Chrooted Apache

Troubleshooting my new OpenBSD server this morning. Trying to get the new MovableType blog software in place (with MySQL and all the cool MT software plugins that will stop the incessant spam comments, etc.). However, I wasn’t able to get any of the CGIs to work. Kept getting 500 server errors, and “Premature end of script headers” errors in the Apache error log. Even the test-cgi wasn’t working.
Found this little tidbit of information: The trick was this is the OpenBSD implementation of a chrooted Apache. You need to start Apache (httpd) with the -u option. Apparently the -u option turns off the chrooting of Apache and allows the Perl interperter to work correctly. has this to say about the issue:
“Existing CGIs: Most will NOT work as is. They may need programs or libraries outside /var/www. Some can be fixed by compiling so they are statically linked (not needing libraries in other directories), most may be fixed by populating the /var/www directory with the files required by the application, though this is non- trivial and requires considerable programming knowledge — most users will find it easier to just disable the chroot(2) feature until they are updated.”