Wrong cut-n-paste.. On Mar 2, 2007, at 7:10 AM, Robert Bailey wrote: > Is this on TX? > If so, > svc:/network/http:apache2> setprop start/privileges = astring: > basic,!proc_session,!proc_info,!file_link_any,net_privaddr,net_bindmlp > > On Mar 2, 2007, at 6:29 AM, przemolicc at poczta.fm wrote: > >> Hello, >> >> I am trying to configure apache2 with reduced privileges according to >> document: "Limiting service privileges in the Solaris 10 operating >> system". I have done everything from the document but there is a >> problem with >> apache start: >> >> bash-3.00# cat /etc/release >> Solaris 10 6/06 s10x_u2wos_09a X86 >> Copyright 2006 Sun Microsystems, Inc. All Rights >> Reserved. >> Use is subject to license terms. >> Assembled 09 June 2006 >> bash-3.00# uname -a >> SunOS test 5.10 Generic_118855-19 i86pc i386 i86pc >> bash-3.00# svcs -x >> bash-3.00# svcs -a|grep apache2 >> disabled 12:24:10 svc:/network/http:apache2 >> bash-3.00# svcprop -v -p start apache2 >> start/exec astring /lib/svc/method/http-apache2\ start >> start/timeout_seconds count 60 >> start/type astring method >> start/user astring webservd >> start/group astring webservd >> start/privileges astring basic,!proc_session,!proc_info,! >> file_link_any,net_privaddr >> start/limit_privileges astring :default >> start/use_profile boolean false >> start/supp_groups astring :default >> start/working_directory astring :default >> start/project astring :default >> start/resource_pool astring :default >> bash-3.00# svcadm enable apache2 >> bash-3.00# svcs -x >> svc:/network/http:apache2 (Apache 2 HTTP server) >> State: maintenance since Fri Mar 02 12:24:40 2007 >> Reason: Start method failed repeatedly, last exited with status 1. >> See: http://sun.com/msg/SMF-8000-KS >> See: httpd(8) >> See: /var/svc/log/network-http:apache2.log >> Impact: This service is not running. >> bash-3.00# tail /var/svc/log/network-http:apache2.log >> [ Mar 2 10:54:22 Method "start" exited with status 1 ] >> [ Mar 2 12:13:52 Leaving maintenance because clear requested. ] >> [ Mar 2 12:13:52 Enabled. ] >> [ Mar 2 12:13:52 Executing start method ("/lib/svc/method/http- >> apache2 start") ] >> [ Mar 2 12:13:52 Method "start" exited with status 1 ] >> [ Mar 2 12:24:10 Leaving maintenance because disable requested. ] >> [ Mar 2 12:24:10 Disabled. ] >> [ Mar 2 12:24:40 Enabled. ] >> [ Mar 2 12:24:40 Executing start method ("/lib/svc/method/http- >> apache2 start") ] >> [ Mar 2 12:24:40 Method "start" exited with status 1 ] >> >> bash-3.00# su - webservd >> $ ppriv -v $$ >> 22854: -su >> flags = <none> >> E: file_link_any,proc_exec,proc_fork,proc_info,proc_session >> I: file_link_any,proc_exec,proc_fork,proc_info,proc_session >> P: file_link_any,proc_exec,proc_fork,proc_info,proc_session >> L: >> contract_event,contract_observer,file_chown,file_chown_self,file_dac_ >> execute,file_dac_read,file_dac_search,file_dac_write,file_link_any,fi >> le_owner,file_setid,ipc_dac_read,ipc_dac_write,ipc_owner,net_icmpacce >> ss,net_privaddr,proc_audit,proc_chroot,proc_exec,proc_fork,proc_info, >> proc_owner,proc_session,proc_setid,proc_taskid,sys_acct,sys_admin,sys >> _audit,sys_mount,sys_nfs,sys_resource >> $ /lib/svc/method/http-apache2 start >> (13)Permission denied: make_sock: could not bind to address [::]:80 >> no listening sockets available, shutting down >> Unable to open logs >> >> Can anybody tell me what is wrong ? >> >> >> BTW how can I see output of "/lib/svc/method/http-apache2" ? >> >> przemol >> >> >> --------------------------------------------------------------------- >> - >> Oficjalne konto pocztowe europejskich internautow! >>>>> http://link.interia.pl/f19e8 >> >> _______________________________________________ >> security-discuss mailing list >> security-discuss at opensolaris.org > > _______________________________________________ > security-discuss mailing list > security-discuss at opensolaris.org
-------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mail.opensolaris.org/pipermail/security-discuss/attachments/20070302/f1239c78/attachment.html>
