--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: apache: ChrootDir feature patch would be nice
- From: Chris Jantzen <chris@maybe.net>
- Date: Fri, 30 Jul 2004 12:02:28 -0700
- Message-id: <20040730190228.13550.qmail@mail.maybe.net>
Package: apache
Severity: wishlist
Tags: patch
The attached patch adds the ChrootDir directive to the configuration,
which allows the server to chroot(2) into the specified directory upon
serving requests.
-- System Information:
Debian Release: 3.1
APT prefers testing
APT policy: (500, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.4.26-omoikane.4
Locale: LANG=C, LC_CTYPE=C
diff -urN build-tree-apache/apache_1.3.31.orig/conf/httpd.conf-dist build-tree-apache/apache_1.3.31/conf/httpd.conf-dist
--- build-tree-apache/apache_1.3.31.orig/conf/httpd.conf-dist 2004-02-19 10:13:11.000000000 -0800
+++ build-tree-apache/apache_1.3.31/conf/httpd.conf-dist 2004-07-30 11:30:13.000000000 -0700
@@ -59,6 +59,14 @@
ServerRoot "@@ServerRoot@@"
#
+# ChrootDir: The directory to chroot to
+#
+# NOTE: When using this all directory/file references in DocumentRoot,
+# <Directory> and <Files> should be relative to this ChrootDir!
+#
+#ChrootDir "@@ServerRoot@@/htdocs"
+
+#
# The LockFile directive sets the path to the lockfile used when Apache
# is compiled with either USE_FCNTL_SERIALIZED_ACCEPT or
# USE_FLOCK_SERIALIZED_ACCEPT. This directive should normally be left at
diff -urN build-tree-apache/apache_1.3.31.orig/src/include/http_conf_globals.h build-tree-apache/apache_1.3.31/src/include/http_conf_globals.h
--- build-tree-apache/apache_1.3.31.orig/src/include/http_conf_globals.h 2004-07-30 11:28:39.000000000 -0700
+++ build-tree-apache/apache_1.3.31/src/include/http_conf_globals.h 2004-07-30 11:31:06.000000000 -0700
@@ -77,6 +77,7 @@
extern API_VAR_EXPORT char ap_server_root[MAX_STRING_LEN];
extern API_VAR_EXPORT char ap_server_confname[MAX_STRING_LEN];
+extern API_VAR_EXPORT char ap_chroot_dir[MAX_STRING_LEN];
/* for -C, -c and -D switches */
extern API_VAR_EXPORT array_header *ap_server_pre_read_config;
diff -urN build-tree-apache/apache_1.3.31.orig/src/main/http_core.c build-tree-apache/apache_1.3.31/src/main/http_core.c
--- build-tree-apache/apache_1.3.31.orig/src/main/http_core.c 2004-07-30 11:28:29.000000000 -0700
+++ build-tree-apache/apache_1.3.31/src/main/http_core.c 2004-07-30 11:33:51.000000000 -0700
@@ -2212,6 +2212,31 @@
return NULL;
}
+static const char *set_chroot_dir(cmd_parms *cmd, void *dummy, char *arg)
+{
+ const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
+
+ if (err != NULL) {
+ return err;
+ }
+
+ arg = ap_os_canonical_filename(cmd->pool, arg);
+
+ if (!ap_is_directory(arg)) {
+ return "ChrootDir must be a valid directory";
+ }
+ /* ChrootDir is never '/' terminated */
+ while (strlen(ap_chroot_dir) > 1 && ap_chroot_dir[strlen(ap_chroot_dir)-1] == '/')
+ ap_chroot_dir[strlen(ap_chroot_dir)-1] = '\0';
+ ap_cpystrn(ap_chroot_dir, arg,
+ sizeof(ap_chroot_dir));
+
+ /* XXX: after ChrootDir we cannot check DocumentRoot easily */
+ ap_docrootcheck = 0;
+
+ return NULL;
+}
+
static const char *set_timeout(cmd_parms *cmd, void *dummy, char *arg)
{
const char *err = ap_check_cmd_context(cmd, NOT_IN_DIR_LOC_FILE|NOT_IN_LIMIT);
@@ -3530,6 +3555,8 @@
"En-/disable server signature (on|off|email)" },
{ "ServerRoot", set_server_root, NULL, RSRC_CONF, TAKE1,
"Common directory of server-related files (logs, confs, etc.)" },
+{ "ChrootDir", set_chroot_dir, NULL, RSRC_CONF, TAKE1,
+ "The directory to chroot(2) into" },
{ "ErrorLog", set_server_string_slot,
(void *)XtOffsetOf (server_rec, error_fname), RSRC_CONF, TAKE1,
"The filename of the error log" },
diff -urN build-tree-apache/apache_1.3.31.orig/src/main/http_main.c build-tree-apache/apache_1.3.31/src/main/http_main.c
--- build-tree-apache/apache_1.3.31.orig/src/main/http_main.c 2004-07-30 11:28:39.000000000 -0700
+++ build-tree-apache/apache_1.3.31/src/main/http_main.c 2004-07-30 11:37:07.000000000 -0700
@@ -275,6 +275,7 @@
API_VAR_EXPORT char ap_server_root[MAX_STRING_LEN]="";
API_VAR_EXPORT char ap_server_confname[MAX_STRING_LEN]="";
+API_VAR_EXPORT char ap_chroot_dir[MAX_STRING_LEN]="";
API_VAR_EXPORT char ap_coredump_dir[MAX_STRING_LEN]="";
int ap_coredump_dir_configured=0;
@@ -4466,6 +4467,30 @@
}
GETUSERMODE();
#else
+
+ if (ap_chroot_dir[0] != '\0') {
+ if (!ap_standalone) {
+ ap_log_error(APLOG_MARK, APLOG_ALERT, server_conf,
+ "Cannot chroot when not in standalone mode");
+ exit(1);
+ }
+ if (geteuid()) {
+ ap_log_error(APLOG_MARK, APLOG_ALERT, server_conf,
+ "Cannot chroot when not started as root");
+ exit(1);
+ }
+ if (chdir(ap_chroot_dir)) {
+ ap_log_error(APLOG_MARK, APLOG_ALERT, server_conf,
+ "Unable to chdir to %s", ap_chroot_dir);
+ exit(1);
+ }
+ if (chroot(ap_chroot_dir)) {
+ ap_log_error(APLOG_MARK, APLOG_ALERT, server_conf,
+ "Unable to chroot to %s", ap_chroot_dir);
+ exit(1);
+ }
+ }
+
/*
* Only try to switch if we're running as root
* In case of Cygwin we have the special super-user named SYSTEM
@@ -5419,6 +5444,10 @@
ap_log_error(APLOG_MARK, APLOG_NOERRNO|APLOG_NOTICE, server_conf,
"Accept mutex: %s (Default: %s)",
amutex->name, ap_default_mutex_method());
+ if (ap_chroot_dir[0] != '\0') {
+ ap_log_error(APLOG_MARK, APLOG_NOERRNO|APLOG_NOTICE, server_conf,
+ "Chroot directory: %s", ap_chroot_dir);
+ }
restart_pending = shutdown_pending = 0;
while (!restart_pending && !shutdown_pending) {
diff -urN build-tree-apache/apache_1.3.31.orig/src/main/http_request.c build-tree-apache/apache_1.3.31/src/main/http_request.c
--- build-tree-apache/apache_1.3.31.orig/src/main/http_request.c 2004-07-30 11:28:39.000000000 -0700
+++ build-tree-apache/apache_1.3.31/src/main/http_request.c 2004-07-30 11:37:58.000000000 -0700
@@ -181,7 +181,10 @@
/* Advance over trailing slashes ... NOT part of filename
* if file is not a UNC name (Win32 only).
*/
- for (cp = end; cp > path && cp[-1] == '/'; --cp)
+ /* XXX: we need path+1 instead of path here to handle the case
+ * of path = "/" (this can happen when using ChrootDir)
+ */
+ for (cp = end; cp > path+1 && cp[-1] == '/'; --cp)
continue;
while (cp > path) {
--- End Message ---