Apache path error apache_mod_security.inc with fix



  • Following error occurs when editing any vhosts or httpd settings via the gui on pfsense 2.2.

    … No such file or directory in /usr/local/pkg/apache_mod_security.inc on line 1009

    The path is wrong on a config in the apache mod security package. So Apache does not work on pfsense 2.2.

    Does anyone even test these packages?

    Simple fix:

    Edit /usr/local/pkg/apache_mod_security.inc on line 1009

    #$fd = fopen("/usr/local/etc/apache22/httpd.conf", "w");
            $fd = fopen("/usr/pbi/proxy_mod_security-amd64/local/etc/apache22/httpd.conf", "w");

    You guys should consider a consistent path structure and use find/replace scripts on these new packages.

    Perhaps even create a symlink tree structure so you don't have to manually modify these outside the base BSD packages, etc.

    P.S. There are similar problems with IMspector for like the past 2 years on i386.



  • Hi, this is a problem with my config, took my 4 hrs of offline server, need to copy the virtuahost section from /usr/pbi/proxy_mod_security-amd64/local/etc/apache22/httpd.conf to /usr/pbi/proxy_mod_security-amd64/local/etc/apache22/httpd.conf a ln dont work.


  • Banned

    @cmenghi:

    need to copy the virtuahost section from /usr/pbi/proxy_mod_security-amd64/local/etc/apache22/httpd.conf to /usr/pbi/proxy_mod_security-amd64/local/etc/apache22/httpd.conf a ln dont work.

    Yeah, so you copied it

    from
    /usr/pbi/proxy_mod_security-amd64/local/etc/apache22/httpd.conf
    to
    /usr/pbi/proxy_mod_security-amd64/local/etc/apache22/httpd.conf

    which is exactly the same place. Hmmm, makes a lot of sense.



  • Not, only i copied the vhost section of the file. If i do a copy or "ln" the httpd dont start.
    After this i start apache from console, if i do from GUI, the proccess dont start.


  • Banned

    Let me restate this: describe the darned problem in some understandable way if you want to get something fixed.



  • Hi, because doing this change i still show errors and i need to do manualy copy of files

    Big changes in the path to data and nobody test it !?

    Thanks.


  • Banned

    Once again, unless you describe your issue in understandable language, nothing's gonna get fixed. Plain and simple. Not to mention that there are two different variants of this package, not even clear which one you are using.



  • Sorry,

    Im using Proxy Server with mod_security 0.1.7 in PFsense 2.2.4

    Im do the fix suggested in this post but didn't work, the only solution for my was copy the virtual host section from:

    /usr/local/etc/apache22/httpd.conf
    
    ```into
    

    /usr/pbi/proxy_mod_security-i386/etc/apache22/httpd.conf

    And start httpd from console to work correctly.
    
    If made any change form webui i get this error
    
    

    php-fpm: /pkg_edit.php: The command '/usr/local/sbin/httpd -t' returned exit code '1', the output was 'httpd: Syntax error on line 107 of /usr/local/etc/apache22/httpd.conf: Cannot load /usr/local/libexec/apache22/mod_cgi.so into server: Cannot open "/usr/pbi/proxy_mod_security-i386/local/libexec/apache22/mod_cgi.so

    
    Sorry, i'm do a mistake in my previous post.

  • Banned

    @cmenghi:

    Im using Proxy Server with mod_security 0.1.7 in PFsense 2.2.4

    After looking at the package, I'd rather not comment on the code. The apache_mod_security-dev v0.1.7 variant should take about a day to fix. The apache_mod_security-dev thing, I don't think I have time nor patience to be digging in about 5 times the amount of code compared to the non-dev variant.

    As it is, chances of the code working are about zero.

    EDIT: Broken garbage fixes here: https://github.com/pfsense/pfsense-packages/pull/1069


  • Banned

    Merged. Kindly test with 0.1.8 and report what's still broken.



  • Hi im upgrade to 0.1.8 but problems still persist

    the changes made from ui are writing to /usr/pbi/proxy_mod_security-i386/etc/apache22/httpd.conf but , mod_security is not loaded or applied, and i cant start httpd service from webui (php-fpm: /pkg_mgr_install.php: The command '/usr/pbi/proxy_mod_security-i386/local/sbin/httpd -t' returned exit code '1', the output was 'Shared object "libaprutil-1.so.0" not found, required by "httpd"')

    and when i need to start from console say that de mod_cgi is not exist, so i edit manualy /usr/pbi/proxy_mod_security-i386/etc/apache22/httpd.conf and add a comment to the line #LoadModule cgi_module libexec/apache22/mod_cgi.so

    and start from console the service.

    PF 2.2.4 i386
    Proxy Server with mod_security 0.1.8


  • Banned

    Upgrade is useless. You need to

    • uninstall
    • reinstall
    • resave the configuration of the package

    to have any chance to see the changes. Upgrade -> not working for any similar install fixes.



  • Hi, thanks for the quick reply.

    Im tried reinstalling the package but didn't work.


  • Banned

    https://github.com/pfsense/pfsense-packages/pull/1157 - final time I'm touching this. When 0.1.9 gets merged, preferably try this on a box which never had the previous clusterfuck installed.

    Doesn't work? Wait for 2.3, noone has time to deal with the PBI shit. Sorry.



  • ok, thanks for your time, ETA to 2.3 ?


  • Banned

    Shrug; there are alpha snapshots available. Sure like hell completely unsuitable for production. :D



  • Im test in a VM, looks amazing, great job!!  but is too risky to use it in a production eviroment and i dont see apache+modsecurity in the packages to install.


  • Banned

    0.1.9 merged - good luck :P


Log in to reply