Issues with installing modsecurity and nginx_apache

zEitEr

zEitEr

Super Moderator
Joined
Apr 11, 2005
Messages
15,358
Location
www.poralix.com
Hello,

Probably I've missed anything or overlooked. Who knows... but still having some issues trying to install modsecurity with nginx_apache. Here are the steps I've followed:

Code: 
[root@server custombuild]# ./build set modsecurity yes

And then:

Code: 
[root@server custombuild]# ./build modsecurity
/usr/lib/apache/libaprutil-1.so is not found, skipping ModSecurity for now. Please run './build apache' to get the libraries in place.

When building apache

Code: 
./build apache

it keeps installing libaprutil* into /etc/httpd/lib/:

Code: 
[root@server custombuild]# ls -la /usr/lib/apache/libapr* /etc/httpd/lib/libapr*
ls: cannot access /usr/lib/apache/libapr*: No such file or directory
-rw-r--r-- 1 root root 423436 Jan 14 13:09 /etc/httpd/lib/libapr-1.a
-rwxr-xr-x 1 root root    973 Jan 14 13:09 /etc/httpd/lib/libapr-1.la
lrwxrwxrwx 1 root root     17 Jan 14 13:09 /etc/httpd/lib/libapr-1.so -> libapr-1.so.0.5.2
lrwxrwxrwx 1 root root     17 Jan 14 13:09 /etc/httpd/lib/libapr-1.so.0 -> libapr-1.so.0.5.2
-rwxr-xr-x 1 root root 726622 Dec  4  2013 /etc/httpd/lib/libapr-1.so.0.4.8
-rwxr-xr-x 1 root root 793737 May 12  2014 /etc/httpd/lib/libapr-1.so.0.5.0
-rwxr-xr-x 1 root root 794202 May  6  2015 /etc/httpd/lib/libapr-1.so.0.5.1
-rwxr-xr-x 1 root root 289751 Jan 14 13:09 /etc/httpd/lib/libapr-1.so.0.5.2
-rw-r--r-- 1 root root 307520 Jan 14 13:09 /etc/httpd/lib/libaprutil-1.a
-rwxr-xr-x 1 root root   1063 Jan 14 13:09 /etc/httpd/lib/libaprutil-1.la
lrwxrwxrwx 1 root root     21 Jan 14 13:09 /etc/httpd/lib/libaprutil-1.so -> libaprutil-1.so.0.5.4
lrwxrwxrwx 1 root root     21 Jan 14 13:09 /etc/httpd/lib/libaprutil-1.so.0 -> libaprutil-1.so.0.5.4
-rwxr-xr-x 1 root root 528787 Dec  4  2013 /etc/httpd/lib/libaprutil-1.so.0.5.2
-rwxr-xr-x 1 root root 528715 Sep 19  2014 /etc/httpd/lib/libaprutil-1.so.0.5.3
-rwxr-xr-x 1 root root 227283 Jan 14 13:09 /etc/httpd/lib/libaprutil-1.so.0.5.4




Of course symlinks could probably fix the issue. Shouldn't custombuild scripts check the both directories or use /etc/httpd/lib/ ?

When trying to install nginx

Code: 
./build nginx

custombuild script patches /usr/local/directadmin/custombuild/custom/nginx_reverse/configure.nginx and changes:

Code: 
./configure \
        "--user=nginx" \
        "--group=nginx" \

to

Code: 
./configure --add-module=../modsecurity_nginx-2.9.0/nginx/modsecurity \
        "--user=nginx" \
        "--group=nginx" \
        "--prefix=/usr" \

which also fails:

Code: 
adding module in ../modsecurity_nginx-2.9.0/nginx/modsecurity
./configure: error: no ../modsecurity_nginx-2.9.0/nginx/modsecurity/config was found


*** There was an error while trying to configure Nginx. Check the custom/nginx_reverse/configure.nginx file

because of doModSecurity (i.e. ./build modsecurity) which fails as mentioned earlier.

Nginx failed to build and ruined running configs:

Code: 
[root@server custombuild]# nginx -t
nginx: [emerg] invalid port in "|IP|:|PORT_80|" of the "listen" directive in /etc/nginx/nginx-vhosts.conf:2
nginx: configuration file /etc/nginx/nginx.conf test failed

And even if I run

Code: 
[root@server custombuild]# ./build set modsecurity no

The file /usr/local/directadmin/custombuild/custom/nginx_reverse/configure.nginx still has an instruction to add modsecurity module, thus nginx will fail to build.

Please review it and fix where it's possible.

Thank you for your work.
 
Don't you have a custom/ap2/configure.apache file? The default one has:
Code: 
"--libexecdir=/usr/lib/apache" \
"--libdir=/usr/lib/apache" \

I think you might be missing these in your custom file :)
 
Right you are, Martynas.

I've removed the custom version custom/ap2/configure.apache and the libraries were put in their place:

Code: 
[root@server custombuild]# ls -la /usr/lib/apache/libapr*
-rw-r--r-- 1 root root 423436 Jan 14 14:50 /usr/lib/apache/libapr-1.a
-rwxr-xr-x 1 root root    974 Jan 14 14:50 /usr/lib/apache/libapr-1.la
lrwxrwxrwx 1 root root     17 Jan 14 14:50 /usr/lib/apache/libapr-1.so -> libapr-1.so.0.5.2
lrwxrwxrwx 1 root root     17 Jan 14 14:50 /usr/lib/apache/libapr-1.so.0 -> libapr-1.so.0.5.2
-rwxr-xr-x 1 root root 289751 Jan 14 14:50 /usr/lib/apache/libapr-1.so.0.5.2
-rw-r--r-- 1 root root 307520 Jan 14 14:50 /usr/lib/apache/libaprutil-1.a
-rwxr-xr-x 1 root root   1065 Jan 14 14:50 /usr/lib/apache/libaprutil-1.la
lrwxrwxrwx 1 root root     21 Jan 14 14:50 /usr/lib/apache/libaprutil-1.so -> libaprutil-1.so.0.5.4
lrwxrwxrwx 1 root root     21 Jan 14 14:50 /usr/lib/apache/libaprutil-1.so.0 -> libaprutil-1.so.0.5.4
-rwxr-xr-x 1 root root 227283 Jan 14 14:50 /usr/lib/apache/libaprutil-1.so.0.5.4

Modsecurity was installed now. Thanks.
 
You must log in or register to reply here.
Back
Top