CLASS="section" BGCOLOR="#FFFFFF" TEXT="#000000" LINK="#0000FF" VLINK="#840084" ALINK="#0000FF" >

29.20. Test the new chrooted jail

Finally, we must test the new chrooted jail configuration of our Apache Web Server. The first thing to do is to restart our syslogd daemon with the following command:

        [root@deep ]/# /etc/rc.d/init.d/syslog restart
      

        Shutting down kernel logger:                               	[  OK  ]
        Shutting down system logger:                               	[  OK  ]
        Starting system logger:                                    	[  OK  ]
        Starting kernel logger:                                		[  OK  ]
      

Now, start the new chrooted jail Apache with the following command:

        [root@deep ]/# /etc/rc.d/init.d/httpd start
      

        Starting httpd:                                            		[  OK  ]
      

If you don't get any errors, do a ps ax | grep httpd and see if we're running:

        [root@deep ]/# ps ax | grep httpd
      

        14373 ?        S      0:00 httpd -DSSL
        14376 ?        S      0:00 httpd -DSSL
        14377 ?        S      0:00 httpd -DSSL
        14378 ?        S      0:00 httpd -DSSL
        14379 ?        S      0:00 httpd -DSSL
        14380 ?        S      0:00 httpd -DSSL
        14381 ?        S      0:00 httpd -DSSL
        14382 ?        S      0:00 httpd -DSSL
        14383 ?        S      0:00 httpd -DSSL
        14384 ?        S      0:00 httpd -DSSL
        14385 ?        S      0:00 httpd -DSSL
        14386 ?        S      0:00 httpd -DSSL
        14387 ?        S      0:00 httpd -DSSL
        14388 ?        S      0:00 httpd -DSSL
        14389 ?        S      0:00 httpd -DSSL
        14390 ?        S      0:00 httpd -DSSL
        14391 ?        S      0:00 httpd -DSSL
        14397 ?        S      0:00 httpd -DSSL
        14476 ?        S      0:00 httpd -DSSL
        14477 ?        S      0:00 httpd -DSSL
        14478 ?        S      0:00 httpd -DSSL
      

If so, lets check to make sure it's chrooted by picking out one of its process numbers and doing ls -la /proc/that_process_number/root/.

        [root@deep ]/# ls -la /proc/14373/root/
      
If you see:

        dev
        etc
        home
        lib
        usr
        var
      
congratulations!

As mentioned above, if you use Perl, you'll need to copy or hardlink any system libraries, perl libraries /usr/lib/perl5, and binaries into the chroot area. The same applies for SSL, PHP, LDAP, PostgreSQL and other programs.