Current version
Git/Latestdiff: 1.5.6
Latest Snapshots
Produced after each commit or rebase to new upstream version
GIT
RSBAC source code, can be unstable sometimes
No events planned
This is the modified apache2 init-script
--- apache2_orginal 2008-07-01 14:33:17.000000000 +0200 +++ apache2 2008-07-02 18:11:08.000000000 +0200 @@ -115,6 +115,8 @@ fi done fi + echo "sleeping a bit, otherwise the port is blocking from dieing apache" + sleep 2 } # Stupid hack to keep lintian happy. (Warrk! Stupidhack!). @@ -126,7 +128,9 @@ #ssl_scache shouldn't be here if we're just starting up. [ -f /var/run/apache2/ssl_scache ] && rm -f /var/run/apache2/*ssl_scache* log_begin_msg "Starting web server (apache2)..." - if $APACHE2CTL start; then +# if $APACHE2CTL start; then + $ENV run-jail apache2 /usr/sbin/apache2ctl start + if [ "$?" -eq 0 ]; then log_end_msg 0 else log_end_msg 1 @@ -148,7 +152,9 @@ fi log_begin_msg "Reloading web server config..." if pidof_apache; then - if $APACHE2CTL graceful $2 ; then + $ENV run-jail apache2 /usr/sbin/apache2ctl graceful reload + #if $APACHE2CTL graceful $2 ; then + if [ "$?" -eq 0 ]; then log_end_msg 0 else log_end_msg 1 @@ -160,7 +166,9 @@ if ! apache_sync_stop; then log_end_msg 1 fi - if $APACHE2CTL start; then + $ENV run-jail apache2 /usr/sbin/apache2ctl start + if [ "$?" -eq 0 ]; then +# if $APACHE2CTL start; then log_end_msg 0 else log_end_msg 1
; ; RSBAC JAIL definition for apache2 ; 20060502 ; ; Tested by: ; Fuleki Miklos (RAk) ; Peter Busser (peter) ; Robert Penz (robert) ; igraltist on debian ; "" "0.0.0.0" (allow-dev-read allow-dev-write allow-all-net-family allow-inet-raw private-namespace) (setuid setgid net-bind-service kill) (sysctl) (rlimit)
/etc/init.d/apache2 start Starting web server (apache2)... This is execute now: rsbac_jail -d -D -n -r -N -C SETUID SETGID NET_BIND_SERVICE KILL -G sysctl -M rlimit /usr/sbin/apache2ctl start//