Hello. mod_ccs is an Apache module which allows Apache 2.x running on TOMOYO Linux kernels to process requests under different TOMOYO Linux's domains based on requested server's name (and optionally based on requested resource's pathname) by requesting TOMOYO Linux's domain transition before processing requests. You can download and install this module by running below commands (after installing packages needed for developing Apache modules). (If your system has apxs2, use apxs2 rather than apxs.) # wget -O mod_ccs.c 'http://sourceforge.jp/projects/tomoyo/svn/view/branches/mod_ccs.c?root=tomoyo&revision=3640' # apxs -i -a -c mod_ccs.c If you didn't configure, domain transitions based on requested server's name are performed. For example, if Apache is running on "<kernel> /usr/sbin/httpd" domain and two virtual hosts (cat.example.com and dog.example.com) are defined, requests arriv****@cat***** are processed on "<kernel> /usr/sbin/httpd //cat.example.com" domain and requests arriv****@dog***** are processed on "<kernel> /usr/sbin/httpd //cat.example.com" domain. If you configure mapping table for pathname and domainname, domain transitions based on requested resource's pathname are performed after domain transitions based on requested server's name are performed. You can specify CCS_TransitionMap /path/to/mapping/table/file at the server-wide configuration files (e.g., httpd.conf). /path/to/mapping/table/file contains list of "requested pathname" and "domainname to transit" pairs like below. /usr/share/horde3/\* horde /usr/share/horde3/\{\*\}/\* horde /var/www/cgi-bin/lxr/\* lxr /var/www/cgi-bin/\{\*\}/\* cgi-bin /\{\*\}/\*.pl perl-programs /\{\*\}/\*.php php-programs Comparison is done from the top to the bottom direction and domain transition is performed using the "domainname to transit" of first matching "requested pathname". For example, if the requested resource's pathname is /var/www/cgi-bin/lxr/source , it matches the third line and transits to "lxr" domain ( "<kernel> /usr/sbin/httpd //cat.example.com //lxr" or "<kernel> /usr/sbin/httpd //dog.example.com //lxr" ). If no matching line is found in the /path/to/mapping/table/file , it transits to "default" domain ( "<kernel> /usr/sbin/httpd //cat.example.com //default" or "<kernel> /usr/sbin/httpd //dog.example.com //default" ). Questions and feedback are welcome.
TOMOYO
Fork