Re: [mod-security-packagers] ModSecurity 3.x (almost) enters Debian
Brought to you by:
victorhora,
zimmerletw
From: Felipe Z. <fe...@zi...> - 2018-10-19 14:56:35
|
Hi, Regardless of the dependencies, the test should not fail. There are three different possible result for a test case: Pass, Fail, Disable. The Disable is used when an optional resource was disabled. Either because it was manually disabled or because the build did not managed to find the need dependency. In the config.log we may be able to identify the optional libraries. I would recommend to build with all dependencies. The configure output should be somewhat similar to this: ModSecurity - v3.0.2-131-g8d8c8748 for Linux Mandatory dependencies + libInjection ....v3.0.2-131-g8d8c8748 + SecLang tests ....8d8c8748 Optional dependencies + GeoIP/MaxMind ....found * (MaxMind) v1.3.2 -lmaxminddb , -DWITH_MAXMIND * (GeoIP) v1.6.12 -lGeoIP , -I/usr/include/ + LibCURL ....found v7.61.1 -lcurl, -DWITH_CURL_SSLVERSION_TLSv1_2 -DWITH_CURL + YAJL ....found v2.1.0 -lyajl , -DWITH_YAJL -I/usr/include/yajl + LMDB ....disabled + LibXML2 ....found v2.9.8 -lxml2 -lz -llzma -licui18n -licuuc -licudata -lm -ldl, -I/usr/include/libxml2 -DWITH_LIBXML2 + SSDEEP ....found -lfuzzy -L/usr/lib/, -DWITH_SSDEEP -I/usr/include + LUA ....found v503 -llua5.3 -L/usr/lib/, -DWITH_LUA -I/usr/include Other Options + Test Utilities ....enabled + SecDebugLog ....enabled + afl fuzzer ....disabled + library examples ....enabled + Building parser ....disabled + Treating pm operations as critical section ....disabled I am afraid we may have a problem in our build scripts, due to a missing header or library. The script is may confuse by the time it educated guess the platform. Leading to run time issues in structures like the one used to map ips. But that is just a guess, i have to see the logs to tell for sure. Optional dependency list: lua, ssdeep, libxml2, yajl, libcurl, maxmind. Br., F. On Fri, Oct 19, 2018 at 11:26 AM Ervin Hegedüs <ai...@gm...> wrote: > Hi Felipe, > > On Fri, Oct 19, 2018 at 10:21:14AM -0300, Felipe Zimmerle wrote: > > Hi, > > > > Good to hear that we are having those packages :) that should increase > even > > more the adoption of v3 :) Kudos!!!! > > we're just going to have the package, I think it's a little bit > far, but even closer :) > > > Same as Ervin here, I am not able to reproduce the regression tests > > failures. Do you mind to share the configuration/compilation logs? > > which logs do you mean? pbuilder or "native" build logs? > > I'm afraid that the result misleads us (you and me), because (I > think) you also have a build environment with several installed > libraries, which aren't mandatory. > > That's in my build system (which is a simple LXC container) - I've > built modsecurity as several times :), with different ways... > > But the error comes only on Debian's build environment, where the > builder flow starts in a "clean" base system, and it installs the > necessary packages, what the developer/maintainer listed in > d/control.... I don't know yet, I'll check it out at this > weekend. > > > > Regards, > > > a. > > |