From owner-freebsd-ports-bugs@FreeBSD.ORG Fri Mar 9 09:00:32 2007 Return-Path: X-Original-To: freebsd-ports-bugs@hub.freebsd.org Delivered-To: freebsd-ports-bugs@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 5E0A016A537 for ; Fri, 9 Mar 2007 09:00:32 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [69.147.83.40]) by mx1.freebsd.org (Postfix) with ESMTP id 352B213C4AC for ; Fri, 9 Mar 2007 09:00:32 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.13.4/8.13.4) with ESMTP id l2990WB8088096 for ; Fri, 9 Mar 2007 09:00:32 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.13.4/8.13.4/Submit) id l2990WHx088095; Fri, 9 Mar 2007 09:00:32 GMT (envelope-from gnats) Resent-Date: Fri, 9 Mar 2007 09:00:32 GMT Resent-Message-Id: <200703090900.l2990WHx088095@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-ports-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Dominic Mitchell Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 21D9516A403 for ; Fri, 9 Mar 2007 08:58:27 +0000 (UTC) (envelope-from dom@happygiraffe.net) Received: from happygiraffe.net (happygiraffe.net [81.6.215.59]) by mx1.freebsd.org (Postfix) with ESMTP id B86E613C461 for ; Fri, 9 Mar 2007 08:58:26 +0000 (UTC) (envelope-from dom@happygiraffe.net) Received: from localhost (localhost.happygiraffe.net [127.0.0.1]) by happygiraffe.net (Postfix) with ESMTP id E1C4DB8C4 for ; Fri, 9 Mar 2007 08:40:52 +0000 (GMT) Received: from happygiraffe.net ([127.0.0.1]) by localhost (gimli.happygiraffe.net [127.0.0.1]) (amavisd-new, port 10024) with LMTP id NfMHxTifXIQc for ; Fri, 9 Mar 2007 08:40:52 +0000 (GMT) Received: by happygiraffe.net (Postfix, from userid 1001) id 75477B8C2; Fri, 9 Mar 2007 08:40:52 +0000 (GMT) Message-Id: <20070309084052.75477B8C2@happygiraffe.net> Date: Fri, 9 Mar 2007 08:40:52 +0000 (GMT) From: Dominic Mitchell To: FreeBSD-gnats-submit@FreeBSD.org X-Send-Pr-Version: 3.113 Cc: Subject: ports/110121: fix for www/mod_securty2 X-BeenThere: freebsd-ports-bugs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Dominic Mitchell List-Id: Ports bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 09 Mar 2007 09:00:32 -0000 >Number: 110121 >Category: ports >Synopsis: fix for www/mod_securty2 >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: maintainer-update >Submitter-Id: current-users >Arrival-Date: Fri Mar 09 09:00:29 GMT 2007 >Closed-Date: >Last-Modified: >Originator: Dominic Mitchell >Release: FreeBSD 6.2-PRERELEASE i386 >Organization: >Environment: System: FreeBSD gimli.happygiraffe.net 6.2-PRERELEASE FreeBSD 6.2-PRERELEASE #1: Mon Jan 15 09:00:41 GMT 2007 root@gimli.happygiraffe.net:/usr/obj/usr/src/sys/GIMLI i386 Apache 2.2 >Description: The last update to www/mod_security2 had a few problems, including a couple of missing files. NB: This patch supercedes PR110005, as it hqas updated versions of the files. >How-To-Repeat: cd /usr/ports/www/mod_security2 && sudo make install >Fix: Here's the patch. NB: It adds two files. diff -ruN /usr/ports/www/mod_security2/Makefile mod_security2/Makefile --- /usr/ports/www/mod_security2/Makefile Tue Mar 6 07:37:20 2007 +++ mod_security2/Makefile Fri Mar 9 07:52:55 2007 @@ -64,7 +64,7 @@ @${REINPLACE_CMD} -e '\ s|SecRuleEngine On|SecRuleEngine DetectionOnly|; \ s|SecAuditLog.*logs/modsec_audit.log|SecAuditLog /var/log/httpd-modsec2_audit.log|; \ - s|SecDebugLog.*logs/modsec_debug.log|SecAuditLog /var/log/httpd-modsec2_debug.log|; \ + s|SecDebugLog.*logs/modsec_debug.log|SecDebugLog /var/log/httpd-modsec2_debug.log|; \ s|SecServerSignature "Apache/2.2.0 (Fedora)"|SecServerSignature "Apache/${APACHE_VERSION:C/[0-9]/\0./g}x (${OPSYS})"|; \ ' ${WRKSRCTOP}/rules/modsecurity_crs_10_config.conf diff -ruN /usr/ports/www/mod_security2/files/mod_security.conf.in mod_security2/files/mod_security.conf.in --- /usr/ports/www/mod_security2/files/mod_security.conf.in Thu Jan 1 01:00:00 1970 +++ mod_security2/files/mod_security.conf.in Fri Mar 9 07:53:13 2007 @@ -0,0 +1,3 @@ + + Include %%APACHEETCDIR%%/Includes/mod_security2/*.conf + diff -ruN /usr/ports/www/mod_security2/files/pkg-message-rules.in mod_security2/files/pkg-message-rules.in --- /usr/ports/www/mod_security2/files/pkg-message-rules.in Thu Jan 1 01:00:00 1970 +++ mod_security2/files/pkg-message-rules.in Fri Mar 9 07:52:31 2007 @@ -0,0 +1,10 @@ + +The modsecurity 2 Core Rules have been installed in + + %%PREFIX%%/%%APACHEETCDIR%%/Includes/mod_security2/ + +and run in "DetectionOnly" mode as not to disturb operatings. + +Please read http://www.modsecurity.org/projects/rules/index.html + +Logging is done to /var/log/httpd-modsec-*.log >Release-Note: >Audit-Trail: >Unformatted: