Bug 322261 - modecurity doesn't play nicely with svn
Summary: modecurity doesn't play nicely with svn
Keywords:
Status: CLOSED NOTABUG
Alias: None
Product: Fedora
Classification: Fedora
Component: mod_security
Version: 7
Hardware: All
OS: Linux
low
medium
Target Milestone: ---
Assignee: Michael Fleming
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2007-10-07 16:09 UTC by Eli Barzilay
Modified: 2007-11-30 22:12 UTC (History)
0 users

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2007-10-30 22:23:35 UTC
Type: ---
Embargoed:


Attachments (Terms of Use)

Description Eli Barzilay 2007-10-07 16:09:35 UTC
Description of problem:

  After a recent update of some rpms, subversion stopped working.  Turns out
  that the update included modsecurity that I didn't have before, and it
  sounds like making it work with svn takes work.

  I don't mind these problems (I'll probably just disable it), but it sounds
  like a bad idea to automatically install stuff for people that breaks svn.

Comment 1 Michael Fleming 2007-10-30 12:32:49 UTC
I'm not following you here. mod_security is not an essential package and no
other packages in Fedora are dependent on it's presence - it's an entirely
optional package. What commands / RPMs did you use that caused it to be pulled in?

Neither I nor any other packager (to my knowledge) have mandated mod_security as
part of a general update.

I also noticed that you've not included any logs or means of repeating this
issue (ie. which rule has tripped up SVN, taken from modsec_audit.log et. al).
You might also wish to check the mailing lists @ www.modsecurity.org as I'm
certain this has come up there before now.


Comment 2 Eli Barzilay 2007-10-30 13:52:00 UTC
I don't know how it got in, I didn't keep track of things.  All I know is that
I didn't use to have it (and svn worked fine) before that update, and did had
it afterwards.

So, since I don't have any additional information, feel free to close this
bug.  Alternatively, if you know of some place where yum updates are logged
(with the dependency information that has lead to additional packages), then
tell me and I'll grep for the reason I got it, or send it over here.


Comment 3 Michael Fleming 2007-10-30 22:23:35 UTC
If you can't provide further information (/var/log/yum.log will list what
packages have been installed on update but not show a full dependency tree) I
will certainly close this bug.

When you can verify that there is a real, repeatable issue reopen this bug (or
log a new one) supplying the info from yum/modsec_audit.log files respectively.
I am not psychic but I strongly suspect user error here.


Note You need to log in before you can comment on or make changes to this bug.