Ubuntu
apache2 package

ChrootDir(mpm_common) and DocumentRoot issues

Bug #627227 reported by dmitri.g
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
apache2 (Ubuntu)
Opinion
Low
Unassigned

Bug Description

Binary package hint: apache2

Description: Ubuntu 10.04.1 LTS
Release: 10.04
apache2:
  Installed: 2.2.14-5ubuntu8
apache2-mpm-prefork:
  Installed: 2.2.14-5ubuntu8

Setting document root to a folder inside the chroot provided by mpm_common (http://httpd.apache.org/docs/2.2/mod/mpm_common.html#chrootdir)

directory structure:

/var/www/example.com <--chrootdir
    /conf
        /apache2.conf
        /apache2.pid
        /apache2.lock
    /log
        /error.log
    /lib
        /inc.php
    /web <-- documentroot
        /index.php <-- this just includes ../inc.php

apache2.conf:
    ChrootDir /var/www/example.com/
    ServerRoot /var/www/example.com/
    LockFile /var/www/example.com/conf/accept.lock
    PidFile /var/www/example.com/conf/apache2.pid
    Timeout 300
    KeepAlive On
    MaxKeepAliveRequests 100
    KeepAliveTimeout 15
    User example
    Group example
    DefaultType text/plain
    HostnameLookups Off
    ErrorLog /var/www/example.com/conf/error.log
    LogLevel warn
    Include /etc/apache2/mods-enabled/*.load
    Include /etc/apache2/mods-enabled/*.conf
    Listen 8080
    # apache fails to start complains document root doesnt exist
    DocumentRoot /web

    # apache starts, requests fail
    #
    # DocumentRoot web

    # apache starts, requests fail (cant find /var inside chroot)
    #
    # DocumentRoot /var/www/example.com/web

    # apache starts, requests work but php cant load inc.php (docroot==chroot)
    # (this only works because / actually exists in the filesystem)
    #
    # ChrootDir /var/www/example.com/web/
    # DocumentRoot /

Apache fails to start with "DocumentRoot doesn't exists" error, from strace output it seems apache does a stat/stat64 on documentroot before it chroots itself, then does it again before serving pages once request comes in.

Workaround:
Making empty "web" directory in / tricks apache into starting and servering requests, as well as php include working as expected.

Mathias Gug (mathiaz)
Changed in apache2 (Ubuntu):
importance: Undecided → Low
Revision history for this message
Daniel Hahler (blueyed) wrote :

A better work around might be to use a symlink setup like:
  # ls -l /var/www/var/www
  lrwxrwxrwx 1 root root 2 Aug 18 19:08 /var/www/var/www -> ..

This allows me to use /var/www from inside and outside the chroot.

I am using mod_chroot however (just learned that ChrootDir is in the core now, but it works differently; see bug 687275).

Revision history for this message
Chuck Short (zulcss) wrote :

Thanks for the bug report.

Changed in apache2 (Ubuntu):
status: New → Opinion
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.