Update: Moveable Type on a ChRooted Server
I have worked out a few bugs in the chroot’ed Moveable Type setup since I posted the original article. The big problem I was having was that sending pings to blo.gs and the like were failing. This required a couple additional files being copied into the chroot jail.
First, we need to copy /etc/protocols, /etc/services and /etc/resolv.conf into our etc/ directory. These are required in order for MT to know how to resolve names and what the protocols are.
cp /etc/protocols /etc/services etc/resolv.conf etc/
Secondly, we need to copy the resovler library into the jail.
cp /usr/lib/libresolv.a usr/lib
So far, all of the pinging seems to be working fine.
One additional problem I have run into is an inability for MT to send me e-mail notifications of comments. I’m looking into what I need to install in the chroot jail to enable this feature. Look for future updates.
Related Posts:
- Moveable Type on a ChRooted Server
- Moveable Type on OpenBSD Redux
- Kung-Log: OS X Blog Manager
- Back On-line Again
- Making HTML Markup Easy
July 10th, 2003 at 12:49 pm
john-
first off, thanks for the great ‘tutorial’. I recently had to move my MT from a linux server (colo) to my openbsd box (home server) and without your advise I surely would have cried.
I started writing the comment because I was having a different problem but as I was typing away I suddenly thought of the solution :).
my problem was that my users (it’s a multi-user blog) couldn’t upload images. they kept getting “Got an error: CGI open of tmpfile: Permission denied”.
the solution? create a tmp directory under /var/www/ and chmod it 777.
however, did you ever figure out what is needed to get sendmail working for MT under chrooted httpd?
thanks again!
July 10th, 2003 at 2:07 pm
You’re right about the /var/www/tmp directory. I had to do the same thing to get uploads to work.
In regards to the sending mail issue, the Moveable Type docs discuss installing the Perl SendMail module. This allows MT to send mail using a standard SMTP connection to your mail server rather than trying to configure the sendmail program inside of your chroot jail.
A pkg_add of the Perl Sendmail package and a quick change to the config file, and the e-mail was working like a charm.
One of these days, I might document getting MT setup to use MySQL. The short version is that you have to create a hard link in /var/www/var/run/mysql to the unix-style socket that MySql is listening on.
July 23rd, 2003 at 3:01 am
Hi, thanks for the notes, I ended up here because I am trying to install MT in a chroot on OBSD with a postgresql backend, since both postgre and MT are new to me, I was wondering if you could forward me a copy of you mt.cfg for comparison, as I seen to be stuck in the middle of this (somewhere among the DBD DBI bindings). Am taking notes since no one seems to have tried this and will of course post somewhere if I can get it to run.
cheers,
mike
October 14th, 2003 at 9:00 am
hello,
Movable Type on OpenBSD Box with chrooted apache. That what I’ve been trying to setup since a month without success. Could you please point out what you did to get it working? (with postgrsql and provide me with you mt.cfg? as well as the changes needed to the httpd.conf) or just let me know what relevant documents where needed. I just found this page through google and would be gratefull if you can post me a reply using my email adress.
Thanks and regards,
–Eric
October 18th, 2003 at 10:13 am
i’ve been attempting to get mt running using mysql as the backend — alas, to no avail. i run the mt-check.cgi and it stops at the DBD::mysql.
i will consider that progress since i was unable to get mt to recognize the perl modules: openbsd ports puts the perl modules in /usr/local/libdata . i got it to stop at that by copying the /usr/local/libdata/perl5 directory to /var/www/usr/local/libdata/perl5.
now, if could just get the mt-check.cgi to go past the DBD::mysql header line…
January 26th, 2004 at 10:32 am
Due to constant spamming of the comments, I have disabled them. For some reason, the OpenBSD/MT articles seem to be the favorite targets.