Hey there,
I am getting the following error while compiling nginx with ModSecurity-nginx. I got the ModSecurity v3/master compiled, but it fails while using the connector
System details:
CentOS release 6.8
Using the following recipe - https://github.com/SpiderLabs/ModSecurity/wiki/Compilation-recipes#centos-65-minimal
I also tried some suggestions mentioned online
export MODSECURITY_LIB="/usr/local/modsecurity/include/modsecurity"
export MODSECURITY_INC="/usr/local/modsecurity/lib"
configuring additional modules
adding module in /tmp/kitchen/cache/nginx_auth_request/2057bdefd2137a5000d9dbdbfca049d1ba7832ad2b9f8855a88ea5dfa70bd8c1
+ ngx_http_auth_request_module was configured
adding module in /opt/ModSecurity-nginx
checking for ModSecurity library ... not found
checking for ModSecurity library in /usr/local/modsecurity ... not found
./configure: error: ngx_http_modsecurity_module requires the ModSecurity library.
STDERR:
/usr/local/modsecurity
tree
โโโ bin
โย ย โโโ modsec-rules-check
โโโ include
โย ย โโโ modsecurity
โย ย โโโ actions
โย ย โย ย โโโ action.h
โย ย โโโ anchored_set_variable.h
โย ย โโโ anchored_variable.h
โย ย โโโ audit_log.h
โย ย โโโ collection
โย ย โย ย โโโ collection.h
โย ย โย ย โโโ collections.h
โย ย โย ย โโโ variable.h
โย ย โโโ debug_log.h
โย ย โโโ intervention.h
โย ย โโโ modsecurity.h
โย ย โโโ reading_logs_via_rule_message.h
โย ย โโโ rule.h
โย ย โโโ rule_message.h
โย ย โโโ rules_exceptions.h
โย ย โโโ rules.h
โย ย โโโ rules_properties.h
โย ย โโโ transaction.h
โย ย โโโ variable_origin.h
โโโ lib
โโโ libmodsecurity.a
โโโ libmodsecurity.la
โโโ libmodsecurity.so -> libmodsecurity.so.3.0.0
โโโ libmodsecurity.so.3 -> libmodsecurity.so.3.0.0
โโโ libmodsecurity.so.3.0.0
/opt/ModSecurity
ls
aclocal.m4 bindings CHANGES config.log configure doc install-sh ltmain.sh Makefile.in others test ylwrap
ar-lib build compile config.status configure.ac examples libtool Makefile missing README.md test-driver
AUTHORS build.sh config.guess config.sub depcomp headers LICENSE Makefile.am modsecurity.conf-recommended src tools
Any suggestions on how to fix it?
as per @zimmerle's suggestion SpiderLabs/ModSecurity-nginx#9, I used /usr as the prefix and exported MODSECURITY_INC & MODSECURITY_LIB while building ModSecurity and I was able to get past the error mentioned above
export MODSECURITY_INC="/opt/ModSecurity/headers/"
export MODSECURITY_LIB="/opt/ModSecurity/src/.libs/"
I am getting the following error now, I tried using the following export statement but it didn't help.
export LD_LIBRARY_PATH=/usr/lib:$LD_LIBRARY_PATH
```
STDOUT: Stopping nginx:
Starting nginx:
STDERR: /opt/nginx-1.11.13/sbin/nginx: error while loading shared libraries: libmodsecurity.so.3: cannot open shared object file: No such file or directory
/opt/nginx-1.11.13/sbin/nginx: error while loading shared libraries: libmodsecurity.so.3: cannot open shared object file: No such file or directory
---- End output of /sbin/service nginx restart ----
Ran /sbin/service nginx restart returned 127
pwd
/usr/lib
ls
anaconda-runtime games gofer libfreeblpriv3.chk libmodsecurity.a libmodsecurity.so.3 locale rpm yum-plugins
ConsoleKit gcc libfreebl3.chk libfreeblpriv3.so libmodsecurity.la libmodsecurity.so.3.0.0 pulp sendmail
cups gconv libfreebl3.so libmemusage.so libmodsecurity.so libpcprofile.so python2.6 sendmail.postfix
ls -al | grep lib
lrwxrwxrwx. 1 root root 24 Apr 7 2017 libfreebl3.chk -> ../../lib/libfreebl3.chk
lrwxrwxrwx. 1 root root 23 Apr 7 2017 libfreebl3.so -> ../../lib/libfreebl3.so
lrwxrwxrwx. 1 root root 28 Apr 7 2017 libfreeblpriv3.chk -> ../../lib/libfreeblpriv3.chk
lrwxrwxrwx. 1 root root 27 Apr 7 2017 libfreeblpriv3.so -> ../../lib/libfreeblpriv3.so
-rwxr-xr-x. 1 root root 17752 Jun 20 03:18 libmemusage.so
-rw-r--r--. 1 root root 117168772 Oct 26 16:24 libmodsecurity.a
-rwxr-xr-x. 1 root root 1074 Oct 26 16:24 libmodsecurity.la
lrwxrwxrwx. 1 root root 23 Oct 26 16:24 libmodsecurity.so -> libmodsecurity.so.3.0.0
lrwxrwxrwx. 1 root root 23 Oct 26 16:24 libmodsecurity.so.3 -> libmodsecurity.so.3.0.0
-rwxr-xr-x. 1 root root 35217830 Oct 26 16:24 libmodsecurity.so.3.0.0
-rwxr-xr-x. 1 root root 7892 Jun 20 03:18 libpcprofile.so
```
Finally got it to work. Used the following flags while building the ModSecurity module
./configure -prefix=/usr --with-ld-opt="/usr/lib" --with-yajl=/opt/lloyd-yajl-66cb08c/build/yajl-2.1.0/ && make && make install
export MODSECURITY_INC="/opt/ModSecurity/headers/"
export MODSECURITY_LIB="/opt/ModSecurity/src/.libs/"
I had to run ldconfig before compiling the nginx packages with ModSecurity
--add-module=/opt/ModSecurity-nginx
This issue can be closed now.
Most helpful comment
Finally got it to work. Used the following flags while building the ModSecurity module
./configure -prefix=/usr --with-ld-opt="/usr/lib" --with-yajl=/opt/lloyd-yajl-66cb08c/build/yajl-2.1.0/ && make && make installexport MODSECURITY_INC="/opt/ModSecurity/headers/"export MODSECURITY_LIB="/opt/ModSecurity/src/.libs/"I had to run
ldconfigbefore compiling the nginx packages with ModSecurity--add-module=/opt/ModSecurity-nginxThis issue can be closed now.