Chroot Apache 2.2 on NetBSD

  2011-02-01      100 words, 1 minutes

• apache
• chroot
• netbsd

The Apache 2.2.17 package shipped in pkgsrc 2010Q4 comes with a nice <a href="http://httpd.apache.org/docs/2.2/mod/mpm_common.html#chrootdir">ChrootDir</a> directive that allows simple chroot configuration.

First, you will need Apache in at least version 2.2.10. Then:

# vi /usr/pkg/etc/httpd/httpd.conf
(...)
#DocumentRoot "/usr/pkg/share/httpd/htdocs"
ChrootDir "/usr/pkg/share/httpd"
DocumentRoot "/htdocs"
(...)
# ln -s /usr/pkg/share/httpd/htdocs /htdocs

You may need to create a /usr/pkg/share/httpd/var/tmp/ directory in case your Web application requires it.

You can use the logger application to send your log to an external syslog:

# vi /usr/pkg/etc/httpd/httpd.conf
(...)
ErrorLog "|/usr/bin/logger -t httpd -p info"
LogLevel warn
(...)
CustomLog "|/usr/bin/logger -t httpd -p info" combined
(...)

That’s All Folks!