROOT/upl_content:/tmp"

    calculated as:
    2012-06-21 18:57:55.912 [NOTICE] [XX.XX.XX.XX:56722-0#hostname] [STDERR] PHP Warning: Unknown: open_basedir restriction in effect. File(/home/domains/hostname/www/info.php) is not within
    the allowed path(s): (/home/chroot/home/domains/hostname/www/:/usr/local/lib/php:/home/chroot/home/domains/hostname/upl_content) in Unknown on line 0


    but for me it's not critical :)


    Thanks.

Share This Page