[apparmor] apparmor+debian+apache2-mpm-itk
Seth Arnold
seth.arnold at gmail.com
Mon Oct 24 11:55:56 UTC 2011
Can you include the AppArmor DENIED messages? Check /var/log/messages or /var/log/syslog or /var/log/audit/audit.log as described at http://wiki.apparmor.net/index.php/AppArmor_Failures#Messages_in_the_Log_files
Perhaps you need to add "capability setuid" to the HANDLING_UNTRUSTED_INPUT "hat" -- only "setgid" is there now -- but those permissions seem funny in that location and it would be nice to know what exactly is being denied.
------Original Message------
From: natan maciej milaszewski
Sender: apparmor-bounces at lists.ubuntu.com
To: apparmor at lists.ubuntu.com
Subject: [apparmor] apparmor+debian+apache2-mpm-itk
Sent: Oct 24, 2011 4:31 AM
Hi
I run apparmor + apache2-mpm-itk+ debian squeezy
i don't have any idea for fixed some error in error.log:
[Mon Oct 24 12:37:17 2011] [warn] (itkmpm: pid=817 uid=0, gid=33) itk_post_perdir_config(): setuid(33): Operation not permitted
[Mon Oct 24 12:37:17 2011] [warn] Couldn't set uid/gid/priority, closing connection.
i generate aa-genprof apache2 (itk)
http://paste.debian.net/139398/
what i must add to: usr.lib.apache2.mpm-itk.apache2 for fixed my problem ?
best regards
--
AppArmor mailing list
AppArmor at lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
More information about the AppArmor
mailing list