How to upgrade chrooted lighttpd web server

Posted on in Categories Howto, lighttpd, Security last updated November 26, 2006
Lighttpd logo

If you are running chrooted lighttpd web server, upgrade procedure is a bit tricky. You need to upgrade webserver, as well as php and related extensions.

Following is common sequence you need to follow. I am just going to write down all steps, followed by actual Linux commands. If you need detailed instructions, please see how to install and configure lighttpd in chrooted jail.

Step # 1: Stop or shutdown lighttpd web server
# /etc/init.d/lighttpd stop

Step # 2: Backup existing chrooted directory (such as /webroot) to another partition or directory:
# mkdir /root/old.lighttpd
# tar -zcvf /root/old.lighttpd/webroot.tar.gz /webroot

Step # 3: Download latest lighttpd. Upgrade lighttpd using rpm:
# rpm -Uvh lighttpd*
Or using apt-get
# apt-get update; apt-get install lighttpd
Or using source code installation (make sure you use old ./configure syntax)
# ./configure
# make
# make install
Now upgrade PHP and php-mysql extensions using rpm or apt-get commands.
# rpm php*
OR
# apt-get php4-cgi php4-mysql

Step # 4: Now upgrade chrooted lighttpd which is located at /webroot:
# cd /webroot
# rm -rf usr
# rm -rf lib
# cp /usr/bin/php4-cgi /webroot/usr/bin/
# cp /usr/bin/php4 /webroot/usr/bin/
# /bin/l2chroot /usr/bin/php4
# /bin/l2chroot /usr/bin/php4-cgi
# cp /lib/ld-linux.so.2 /webroot/lib

Copy mysql extnsion
# cp /usr/lib/php4/20060606/mysql.so /webroot/usr/lib/php4/20060606/

Repeat above procedure to copy all your php shared modules such as php-imap, php-gd, php-memcache etc.

Step # 5: Now Start lighttpd:
# /etc/init.d/lighttpd start

Step # 6:Make sure everything is working perfectly:
# tail -f /var/log/message
# netstat -tulpn

Make sure you copy other essentials file such as /usr/sbin/sendmail (or mini_sendmail) to chrooted jail.

Posted by: Vivek Gite

The author is the creator of nixCraft and a seasoned sysadmin and a trainer for the Linux operating system/Unix shell scripting. He has worked with global clients and in various industries, including IT, education, defense and space research, and the nonprofit sector. Follow him on Twitter, Facebook, Google+.

Leave a Comment