From owner-freebsd-questions Wed Nov 29 4:53: 8 2000 Delivered-To: freebsd-questions@freebsd.org Received: from draenor.org (draenor.org [196.36.119.129]) by hub.freebsd.org (Postfix) with ESMTP id 36B4737B401 for ; Wed, 29 Nov 2000 04:53:04 -0800 (PST) Received: from marcs by draenor.org with local (Exim 3.16 #1) id 1416iz-000C3h-00; Wed, 29 Nov 2000 14:52:37 +0200 Date: Wed, 29 Nov 2000 14:52:37 +0200 From: Marc Silver To: Doug Young Cc: freebsd-questions@FreeBSD.ORG Subject: Re: 4.2 kernel security / httpd issue Message-ID: <20001129145237.D18309@draenor.org> References: <02d601c05a00$27c02ea0$837e03cb@dougy> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <02d601c05a00$27c02ea0$837e03cb@dougy>; from dougy@bryden.apana.org.au on Wed, Nov 29, 2000 at 10:29:35PM +1000 X-Operating-System: FreeBSD 4.2-STABLE Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Hi there, I don't think it's BSD's securelevel that is causing this. I would suggest that you look at /var/log/httpd-error.log (or wherever you're keeping your error log) as this is definitely an apache error. In particular, take a look at the 'ServerName' directive in the httpd.conf file. - Marc On Wed, Nov 29, 2000 at 10:29:35PM +1000, Doug Young wrote: > > Would someone suggest where to find information on the various kernel security levels available in 4.2 RELEASE ? I'm having trouble getting apache to start ..... it keeps giving error messages saying "httpd could not start" & fully qualified domain name could not be found" (the machine does have a public IP & FQDN) > > I don't recall having to mess with httpd.conf in earlier versions of FreeBSD, so I'm wondering if maybe the kernel security level is somehow responsible . > > It looks like ipfw is installed, posibly by default when the higher security levels are requested > (theres what looks like an "ipfw" executable), "ipfw' spits out a page full of stuff, but theres nothing > about "ipfw" in "rc.conf > > I can't find anything that looks like a config file (maybe not relevant to ipfw ??), "man ipfw" doesn't help because its pretty vague, & the handbook isn't much better. > > > I've tried running "ipfw -a", "ipfw -t", "ipfw -N" plus combinations thereof, but they don't appear to do anything. > > rc.conf has kern_securelevel="2" & kern_securelevel_enable="YES" To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message