# Trouble with mod_chroot and apache-2.2.10 [SOLVED]

## hanj

Hello

Updated apache from 2.2.9 to 2.2.10 today and apache was having problems with the chroot that was previously set up and working.

Here is the snip from the error_log on start up:

```
[Sat Jan 10 09:37:30 2009] [notice] mod_chroot: changed root to /var/chroot/apache.

[Sat Jan 10 09:37:30 2009] [alert] (2)No such file or directory: Can't chdir to /var/chroot/apache

[Sat Jan 10 09:37:30 2009] [alert] (2)No such file or directory: Can't chdir to /var/chroot/apache

[Sat Jan 10 09:37:30 2009] [alert] (2)No such file or directory: Can't chdir to /var/chroot/apache

[Sat Jan 10 09:37:30 2009] [alert] (2)No such file or directory: Can't chdir to /var/chroot/apache

[Sat Jan 10 09:37:30 2009] [alert] (2)No such file or directory: Can't chdir to /var/chroot/apache

[Sat Jan 10 09:37:30 2009] [notice] Apache/2.2.10 (Unix) mod_ssl/2.2.10 OpenSSL/0.9.8j mod_chroot/0.5 Apache configured -- resuming normal operations

[Sat Jan 10 09:37:30 2009] [alert] Child 24458 returned a Fatal error... Apache is exiting!
```

/var/chroot/apache definitely does exist on the system, but I'm wondering if this is happening after it's jailed now?

Here is a small snip from strace output:

```
26149 chroot("/var/chroot/apache")      = 0

26150 chdir("/var/chroot/apache")       = -1 ENOENT (No such file or directory)
```

This was working fine with apache-2.2.9-r1, I was hoping that someone might be able to point me in the right direction to resolve this problem.

Here is a snip from start after rolling back to 2.2.9-r1

```
[Sat Jan 10 09:58:01 2009] [notice] ModSecurity for Apache 2.1.2 configured - Apache

[Sat Jan 10 09:58:03 2009] [notice] mod_chroot: changed root to /var/chroot/apache.

[Sat Jan 10 09:58:03 2009] [notice] Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.8j mod_chroot/0.5 Apache configured -- resuming normal operations
```

Here are my USE flags for apache:

```
www-servers/apache-2.2.10 [2.2.9-r1] USE="ssl -debug -doc -ldap (-selinux) -sni -static -suexec -threads" APACHE2_MODULES="actions alias auth_basic auth_digest authn_anon authn_dbd authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock dbd deflate dir disk_cache env expires ext_filter file_cache filter headers ident imagemap include info log_config logio mem_cache mime mime_magic negotiation proxy proxy_ajp proxy_balancer proxy_connect proxy_http rewrite setenvif speling status unique_id userdir usertrack vhost_alias -asis -authn_alias -cern_meta -charset_lite -dumpio -log_forensic -proxy_ftp -substitute -version" APACHE2_MPMS="prefork -event -itk -peruser -worker"
```

Also, I'm using www-apache/mod_chroot-0.5. I tried to rebuild mod_chroot, but no change. Let me know if anyone needs additional strace output.

Thanks!

hanji

----------

## hanj

I tested on another server using apache/mod_chroot, and that server had the same problem. I see mention that 2.2.10 has chroot in the core which will make mod_chroot obsolete, but it doesn't look like it's suppose to affect mod_chroot though.

http://bahumbug.wordpress.com/2008/10/16/apache-2210/

Rolling back is the only way to get things to work at the moment. Anybody else chroot'ing apache???

Thanks!

hanji

----------

## hanj

Created a bug report for this...

https://bugs.gentoo.org/show_bug.cgi?id=254450

hanji

----------

## hanj

Wow.. starting to feel that I'm the only one with this problem. Anybody else running chroot'd Apache?? If everything is working for you, can you chime in so we can find out what's different with our set ups?

Thanks!

hanji

----------

## hanj

Hello

This is solved. Long story short, mod_chroot is not compatible with apache-2.2.10. Apache-2.2.10 has chroot built into the core now. All you need to do is configure ChrootDir in httpd.conf. Remove -D chroot from /etc/conf.d/apache2 and restart the service.

http://www.uno-code.com/?q=node/157

Hope this helps. Apparently, I'm the only one in the universe with this problem.

hanji

----------

## ReD-BaRoN

Caught me too, thanks for posting.

----------

## mobian

Damn, spent like an hour on this before I decided to look here... thanks for posting the solution, saved me countless more wasted hours  :Smile: 

----------

