Re: [mod-security-users] mod_security2.so size
Brought to you by:
victorhora,
zimmerletw
From: Reindl H. <h.r...@th...> - 2014-07-30 10:52:55
|
Am 30.07.2014 12:39, schrieb Nick Gearls: > I compiled mod_security2.so with (I think) all shared objects as dynamic and the file is about 2 MB (CentOS x64). > This is much bigger than what lays in the distributions. > > Here are the commands I used: > > ./autogen.sh > ./configure --with-apxs=/usr/local/apache2/bin/apxs --enable-pcre-study --with-libxml=/usr/bin/xml2-config > --with-apr=/usr/bin/apr-1-config --with-apu=/usr/bin/apu-1-config > make > make install A: don't compile software as root B: don't override package management, rebuild exists C: take the RPM-SPEC of your distribution as starting point https://koji.fedoraproject.org/koji/buildinfo?buildID=508465 https://kojipkgs.fedoraproject.org//packages/mod_security/2.7.3/3.el6/src/mod_security-2.7.3-3.el6.src.rpm ______________________________________________________________________ [harry@rh:~]$ cat /etc/redhat-release Fedora release 20 (Heisenbug) -rwxr-xr-x 1 root root 867K 2014-05-18 18:08 /usr/lib64/httpd/modules/mod_security2.so [harry@rh:~]$ ldd /usr/lib64/httpd/modules/mod_security2.so linux-vdso.so.1 => (0x00007fff6bbc9000) libpthread.so.0 => /lib64/libpthread.so.0 (0x00007f6ef0b50000) libexpat.so.1 => /lib64/libexpat.so.1 (0x00007f6ef0926000) libapr-1.so.0 => /lib64/libapr-1.so.0 (0x00007f6ef06f1000) libaprutil-1.so.0 => /lib64/libaprutil-1.so.0 (0x00007f6ef04c8000) libxml2.so.2 => /lib64/libxml2.so.2 (0x00007f6ef015f000) libz.so.1 => /lib64/libz.so.1 (0x00007f6eeff45000) libm.so.6 => /lib64/libm.so.6 (0x00007f6eefc3e000) libdl.so.2 => /lib64/libdl.so.2 (0x00007f6eefa3a000) libpcre.so.1 => /lib64/libpcre.so.1 (0x00007f6eef7d3000) libgomp.so.1 => /lib64/libgomp.so.1 (0x00007f6eef5bd000) libc.so.6 => /lib64/libc.so.6 (0x00007f6eef1fe000) /lib64/ld-linux-x86-64.so.2 (0x00007f6ef1061000) libuuid.so.1 => /lib64/libuuid.so.1 (0x00007f6eeeff8000) libcrypt.so.1 => /lib64/libcrypt.so.1 (0x00007f6eeedc1000) liblzma.so.5 => /lib64/liblzma.so.5 (0x00007f6eeeb96000) libfreebl3.so => /lib64/libfreebl3.so (0x00007f6eee918000) ______________________________________________________________________ [builduser@buildserver64:/rpmbuild/SPECS]$ cat mod_security.spec %global debug_package %{nil} %{!?_httpd_apxs: %{expand: %%global _httpd_apxs %%{_sbindir}/apxs}} %{!?_httpd_mmn: %{expand: %%global _httpd_mmn %%(cat %{_includedir}/httpd/.mmn || echo missing-httpd-devel)}} %{!?_httpd_modconfdir: %{expand: %%global _httpd_modconfdir %%{_sysconfdir}/httpd/conf.d}} %{!?_httpd_confdir: %{expand: %%global _httpd_confdir %%{_sysconfdir}/httpd/conf.d}} %{!?_httpd_moddir: %{expand: %%global _httpd_moddir %%{_libdir}/httpd/modules}} Summary: Security module for the Apache HTTP Server Name: mod_security Version: 2.8.0 Release: 3%{?dist} License: ASL 2.0 URL: http://www.modsecurity.org/ Group: System Environment/Daemons Source: http://www.modsecurity.org/download/modsecurity-%{version}.tar.gz Requires: httpd BuildRequires: httpd-devel BuildRequires: libxml2-devel BuildRequires: pcre-devel %description ModSecurity is an open source intrusion detection and prevention engine for web applications. It operates embedded into the web server, acting as a powerful umbrella - shielding web applications from attacks %prep %setup -q -n modsecurity-%{version} %build export CFLAGS="%{optflags} -fPIC -fPIE" export CXXFLAGS="%{optflags} -fPIC -fPIE" export LDFLAGS="-Wl,-z,now -Wl,-z,relro,-z,noexecstack -pie" %configure \ --enable-pcre-jit \ --enable-pcre-match-limit=1000000 \ --enable-pcre-match-limit-recursion=1000000 \ --with-apxs=%{_httpd_apxs} \ --without-curl \ --without-lua \ --without-yajl \ --disable-alp2 \ --disable-debug \ --disable-extentions \ --disable-htaccess-config \ --disable-mlogc \ --disable-standalone-module sed -i 's|^hardcode_libdir_flag_spec=.*|hardcode_libdir_flag_spec=""|g' libtool sed -i 's|^runpath_var=LD_RUN_PATH|runpath_var=DIE_RPATH_DIE|g' libtool export CFLAGS="%{optflags} -fPIC -fPIE" export CXXFLAGS="%{optflags} -fPIC -fPIE" export LDFLAGS="-Wl,-z,now -Wl,-z,relro,-z,noexecstack -pie" %{__make} %{?_smp_mflags} %install install -d %{buildroot}%{_sbindir} install -d %{buildroot}%{_bindir} install -d %{buildroot}%{_httpd_moddir} install -m0755 apache2/.libs/mod_security2.so %{buildroot}%{_httpd_moddir}/mod_security2.so strip -s %{buildroot}%{_httpd_moddir}/mod_security2.so %files %{_httpd_moddir}/mod_security2.so %changelog * Wed May 7 2014 Reindl Harald <h.r...@th...> - minimize build * Wed Apr 16 2014 Reindl Harald <h.r...@th...> - update to 2.8.0 |