[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Jailkit-users] Run apache/tomcat process from a jailed user accoun
Re: [Jailkit-users] Run apache/tomcat process from a jailed user account
Wed, 3 Jun 2009 17:08:46 +0600
Thanks for your reply.
Apache is run as daemon and which is outside the jail and run using
Now please help me on how to run this apache using the jail user.
I tried with sudo but it says this:
sudo: unable to initialize PAM: No such file or directory
On Wed, Jun 3, 2009 at 11:44 AM, Olivier Sessink
> Tanveer Chowdhury wrote:
>> Hi all,
>> I have created a user 'jailuser' in a chroot jail environment. The
>> home of the user is now /home/webjailuser/home/jailuser.
>> I am using this user so that the user can only change html files of
>> web document root as I mounted that directory under his home.
>> Now, I want to grant that user the privilege to star/stop apache
>> server only. Is it possible with jailkit? The reason behind this I
>> have a system with tomcat where I grant privilege to the user to
>> start/stop tomcat service so it the above is possible then I will put
>> the user in jail and just give him tomcats docroot and tomcat process
>> privilege. Nothing else.
> it depends if the apache server runs with the same privileges as the
> user or different privileges. If they are the same you could run the
> apache process in the same jail and it will be easy for the user to
> restart the process.
> If different, you need something like sudo to manage the privileges.
> Note that sudo is setuid root and jk_cp and jk_lsh remove the setuid bit
> when copying files.
> Jailkit-users mailing list