Bug 445839 - bogus LoadFile in default config
Summary: bogus LoadFile in default config
Keywords:
Status: CLOSED NEXTRELEASE
Alias: None
Product: Fedora
Classification: Fedora
Component: mod_security
Version: 9
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Michael Fleming
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2008-05-09 10:59 UTC by Joe Orton
Modified: 2008-09-25 00:13 UTC (History)
0 users

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2008-09-25 00:01:47 UTC
Type: ---
Embargoed:


Attachments (Terms of Use)

Description Joe Orton 2008-05-09 10:59:07 UTC
Description of problem:
The default mod_security config contains:

LoadFile /usr/lib/libxml2.so.2

this is completely bogus.  The module DSO should be linked against libxml2 at
build time if it is required.

Comment 1 Joe Orton 2008-05-09 11:06:13 UTC
This is really, really, ugly.

# ldd /usr/lib/httpd/modules/mod_security2.so 
        linux-gate.so.1 =>  (0x00110000)
        libpthread.so.0 => /lib/libpthread.so.0 (0x0013f000)
        libc.so.6 => /lib/libc.so.6 (0x00158000)
        /lib/ld-linux.so.2 (0x00756000)

# nm -D /usr/lib/httpd/modules/mod_security2.so  | grep -c 'U xml'
23


Comment 2 Michael Fleming 2008-05-10 12:13:48 UTC
Believe it or not, the LoadFile directives are per the upstream's install
documentation. :-\

I agree that it's a bad idea though, and I'd like to see the end of it. Let me
have a tinker with the package locally, I believe I can get rid of it. Should
that work expect to see some updates.

Comment 3 Bug Zapper 2008-05-14 10:54:26 UTC
Changing version to '9' as part of upcoming Fedora 9 GA.
More information and reason for this action is here:
http://fedoraproject.org/wiki/BugZappers/HouseKeeping

Comment 4 Fedora Update System 2008-08-14 12:47:04 UTC
mod_security-2.5.6-1.fc9 has been submitted as an update for Fedora 9.
/updates/mod_security-2.5.6-1.fc9

Comment 5 Fedora Update System 2008-08-14 12:50:25 UTC
mod_security-2.5.6-1.fc8 has been submitted as an update for Fedora 8.
/updates/mod_security-2.5.6-1.fc8

Comment 6 Fedora Update System 2008-09-10 06:39:51 UTC
mod_security-2.5.6-1.fc8 has been pushed to the Fedora 8 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update mod_security'.  You can provide feedback for this update here: http://admin.fedoraproject.org/updates/F8/FEDORA-2008-7590

Comment 7 Fedora Update System 2008-09-10 06:42:55 UTC
mod_security-2.5.6-1.fc9 has been pushed to the Fedora 9 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update mod_security'.  You can provide feedback for this update here: http://admin.fedoraproject.org/updates/F9/FEDORA-2008-7449

Comment 8 Fedora Update System 2008-09-25 00:01:45 UTC
mod_security-2.5.6-1.fc9 has been pushed to the Fedora 9 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 9 Fedora Update System 2008-09-25 00:13:32 UTC
mod_security-2.5.6-1.fc8 has been pushed to the Fedora 8 stable repository.  If problems still persist, please make note of it in this bug report.


Note You need to log in before you can comment on or make changes to this bug.