IMHO.WS

IMHO.WS (http://www.imho.ws/index.php)
-   Веб-программирование (http://www.imho.ws/forumdisplay.php?f=29)
-   -   apache+mod_suid (http://www.imho.ws/showthread.php?t=106183)

AleXXXSoft 21.07.2006 09:07
apache+mod_suid
 
Кто-нить работал с сабжем? (_http://www.palsenberg.com/index.php/plain/projects/apache_1_xx_mod_suid)
Всё установил по инструкции, lsm_rsuid работает, настроил конфиг апача, а он, видимо, слишком рано делает setuid() и получается так, что сам апач не имеет доступа к своим же логам (те, которые от виртуал-хоста), о чем и пишет в эррор лог. Может кто помогет?

Saruman 22.07.2006 20:54
так а права доступа к логам какие? Нужно, чтобы апач уже после смены владельца мог в них писать - соответственно и назначай доступ индивидуально.

AleXXXSoft 23.07.2006 16:46
Цитата:
Сообщение от Saruman
так а права доступа к логам какие? Нужно, чтобы апач уже после смены владельца мог в них писать - соответственно и назначай доступ индивидуально.
права доступа стоят нормальные, даже если ставлю 777 - та же фигня.
вот еще что заметил, выключаю логи совсем, и оно начинает ругаться на то,что неможет прибиндиться к порту 80, типа мол прав нет.

Я почему-то думал, что открывает логи, биндится на порт оно еще рутом.... я ошибался? Нахрена тогда такой модуль, если он главного родителя тоже делает НИКЕМ.... (что я и заметил в ps aux)

Может что-то не так делаю?

кусок лога
Код:
ChrootDir /home/hosting

ModSuidApacheUser apache
ModSuidApacheGroup hosting

ModSuidEnable On

NameVirtualHost *.*.*.*:80

<VirtualHost *.*.*.*:80>
    ServerAdmin webadmin@*.*.*.*.ru
    DocumentRoot /default/public_html
    ServerName hosting.*.*.*.*.ru
    ErrorLog /home/hosting/default/logs/error.log
    CustomLog /home/hosting/default/logs/access.log combined
    <Directory /home/hosting/default>
        Options FollowSymLinks
        Options -Indexes
        Options -MultiViews
        AllowOverride None
    </Directory>
    SuidEnable      On
    SuidPolicy      user-group
    Suid            user someuser
    Suid            group somegroup
</VirtualHost>
chroot пробовал отключать - эффекта нет.

AleXXXSoft 24.07.2006 12:49
Вот еще часть трейса:

Код:
execve("/usr/sbin/apache", ["/usr/sbin/apache", "-f", "/etc/apache/httpd.host.conf"], [/* 19 vars */]) = 0
uname({sys="Linux", node="cs271.ru", ...}) = 0
brk(0)                                  = 0x808f000
old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x40017000
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
open("/etc/ld.so.preload", O_RDONLY)    = -1 ENOENT (No such file or directory)
open("/etc/ld.so.cache", O_RDONLY)      = 4
fstat64(4, {st_mode=S_IFREG|0644, st_size=20601, ...}) = 0
old_mmap(NULL, 20601, PROT_READ, MAP_PRIVATE, 4, 0) = 0x40018000
close(4)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
open("/lib/tls/libm.so.6", O_RDONLY)    = 4
read(4, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\00005\0\000"..., 512) = 512
fstat64(4, {st_mode=S_IFREG|0644, st_size=134496, ...}) = 0
old_mmap(NULL, 136976, PROT_READ|PROT_EXEC, MAP_PRIVATE, 4, 0) = 0x4001e000
old_mmap(0x4003f000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 4, 0x20000) = 0x4003f000
close(4)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
open("/lib/tls/libpthread.so.0", O_RDONLY) = 4
read(4, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0pF\0\000"..., 512) = 512
fstat64(4, {st_mode=S_IFREG|0755, st_size=78233, ...}) = 0
old_mmap(NULL, 60772, PROT_READ|PROT_EXEC, MAP_PRIVATE, 4, 0) = 0x40040000
old_mmap(0x4004c000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 4, 0xc000) = 0x4004c000
old_mmap(0x4004d000, 7524, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x4004d000
close(4)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
open("/lib/tls/libcrypt.so.1", O_RDONLY) = 4
read(4, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\360\t\0"..., 512) = 512
fstat64(4, {st_mode=S_IFREG|0644, st_size=18876, ...}) = 0
old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x4004f000
old_mmap(NULL, 181692, PROT_READ|PROT_EXEC, MAP_PRIVATE, 4, 0) = 0x40050000
old_mmap(0x40055000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 4, 0x4000) = 0x40055000
old_mmap(0x40056000, 157116, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x40056000
close(4)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
open("/usr/lib/libdb-4.2.so", O_RDONLY) = 4
read(4, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0000\205"..., 512) = 512
fstat64(4, {st_mode=S_IFREG|0644, st_size=876584, ...}) = 0
old_mmap(NULL, 876124, PROT_READ|PROT_EXEC, MAP_PRIVATE, 4, 0) = 0x4007d000
old_mmap(0x40151000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 4, 0xd4000) = 0x40151000
close(4)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
open("/usr/lib/libexpat.so.1", O_RDONLY) = 4
read(4, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\260\"\0"..., 512) = 512
fstat64(4, {st_mode=S_IFREG|0644, st_size=129972, ...}) = 0
old_mmap(NULL, 128880, PROT_READ|PROT_EXEC, MAP_PRIVATE, 4, 0) = 0x40153000
old_mmap(0x40170000, 12288, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 4, 0x1d000) = 0x40170000
close(4)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
open("/lib/tls/libdl.so.2", O_RDONLY)  = 4
read(4, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\320\32"..., 512) = 512
fstat64(4, {st_mode=S_IFREG|0644, st_size=9872, ...}) = 0
old_mmap(NULL, 8632, PROT_READ|PROT_EXEC, MAP_PRIVATE, 4, 0) = 0x40173000
old_mmap(0x40175000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 4, 0x2000) = 0x40175000
close(4)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
open("/lib/tls/libc.so.6", O_RDONLY)    = 4
read(4, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0`Z\1\000"..., 512) = 512
fstat64(4, {st_mode=S_IFREG|0755, st_size=1254660, ...}) = 0
old_mmap(NULL, 1264972, PROT_READ|PROT_EXEC, MAP_PRIVATE, 4, 0) = 0x40176000
old_mmap(0x402a0000, 36864, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 4, 0x129000) = 0x402a0000
old_mmap(0x402a9000, 7500, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x402a9000
close(4)                                = 0
old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x402ab000
set_thread_area({entry_number:-1 -> 6, base_addr:0x402ab760, limit:1048575, seg_32bit:1, contents:0, read_exec_only:0, limit_in_pages:1, seg_not_present:0, useable:1}) = 0
munmap(0x40018000, 20601)              = 0
set_tid_address(0x402ab7a8)            = 961
rt_sigaction(SIGRTMIN, {0x400445d0, [], SA_SIGINFO}, NULL, 8) = 0
rt_sigprocmask(SIG_UNBLOCK, [RTMIN], NULL, 8) = 0
getrlimit(RLIMIT_STACK, {rlim_cur=8192*1024, rlim_max=RLIM_INFINITY}) = 0
brk(0)                                  = 0x808f000
brk(0x80b2000)                          = 0x80b2000
brk(0)                                  = 0x80b2000
stat64("/usr/lib/apache/suexec", 0xbffffb10) = -1 ENOENT (No such file or directory)
lstat64("/etc/apache/httpd.host.conf", {st_mode=S_IFREG|0644, st_size=5741, ...}) = 0
open("/etc/apache/httpd.host.conf", O_RDONLY|O_LARGEFILE) = 4
fstat64(4, {st_mode=S_IFREG|0644, st_size=5741, ...}) = 0
fstat64(4, {st_mode=S_IFREG|0644, st_size=5741, ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x40018000
read(4, "ServerType standalone\nServerRoot"..., 4096) = 4096
stat64("/etc/apache", {st_mode=S_IFDIR|0755, st_size=133, ...}) = 0
futex(0x401751b4, FUTEX_WAKE, 2147483647) = 0
open("/usr/lib/apache/1.3/mod_chroot.so", O_RDONLY) = 6
read(6, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0p\t\0\000"..., 512) = 512
fstat64(6, {st_mode=S_IFREG|0755, st_size=46820, ...}) = 0
old_mmap(NULL, 4620, PROT_READ|PROT_EXEC, MAP_PRIVATE, 6, 0) = 0x40019000
old_mmap(0x4001a000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 6, 0x1000) = 0x4001a000
close(6)                                = 0
open("/usr/lib/apache/1.3/libphp4.so", O_RDONLY) = 6
read(6, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0p\272\3"..., 512) = 512
fstat64(6, {st_mode=S_IFREG|0644, st_size=3123152, ...}) = 0
old_mmap(NULL, 3152448, PROT_READ|PROT_EXEC, MAP_PRIVATE, 6, 0) = 0x402ac000
old_mmap(0x4058a000, 122880, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 6, 0x2dd000) = 0x4058a000
old_mmap(0x405a8000, 23104, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x405a8000
close(6)                                = 0
open("/etc/ld.so.cache", O_RDONLY)      = 6
fstat64(6, {st_mode=S_IFREG|0644, st_size=20601, ...}) = 0
old_mmap(NULL, 20601, PROT_READ, MAP_PRIVATE, 6, 0) = 0x405ae000
close(6)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
open("/usr/lib/libzzip-0.so.12", O_RDONLY) = 6
read(6, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\0\32\0"..., 512) = 512
fstat64(6, {st_mode=S_IFREG|0644, st_size=20264, ...}) = 0
old_mmap(NULL, 23324, PROT_READ|PROT_EXEC, MAP_PRIVATE, 6, 0) = 0x405b4000
old_mmap(0x405b9000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 6, 0x4000) = 0x405b9000
close(6)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
open("/lib/tls/libnsl.so.1", O_RDONLY)  = 6
read(6, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0 <\0\000"..., 512) = 512
fstat64(6, {st_mode=S_IFREG|0644, st_size=73304, ...}) = 0
old_mmap(NULL, 80544, PROT_READ|PROT_EXEC, MAP_PRIVATE, 6, 0) = 0x405ba000
old_mmap(0x405cb000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 6, 0x11000) = 0x405cb000
old_mmap(0x405cc000, 6816, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x405cc000
close(6)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
open("/usr/lib/libpcre.so.3", O_RDONLY) = 6
read(6, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\20\r\0"..., 512) = 512
fstat64(6, {st_mode=S_IFREG|0644, st_size=63992, ...}) = 0
old_mmap(NULL, 62960, PROT_READ|PROT_EXEC, MAP_PRIVATE, 6, 0) = 0x405ce000
old_mmap(0x405dd000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 6, 0xf000) = 0x405dd000
close(6)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
open("/usr/lib/libbz2.so.1.0", O_RDONLY) = 6
read(6, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0000\22\0"..., 512) = 512
fstat64(6, {st_mode=S_IFREG|0644, st_size=62048, ...}) = 0
old_mmap(NULL, 61012, PROT_READ|PROT_EXEC, MAP_PRIVATE, 6, 0) = 0x405de000
old_mmap(0x405ec000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 6, 0xe000) = 0x405ec000
close(6)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
open("/usr/lib/libz.so.1", O_RDONLY)    = 6
read(6, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\200\27"..., 512) = 512
fstat64(6, {st_mode=S_IFREG|0644, st_size=67468, ...}) = 0
old_mmap(NULL, 70528, PROT_READ|PROT_EXEC, MAP_PRIVATE, 6, 0) = 0x405ed000
old_mmap(0x405fe000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 6, 0x10000) = 0x405fe000
close(6)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
open("/usr/lib/i686/cmov/libssl.so.0.9.7", O_RDONLY) = 6
read(6, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\0\205\0"..., 512) = 512
fstat64(6, {st_mode=S_IFREG|0644, st_size=198576, ...}) = 0
old_mmap(NULL, 199344, PROT_READ|PROT_EXEC, MAP_PRIVATE, 6, 0) = 0x405ff000
old_mmap(0x4062d000, 12288, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 6, 0x2e000) = 0x4062d000
close(6)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
open("/lib/tls/libresolv.so.2", O_RDONLY) = 6
read(6, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\220)\0"..., 512) = 512
fstat64(6, {st_mode=S_IFREG|0644, st_size=64924, ...}) = 0
old_mmap(NULL, 73640, PROT_READ|PROT_EXEC, MAP_PRIVATE, 6, 0) = 0x40630000
old_mmap(0x4063f000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 6, 0xf000) = 0x4063f000
old_mmap(0x40640000, 8104, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x40640000
close(6)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
open("/usr/lib/libgssapi_krb5.so.2", O_RDONLY) = 6
read(6, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\340M\0"..., 512) = 512
fstat64(6, {st_mode=S_IFREG|0644, st_size=82284, ...}) = 0
old_mmap(NULL, 85356, PROT_READ|PROT_EXEC, MAP_PRIVATE, 6, 0) = 0x40642000
old_mmap(0x40656000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 6, 0x13000) = 0x40656000
close(6)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
open("/usr/lib/libkrb5.so.3", O_RDONLY) = 6
read(6, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\240\372"..., 512) = 512
fstat64(6, {st_mode=S_IFREG|0644, st_size=425800, ...}) = 0
old_mmap(NULL, 425224, PROT_READ|PROT_EXEC, MAP_PRIVATE, 6, 0) = 0x40657000
old_mmap(0x406bd000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 6, 0x66000) = 0x406bd000
close(6)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
open("/usr/lib/libk5crypto.so.3", O_RDONLY) = 6
read(6, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\2205\0"..., 512) = 512
fstat64(6, {st_mode=S_IFREG|0644, st_size=138952, ...}) = 0
old_mmap(NULL, 143072, PROT_READ|PROT_EXEC, MAP_PRIVATE, 6, 0) = 0x406bf000
old_mmap(0x406e1000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 6, 0x21000) = 0x406e1000
close(6)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
open("/lib/libcom_err.so.2", O_RDONLY)  = 6
read(6, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\220\n\0"..., 512) = 512
fstat64(6, {st_mode=S_IFREG|0644, st_size=6116, ...}) = 0
old_mmap(NULL, 9216, PROT_READ|PROT_EXEC, MAP_PRIVATE, 6, 0) = 0x406e2000
old_mmap(0x406e4000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 6, 0x1000) = 0x406e4000
close(6)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
open("/usr/lib/i686/cmov/libcrypto.so.0.9.7", O_RDONLY) = 6
read(6, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0p\300\2"..., 512) = 512
fstat64(6, {st_mode=S_IFREG|0644, st_size=1029672, ...}) = 0
old_mmap(NULL, 1043608, PROT_READ|PROT_EXEC, MAP_PRIVATE, 6, 0) = 0x406e5000
old_mmap(0x407cf000, 73728, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 6, 0xea000) = 0x407cf000
old_mmap(0x407e1000, 11416, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x407e1000
close(6)                                = 0
munmap(0x405ae000, 20601)              = 0
open("/usr/lib/apache/1.3/mod_log_config.so", O_RDONLY) = 6
read(6, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\340\21"..., 512) = 512
fstat64(6, {st_mode=S_IFREG|0644, st_size=14412, ...}) = 0
old_mmap(NULL, 13376, PROT_READ|PROT_EXEC, MAP_PRIVATE, 6, 0) = 0x405ae000
old_mmap(0x405b1000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 6, 0x3000) = 0x405b1000
close(6)                                = 0
open("/usr/lib/apache/1.3/mod_mime.so", O_RDONLY) = 6
read(6, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\320\16"..., 512) = 512
fstat64(6, {st_mode=S_IFREG|0644, st_size=12272, ...}) = 0
old_mmap(NULL, 15488, PROT_READ|PROT_EXEC, MAP_PRIVATE, 6, 0) = 0x407e4000
old_mmap(0x407e7000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 6, 0x2000) = 0x407e7000
close(6)                                = 0
open("/usr/lib/apache/1.3/mod_include.so", O_RDONLY) = 6
read(6, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\200\30"..., 512) = 512
fstat64(6, {st_mode=S_IFREG|0644, st_size=30852, ...}) = 0
old_mmap(NULL, 33912, PROT_READ|PROT_EXEC, MAP_PRIVATE, 6, 0) = 0x407e8000
old_mmap(0x407f0000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 6, 0x7000) = 0x407f0000
close(6)                                = 0
open("/usr/lib/apache/1.3/mod_autoindex.so", O_RDONLY) = 6
read(6, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0000\32\0"..., 512) = 512
fstat64(6, {st_mode=S_IFREG|0644, st_size=28292, ...}) = 0
old_mmap(NULL, 31356, PROT_READ|PROT_EXEC, MAP_PRIVATE, 6, 0) = 0x407f1000
old_mmap(0x407f8000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 6, 0x6000) = 0x407f8000
close(6)                                = 0
open("/usr/lib/apache/1.3/mod_dir.so", O_RDONLY) = 6
read(6, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\300\t\0"..., 512) = 512
fstat64(6, {st_mode=S_IFREG|0644, st_size=5724, ...}) = 0
old_mmap(NULL, 8784, PROT_READ|PROT_EXEC, MAP_PRIVATE, 6, 0) = 0x407f9000
old_mmap(0x407fb000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 6, 0x1000) = 0x407fb000
close(6)                                = 0
open("/usr/lib/apache/1.3/mod_alias.so", O_RDONLY) = 6
read(6, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\20\f\0"..., 512) = 512
fstat64(6, {st_mode=S_IFREG|0644, st_size=8728, ...}) = 0
old_mmap(NULL, 11788, PROT_READ|PROT_EXEC, MAP_PRIVATE, 6, 0) = 0x407fc000
old_mmap(0x407fe000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 6, 0x1000) = 0x407fe000
close(6)                                = 0
open("/usr/lib/apache/1.3/mod_rewrite.so", O_RDONLY) = 6
read(6, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\220\37"..., 512) = 512
fstat64(6, {st_mode=S_IFREG|0644, st_size=51272, ...}) = 0
old_mmap(NULL, 50300, PROT_READ|PROT_EXEC, MAP_PRIVATE, 6, 0) = 0x407ff000
old_mmap(0x4080b000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 6, 0xc000) = 0x4080b000
close(6)                                = 0
open("/usr/lib/apache/1.3/mod_access.so", O_RDONLY) = 6
read(6, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\220\n\0"..., 512) = 512
fstat64(6, {st_mode=S_IFREG|0644, st_size=7464, ...}) = 0
old_mmap(NULL, 10528, PROT_READ|PROT_EXEC, MAP_PRIVATE, 6, 0) = 0x4080c000
old_mmap(0x4080e000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 6, 0x1000) = 0x4080e000
close(6)                                = 0
open("/usr/lib/apache/1.3/mod_auth.so", O_RDONLY) = 6
read(6, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0P\r\0\000"..., 512) = 512
fstat64(6, {st_mode=S_IFREG|0644, st_size=9868, ...}) = 0
old_mmap(NULL, 8832, PROT_READ|PROT_EXEC, MAP_PRIVATE, 6, 0) = 0x4080f000
old_mmap(0x40811000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 6, 0x2000) = 0x40811000
close(6)                                = 0
open("/usr/lib/apache/1.3/mod_expires.so", O_RDONLY) = 6
read(6, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0@\v\0\000"..., 512) = 512
fstat64(6, {st_mode=S_IFREG|0644, st_size=7604, ...}) = 0
old_mmap(NULL, 10664, PROT_READ|PROT_EXEC, MAP_PRIVATE, 6, 0) = 0x40812000
old_mmap(0x40814000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 6, 0x1000) = 0x40814000
close(6)                                = 0
open("/usr/lib/apache/1.3/mod_suid.so", O_RDONLY) = 6
read(6, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0 \20\0\000"..., 512) = 512
fstat64(6, {st_mode=S_IFREG|0755, st_size=63046, ...}) = 0
old_mmap(NULL, 16232, PROT_READ|PROT_EXEC, MAP_PRIVATE, 6, 0) = 0x40815000
old_mmap(0x40818000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 6, 0x2000) = 0x40818000
close(6)                                = 0
socket(PF_FILE, SOCK_STREAM, 0)        = 6
connect(6, {sa_family=AF_FILE, path="/var/run/.nscd_socket"}, 110) = -1 ENOENT (No such file or directory)
close(6)                                = 0
open("/etc/nsswitch.conf", O_RDONLY)    = 6
fstat64(6, {st_mode=S_IFREG|0644, st_size=465, ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x40819000
read(6, "# /etc/nsswitch.conf\n#\n# Example"..., 4096) = 465
read(6, "", 4096)                      = 0
close(6)                                = 0
munmap(0x40819000, 4096)                = 0
open("/etc/ld.so.cache", O_RDONLY)      = 6
fstat64(6, {st_mode=S_IFREG|0644, st_size=20601, ...}) = 0
old_mmap(NULL, 20601, PROT_READ, MAP_PRIVATE, 6, 0) = 0x40819000
close(6)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
open("/lib/tls/libnss_compat.so.2", O_RDONLY) = 6
read(6, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0000\22\0"..., 512) = 512
fstat64(6, {st_mode=S_IFREG|0644, st_size=28616, ...}) = 0
old_mmap(NULL, 31628, PROT_READ|PROT_EXEC, MAP_PRIVATE, 6, 0) = 0x4081f000
old_mmap(0x40826000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 6, 0x6000) = 0x40826000
close(6)                                = 0
munmap(0x40819000, 20601)              = 0
open("/etc/ld.so.cache", O_RDONLY)      = 6
fstat64(6, {st_mode=S_IFREG|0644, st_size=20601, ...}) = 0
old_mmap(NULL, 20601, PROT_READ, MAP_PRIVATE, 6, 0) = 0x40819000
close(6)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
open("/lib/tls/libnss_nis.so.2", O_RDONLY) = 6
read(6, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\20\34\0"..., 512) = 512
fstat64(6, {st_mode=S_IFREG|0644, st_size=33440, ...}) = 0
old_mmap(NULL, 36620, PROT_READ|PROT_EXEC, MAP_PRIVATE, 6, 0) = 0x40827000
old_mmap(0x4082f000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 6, 0x7000) = 0x4082f000
close(6)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
open("/lib/tls/libnss_files.so.2", O_RDONLY) = 6
read(6, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\200\35"..., 512) = 512
fstat64(6, {st_mode=S_IFREG|0644, st_size=34748, ...}) = 0
old_mmap(NULL, 38044, PROT_READ|PROT_EXEC, MAP_PRIVATE, 6, 0) = 0x40830000
old_mmap(0x40839000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 6, 0x8000) = 0x40839000
close(6)                                = 0
munmap(0x40819000, 20601)              = 0
open("/etc/passwd", O_RDONLY)          = 6
fcntl64(6, F_GETFD)                    = 0
fcntl64(6, F_SETFD, FD_CLOEXEC)        = 0
_llseek(6, 0, [0], SEEK_CUR)            = 0
fstat64(6, {st_mode=S_IFREG|0644, st_size=1248, ...}) = 0
mmap2(NULL, 1248, PROT_READ, MAP_SHARED, 6, 0) = 0x40819000
_llseek(6, 1248, [1248], SEEK_SET)      = 0
munmap(0x40819000, 1248)                = 0
close(6)                                = 0
socket(PF_FILE, SOCK_STREAM, 0)        = 6
connect(6, {sa_family=AF_FILE, path="/var/run/.nscd_socket"}, 110) = -1 ENOENT (No such file or directory)
close(6)                                = 0
open("/etc/group", O_RDONLY)            = 6
fcntl64(6, F_GETFD)                    = 0
fcntl64(6, F_SETFD, FD_CLOEXEC)        = 0
_llseek(6, 0, [0], SEEK_CUR)            = 0
fstat64(6, {st_mode=S_IFREG|0644, st_size=592, ...}) = 0
mmap2(NULL, 592, PROT_READ, MAP_SHARED, 6, 0) = 0x40819000
_llseek(6, 592, [592], SEEK_SET)        = 0
munmap(0x40819000, 592)                = 0
close(6)                                = 0
read(4, "r.log referer\n#CustomLog /var/lo"..., 4096) = 1645
stat64("/home/hosting", {st_mode=S_IFDIR|0770, st_size=31, ...}) = 0
open("/etc/passwd", O_RDONLY)          = 6
fcntl64(6, F_GETFD)                    = 0
fcntl64(6, F_SETFD, FD_CLOEXEC)        = 0
_llseek(6, 0, [0], SEEK_CUR)            = 0
fstat64(6, {st_mode=S_IFREG|0644, st_size=1248, ...}) = 0
mmap2(NULL, 1248, PROT_READ, MAP_SHARED, 6, 0) = 0x40819000
_llseek(6, 1248, [1248], SEEK_SET)      = 0
munmap(0x40819000, 1248)                = 0
close(6)                                = 0
open("/etc/group", O_RDONLY)            = 6
fcntl64(6, F_GETFD)                    = 0
fcntl64(6, F_SETFD, FD_CLOEXEC)        = 0
_llseek(6, 0, [0], SEEK_CUR)            = 0
fstat64(6, {st_mode=S_IFREG|0644, st_size=592, ...}) = 0
mmap2(NULL, 592, PROT_READ, MAP_SHARED, 6, 0) = 0x40819000
_llseek(6, 592, [592], SEEK_SET)        = 0
munmap(0x40819000, 592)                = 0
close(6)                                = 0
access("/proc/sys/kernel/rsuid/enabled", R_OK|W_OK) = 0
getpid()                                = 961
open("/proc/961/attr/current", O_RDONLY|O_LARGEFILE) = 6
read(6, "RSUID disabled\n", 512)        = 15
open("/proc/961/attr/exec", O_WRONLY|O_LARGEFILE) = 8
write(8, "rsuid enable", 12)            = 12
close(8)                                = 0
open("/proc/961/attr/exec", O_RDONLY|O_LARGEFILE) = 8
read(8, 0xbfffd790, 10)                = -1 EINVAL (Invalid argument)
close(8)                                = 0
getrlimit(RLIMIT_NOFILE, {rlim_cur=1024, rlim_max=1024}) = 0
open("/etc/passwd", O_RDONLY)          = 8
fcntl64(8, F_GETFD)                    = 0
fcntl64(8, F_SETFD, FD_CLOEXEC)        = 0
_llseek(8, 0, [0], SEEK_CUR)            = 0
fstat64(8, {st_mode=S_IFREG|0644, st_size=1248, ...}) = 0
mmap2(NULL, 1248, PROT_READ, MAP_SHARED, 8, 0) = 0x40819000
_llseek(8, 1248, [1248], SEEK_SET)      = 0
munmap(0x40819000, 1248)                = 0
close(8)                                = 0
open("/etc/group", O_RDONLY)            = 8
fcntl64(8, F_GETFD)                    = 0
fcntl64(8, F_SETFD, FD_CLOEXEC)        = 0
_llseek(8, 0, [0], SEEK_CUR)            = 0
fstat64(8, {st_mode=S_IFREG|0644, st_size=592, ...}) = 0
mmap2(NULL, 592, PROT_READ, MAP_SHARED, 8, 0) = 0x40819000
_llseek(8, 592, [592], SEEK_SET)        = 0
munmap(0x40819000, 592)                = 0
close(8)                                = 0
read(4, "", 4096)                      = 0
close(4)                                = 0
munmap(0x40018000, 4096)                = 0
stat64("/etc/apache/srm.conf", {st_mode=S_IFREG|0644, st_size=297, ...}) = 0
lstat64("/etc/apache/srm.conf", {st_mode=S_IFREG|0644, st_size=297, ...}) = 0
open("/etc/apache/srm.conf", O_RDONLY|O_LARGEFILE) = 4
fstat64(4, {st_mode=S_IFREG|0644, st_size=297, ...}) = 0
fstat64(4, {st_mode=S_IFREG|0644, st_size=297, ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x40018000
read(4, "#\n# This is the default file for"..., 4096) = 297
read(4, "            = 0
close(4)                                = 0
munmap(0x40018000, 4096)                = 0
stat64("/etc/apache/access.conf", {st_mode=S_IFREG|0644, st_size=285, ...}) = 0
lstat64("/etc/apache/access.conf", {st_mode=S_IFREG|0644, st_size=285, ...}) = 0
open("/etc/apache/access.conf", O_RDONLY|O_LARGEFILE) = 4
fstat64(4, {st_mode=S_IFREG|0644, st_size=285, ...}) = 0
fstat64(4, {st_mode=S_IFREG|0644, st_size=285, ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x40018000
read(4, "#\n# This is the default file for"..., 4096) = 285
read(4, "", 4096)                      = 0
close(4)                                = 0
munmap(0x40018000, 4096)                = 0
open("/var/log/apache/error.host.log", O_WRONLY|O_APPEND|O_CREAT|O_LARGEFILE, 0660) = 4
fcntl64(4, F_DUPFD, 15)                = 15
close(4)                                = 0
fcntl64(15, F_GETFL)                    = 0x8401 (flags O_WRONLY|O_APPEND|O_LARGEFILE)
fstat64(15, {st_mode=S_IFREG|0640, st_size=1684, ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x40018000
_llseek(15, 0, [0], SEEK_CUR)          = 0
dup2(15, 2)                            = 2
open("/home/hosting/default/logs/error.log", O_WRONLY|O_APPEND|O_CREAT|O_LARGEFILE, 0660) = -1 EACCES (Permission denied)
dup(2)                                  = 4
fcntl64(4, F_GETFL)                    = 0x8401 (flags O_WRONLY|O_APPEND|O_LARGEFILE)
close(4)                                = 0
write(2, "fopen: Permission denied\n", 25) = 25
write(2, "apache: could not open error log"..., 76) = 76
exit_group(1)
здесь даже нет еще смены юзера.... :(
хотя из документации по lsm_rsuid написано, что как-только активируется эта штука в приложении, то больше нельзя менять юзера....... логики не понимаю... :(


Часовой пояс GMT +4, время: 22:42.

Powered by vBulletin® Version 3.8.5
Copyright ©2000 - 2025, Jelsoft Enterprises Ltd.