Re: lug-bg: Apache + chroot + many vdomains

[Georgi Alexandrov <tehlists@xxxxxxxxxx>]

http://www.linux-vserver.org/

"Linux-VServer allows you to create virtual private servers and security 
contexts which operate like a normal Linux server, but allow many 
independent servers to be run simultaneously in one box at full speed. 
All services, such as ssh, mail, Web, and databases, can be started on 
such a VPS, without modification, just like on any real server. Each 
virtual server has its own user account database and root password and 
doesn't interfere with other virtual servers."
Danail Petrov wrote:

> Здравейте,
> искам да попитам, има ли възможност да се пусне apache (или друг уеб 
> сървър)  във /fakeroot , като обаче целта е всички виртуални домейни
> да бъдат в отделен /fakeroot ?
> До сега ползвах станадртно apache с конфигурирани виртуални домейни, 
> но днес сутринта при отварянето на една от страниците която се
> хоства на въпросната машина видях това:
>
> This site is defaced!!!
> NeverEverNo Sanity WebWorm generation 18
>
> Това беше default index.html на всички уеб страници...... вярно че 
> машинката си беше занемарена малко , и от близо 1 година нищо не беше 
> пипано
> по нея , но...... сега ще трябва да се оправи тази каша.
> Ето какво намерих в лог файловете. Според мен са ползвали "дупка" в 
> някой .php (на машината има няколко сайта с 'eXoops'):
> --13:44:45--  http://dhaenk.port5.com/bin.tar.gz
>           => `bin.tar.gz'
> Resolving dhaenk.port5.com... done.
> Connecting to dhaenk.port5.com[212.15.85.21]:80... connected.
> HTTP request sent, awaiting response... 200 OK
> Length: 1,153,967 [application/x-tar]
>
>    0K .......... .......... .......... .......... ..........  4%   
> 14.48 KB/s
>   50K .......... .......... .......... .......... ..........  8%   
> 12.15 KB/s
>  100K .......... .......... .......... .......... .......... 13%    
> 9.07 KB/s
>  150K .......... .......... .......... .......... .......... 17%   
> 11.07 KB/s
>  200K .......... .......... .......... .......... .......... 22%   
> 10.29 KB/s
>  250K .......... .......... .......... .......... .......... 26%   
> 14.41 KB/s
>  300K .......... .......... .......... .......... .......... 31%    
> 9.25 KB/s
>  350K .......... .......... .......... .......... .......... 35%    
> 7.07 KB/s
>  400K .......... .......... .......... .......... .......... 39%   
> 13.14 KB/s
>  450K .......... .......... .......... .......... .......... 44%   
> 10.39 KB/s
>  500K .......... .......... .......... .......... .......... 48%    
> 7.16 KB/s
>  550K .......... .......... .......... .......... .......... 53%   
> 10.24 KB/s
>  600K .......... .......... .......... .......... .......... 57%   
> 10.99 KB/s
>  650K .......... .......... .......... .......... .......... 62%   
> 12.40 KB/s
>  700K .......... .......... .......... .......... .......... 66%    
> 6.04 KB/s
>  750K .......... .......... .......... .......... .......... 70%   
> 16.13 KB/s
>  800K .......... .......... .......... .......... .......... 75%    
> 8.19 KB/s
>  850K .......... .......... .......... .......... .......... 79%    
> 8.18 KB/s
>  900K .......... .......... .......... .......... .......... 84%    
> 6.03 KB/s
>  950K .......... .......... .......... .......... .......... 88%   
> 11.16 KB/s
> 1000K .......... .......... .......... .......... .......... 93%   
> 27.44 KB/s
> 1050K .......... .......... .......... .......... .......... 97%   
> 16.55 KB/s
> 1100K .......... .......... ......                          100%    
> 8.34 KB/s
> 13:46:37 (10.07 KB/s) - `bin.tar.gz' saved [1153967/1153967]
>
> ==> Fakename: /usr/sbin/httpd PidNum: 12821
> [Tue Dec 21 20:01:50 2004] [notice] SIGHUP received.  Attempting to 
> restart
> [Tue Dec 21 20:01:59 2004] [notice] Digest: generating secret for 
> digest authentication ...
> [Tue Dec 21 20:01:59 2004] [notice] Digest: done
>
>
> [Tue Dec 21 20:11:39 2004] [notice] Apache/2.0.40 (Red Hat Linux) 
> configured -- resuming normal operations
> [Tue Dec 21 20:11:39 2004] [info] Server built: Feb 25 2003 05:01:56
> [Tue Dec 21 20:11:39 2004] [debug] 
> /usr/src/build/228504-i386/BUILD/httpd-2.0.40/server/mpm/prefork/prefork.c(1039): 
> AcceptMutex: sysvsem (default: sysvsem)
> String found where operator expected at m1ho2of line 2, near 
> "$ts[int(rand(@ts))] . '"
>  (Might be a runaway multi-line '' string starting on line 1)
>        (Missing semicolon on previous line?)
> syntax error at m1ho2of line 2, near "$ts[int(rand(@ts))] . '"
> Bad name after D' at m1ho2of line 2.
> String found where operator expected at m1ho2of line 2, near 
> "$ts[int(rand(@ts))] . '"
>  (Might be a runaway multi-line '' string starting on line 1)
>        (Missing semicolon on previous line?)
> syntax error at m1ho2of line 2, near "$ts[int(rand(@ts))] . '"
> Bad name after D' at m1ho2of line 2.
> String found where operator expected at m1ho2of line 2, near 
> "$ts[int(rand(@ts))] . '"
>  (Might be a runaway multi-line '' string starting on line 1)
>        (Missing semicolon on previous line?)
> syntax error at m1ho2of line 2, near "$ts[int(rand(@ts))] . '"
> Bad name after D' at m1ho2of line 2.
> [--cut--]
>
> на единия сайт дори бяха си ъплоаднали shell.php :) (сещате се какво 
> прави това ....)
> та ... все от някъде трябва да го захвана , въпроса е от къде...
>
>
> Ще се радвам да чуя вашите мниения по въпроса , както се надявам и на 
> съвети от ваша страна.
> Поздрави,
> Данаил Петров
>
>
>
>
>
>
> ============================================================================ 
>
> A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers).
> http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara 
> Zagora
> To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html
> ============================================================================ 
============================================================================
A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers).
http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora
To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html
============================================================================