Chroot'ing FrontPage® with the Zeus Web Server
A single Virtual Server
We will initially describe an example single Virtual Server set up to support the FrontPage extensions chroot'ed to a directory above the document root.
The FrontPage extensions should now function chroot'ed to the directory /web
- Create a Virtual Server with document root /web/docroot
- Enable the FrontPage and Htaccess modules
- In the CGI module configuration configure /web to be a chroot jail and enable chroot'ing of CGIs
- Still in the CGI module set 'Security Configurables' to 'Run CGI as file owner'
- Install the Microsoft FrontPage Extensions into /web/docroot/usr/local/frontpage
- Copy the libraries required by the extensions to /web/lib (suggestions)
- Symbolically link /web/usr/lib to /web/lib
- Copy the required binaries to /web/bin (suggestions)
- In the FrontPage module set the FrontPage installation directory to /web/usr/local/frontpage
- Restart the Virtual Server
- Run the $ZEUSHOME/webadmin/bin/fpinst.sh script as follows as root :
fpinst.sh --chroot=/webanswering the questions presented as normal.- This can be checked by running :
fpinst.sh --chroot=/web --checkand by connecting with a FrontPage client.A Virtual Server Subserver support
Follow the instructions as above but enable the Subserver module before running fpinst.sh Everything else is normal apart from using the --chroot=<directory> flag on fpinst.sh. You will be prompted, as usual, for the name of the site. Run this for each hosted site.
Multiple Virtual Servers
The above instructions can be applied to multiple Virtual Servers, each with their own chroot'ed enviroment.
With multiple Virtual Server the replication of the common libraries and FrontPage extensions may not be desirable. To cut down on wasted space the files in each chroot'ed enviroment can be created as hard links to files on the same file system rather than copies.