Bug 445839 - bogus LoadFile in default config
bogus LoadFile in default config
Status: CLOSED NEXTRELEASE
Product: Fedora
Classification: Fedora
Component: mod_security (Show other bugs)
9
All Linux
low Severity low
: ---
: ---
Assigned To: Michael Fleming
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2008-05-09 06:59 EDT by Joe Orton
Modified: 2008-09-24 20:13 EDT (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2008-09-24 20:01:47 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Joe Orton 2008-05-09 06:59:07 EDT
Description of problem:
The default mod_security config contains:

LoadFile /usr/lib/libxml2.so.2

this is completely bogus.  The module DSO should be linked against libxml2 at
build time if it is required.
Comment 1 Joe Orton 2008-05-09 07:06:13 EDT
This is really, really, ugly.

# ldd /usr/lib/httpd/modules/mod_security2.so 
        linux-gate.so.1 =>  (0x00110000)
        libpthread.so.0 => /lib/libpthread.so.0 (0x0013f000)
        libc.so.6 => /lib/libc.so.6 (0x00158000)
        /lib/ld-linux.so.2 (0x00756000)

# nm -D /usr/lib/httpd/modules/mod_security2.so  | grep -c 'U xml'
23
Comment 2 Michael Fleming 2008-05-10 08:13:48 EDT
Believe it or not, the LoadFile directives are per the upstream's install
documentation. :-\

I agree that it's a bad idea though, and I'd like to see the end of it. Let me
have a tinker with the package locally, I believe I can get rid of it. Should
that work expect to see some updates.
Comment 3 Bug Zapper 2008-05-14 06:54:26 EDT
Changing version to '9' as part of upcoming Fedora 9 GA.
More information and reason for this action is here:
http://fedoraproject.org/wiki/BugZappers/HouseKeeping
Comment 4 Fedora Update System 2008-08-14 08:47:04 EDT
mod_security-2.5.6-1.fc9 has been submitted as an update for Fedora 9.
/updates/mod_security-2.5.6-1.fc9
Comment 5 Fedora Update System 2008-08-14 08:50:25 EDT
mod_security-2.5.6-1.fc8 has been submitted as an update for Fedora 8.
/updates/mod_security-2.5.6-1.fc8
Comment 6 Fedora Update System 2008-09-10 02:39:51 EDT
mod_security-2.5.6-1.fc8 has been pushed to the Fedora 8 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update mod_security'.  You can provide feedback for this update here: http://admin.fedoraproject.org/updates/F8/FEDORA-2008-7590
Comment 7 Fedora Update System 2008-09-10 02:42:55 EDT
mod_security-2.5.6-1.fc9 has been pushed to the Fedora 9 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update mod_security'.  You can provide feedback for this update here: http://admin.fedoraproject.org/updates/F9/FEDORA-2008-7449
Comment 8 Fedora Update System 2008-09-24 20:01:45 EDT
mod_security-2.5.6-1.fc9 has been pushed to the Fedora 9 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 9 Fedora Update System 2008-09-24 20:13:32 EDT
mod_security-2.5.6-1.fc8 has been pushed to the Fedora 8 stable repository.  If problems still persist, please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.