Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: Apache: Users

Howto run Apache web server on Linux read-only root file system

 

 

Apache users RSS feed   Index | Next | Previous | View Threaded


monika.kistler at telemotive

Aug 31, 2011, 6:56 AM

Post #1 of 3 (914 views)
Permalink
Howto run Apache web server on Linux read-only root file system

Hi all,

I'm running the Apache web server 2.2.17 on an openSUSE 11.4 system.

Out of security reasons I need to have the root file system mounted read-only.
/var is mounted read/write on a separate partition, thus the log files do not cause any problem.

When booting my system I get the following errors, due to read-only rootfs.


mv: inter-device move failed: `/tmp/apache2.PLbqAdT67tqh' to
`/etc/apache2/sysconfig.d/loadmodule.conf'; unable to remove target: Read-only file system
/usr/share/apache2/get_module_list: line 113: /etc/apache2/sysconfig.d/global.conf: Read-only file
system
/usr/share/apache2/get_module_list: line 114: 3: Bad file descriptor
/usr/share/apache2/get_module_list: line 136: 3: Bad file descriptor
/usr/share/apache2/get_module_list: line 140: 3: Bad file descriptor
/usr/share/apache2/get_module_list: line 141: 3: Bad file descriptor
/usr/share/apache2/get_module_list: line 144: 3: Bad file descriptor
/usr/share/apache2/get_module_list: line 151: 3: Bad file descriptor
/usr/share/apache2/get_includes: line 15: /etc/apache2/sysconfig.d/include.conf: Read-only file
system
/usr/share/apache2/get_includes: line 16: 3: Bad file descriptor
/usr/share/apache2/get_includes: line 43: 3: Bad file descriptor


Does anybody have some experience with that topic and can provide a solution?

I came up with two ideas. Either link the affected files to some place on var or try to remount
rootfs rw in the apache2 init script and afterwards mount it ro again.

Any suggestions, which idea to prefer and/or howto implement it in a reasonable way?


Thanks,
Moni

-----------------------------------------------------------
Monika Kistler

Telemotive AG
Büro Mühlhausen
Breitwiesen
73347 Mühlhausen
Tel.: +49 7335 18493-82
Fax.: +49 7335 18493-20
Mobil: +49 175 2902903

http://www.telemotive.de
mailto:Monika.Kistler [at] telemotive

http://www.telemotive.de
-----------------------------------------------------------------------------------
Firmensitz: Telemotive AG - Breitwiesen - 73347 Mühlhausen
Vorstand: Franz Diller, Markus Fischer, Markus Stolz
Vorstandsvorsitzender: Peter Kersten
Aufsichtsratsvorsitzender: Dipl. Kaufmann Thomas Derlien
Amtsgericht: Ulm HRB 541321
-----------------------------------------------------------------------------------

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe [at] httpd
" from the digest: users-digest-unsubscribe [at] httpd
For additional commands, e-mail: users-help [at] httpd


tevans.uk at googlemail

Aug 31, 2011, 7:01 AM

Post #2 of 3 (888 views)
Permalink
Re: Howto run Apache web server on Linux read-only root file system [In reply to]

On Wed, Aug 31, 2011 at 2:56 PM, Monika Kistler
<monika.kistler [at] telemotive> wrote:
> Hi all,
>
> I'm running the Apache web server 2.2.17 on an openSUSE 11.4 system.
>
> Out of security reasons I need to have the root file system mounted read-only.
> /var is mounted read/write on a separate partition, thus the log files do not cause any problem.
>
> When booting my system I get the following errors, due to read-only rootfs.
>
>
> mv: inter-device move failed: `/tmp/apache2.PLbqAdT67tqh' to
> `/etc/apache2/sysconfig.d/loadmodule.conf'; unable to remove target: Read-only file system
> /usr/share/apache2/get_module_list: line 113: /etc/apache2/sysconfig.d/global.conf: Read-only file
> system
> /usr/share/apache2/get_module_list: line 114: 3: Bad file descriptor
> /usr/share/apache2/get_module_list: line 136: 3: Bad file descriptor
> /usr/share/apache2/get_module_list: line 140: 3: Bad file descriptor
> /usr/share/apache2/get_module_list: line 141: 3: Bad file descriptor
> /usr/share/apache2/get_module_list: line 144: 3: Bad file descriptor
> /usr/share/apache2/get_module_list: line 151: 3: Bad file descriptor
> /usr/share/apache2/get_includes: line 15: /etc/apache2/sysconfig.d/include.conf: Read-only file
> system
> /usr/share/apache2/get_includes: line 16: 3: Bad file descriptor
> /usr/share/apache2/get_includes: line 43: 3: Bad file descriptor
>
>
> Does anybody have some experience with that topic and can provide a solution?
>
> I came up with two ideas. Either link the affected files to some place on var or try to remount
> rootfs rw in the apache2 init script and afterwards mount it ro again.
>
> Any suggestions, which idea to prefer and/or howto implement it in a reasonable way?
>

I believe this is your distribution's init script which is trying to
do something clever. Stock apache doesn't try to rewrite the config
file at startup.

Cheers

Tom

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe [at] httpd
" from the digest: users-digest-unsubscribe [at] httpd
For additional commands, e-mail: users-help [at] httpd


monika.kistler at telemotive

Aug 31, 2011, 11:28 PM

Post #3 of 3 (889 views)
Permalink
Re: Howto run Apache web server on Linux read-only root file system [In reply to]

Hi Tom,

> I believe this is your distribution's init script which is trying to
> do something clever.

You are right, it is the openSUSE init script, that does all this stuff. So I know, where to hit
now.

Thanks for your help,
Cheers,
Moni

http://www.telemotive.de
-----------------------------------------------------------------------------------
Firmensitz: Telemotive AG - Breitwiesen - 73347 Mühlhausen
Vorstand: Franz Diller, Markus Fischer, Markus Stolz
Vorstandsvorsitzender: Peter Kersten
Aufsichtsratsvorsitzender: Dipl. Kaufmann Thomas Derlien
Amtsgericht: Ulm HRB 541321
-----------------------------------------------------------------------------------

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe [at] httpd
" from the digest: users-digest-unsubscribe [at] httpd
For additional commands, e-mail: users-help [at] httpd

Apache users RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.