You are not logged in.

#1 2020-10-22 00:26:42

RageBanken
Member
Registered: 2020-09-16
Posts: 30

Unable to locate files for libmodsecurity

Maybe I'm just missing them, but so far I've had to go fetch two files from github.

modsecurity.conf.recommended (the example configuration file)
and
unicode.mapping

Are they actually included somewhere, or is there a reason they aren't being included?

Also, is there a nicer fix to missing unicode.mapping causing errors than disabling rules that use it or running and fetching it manually?  Tell me I'm missing something obvious, please.

(note: neither the nginx connector in community, nor in aur seem to provide these files either, though the recommended base setup calls for them.)

Offline

#2 2020-10-22 13:25:22

Lone_Wolf
Member
From: Netherlands, Europe
Registered: 2005-10-04
Posts: 11,868

Re: Unable to locate files for libmodsecurity

The archlinux PKGBUILD[1] explicitly disables examples , maybe that's why the modsecurity.conf.recommended file is missing ?




[1] https://github.com/archlinux/svntogit-c … k/PKGBUILD


Disliking systemd intensely, but not satisfied with alternatives so focusing on taming systemd.


(A works at time B)  && (time C > time B ) ≠  (A works at time C)

Offline

#3 2020-10-23 01:06:45

RageBanken
Member
Registered: 2020-09-16
Posts: 30

Re: Unable to locate files for libmodsecurity

I hadn't considered that.  Though that raises questions about a great many packages that include defaults and examples to copy over for your own use...  Dnsmasq, and Xorg come to mind immediately.  Is it because modsecurity refers to their sane default configuration as an example to build on?  It seems to me that anyone installing modsecurity is going to want to start with the baseline security already set instead of re-inventing a rather large wheel.

I suppose it makes sense if the packager is purposefully leaving out the configuration, that they'd leave out unicode.mappings as well since it's only required/noticed if you actually configure modsecurity.  Though, I'd think it'd be left there as a required part of base functionality for those who do bother to actually set it up instead of just install & ignore.

Is there a more efficient / pretty way of handling this instead of having to go manually check git-hub every update?  I mean, isn't that part of the point of using packages in the repository over using the aur for everything?

(Note: as it is, I've already thrown my hands up and just moved over to nginx-mainline and am using the mainline modsecurity from the aur since I'm being forced to use github for it anyway.  Would just like to know if someone's messed something up, or there's a better way to handle it for future encounters with key files being excluded from things in the regular repositories.  Though that does spark a separate annoyance of being able to install nginx-mainline, but having to use the aur for all it's modules.)

Offline

Board footer

Powered by FluxBB