[tomoyo-users-en 426] Re: problems with mod_css

Back to archive index
hs web****@rz*****
Tue Nov 29 22:18:19 JST 2011

thank you tetsuo,

don't ask me why, but now it works. i checked out the latest revision of mod_ccs.c, rebuilt the 
module, deleted the manual added domains, just added
"task manual_domain_transition <kernel> //apache /www.uni-leipzig.de /test1"
to "<kernel> /usr/sbin/apache2" and now the transition and domain-generation works:

    0:  0     <kernel>
                   ( //apache )
                       ( /www.my-domain.local.de )
     1:  1  *              /test1
    16:  0  *      /usr/sbin/apache2
                       => <kernel> //apache /www.my-domain.local /test1 ( -> 1 )
    17:  0             /usr/lib/apache2/suexec
    18:  0                 /data/homewww/test1/webdir/cgi/php.fcgi
    19:  0                     /opt/php/phpfarm-0.1.0/inst/php-5.2.16/bin/php-cgi

however, with this i only can control read/write-permissions inside /data/homewww/test1/webdir/.
my problem now is that suexec and in the end the execution of the php-binary breaks out of the 
manual domain transition. what i want to do is to regiment the rights of the php-binary (mainly 
subsequent system calls to shell, process list, network configuration, ...).
so, i removed mod_ccs from apache again and switched back to the "classic" tomoyo-way by directly 
controlling the domain

<kernel> /usr/sbin/apache2 /usr/lib/apache2/suexec /data/homewww/test1/webdir/cgi/php.fcgi

regards, hs

More information about the tomoyo-users-en mailing list
Back to archive index