mod_security fails in ubuntu 16.04

[Maciej Jackowski]

ubuntu 16.04 / OpenLiteSpeed 1.4.39
I compiled mod_security according to wiki
with setup
module mod_security {
modsecurity on
modsecurity_rules_file /usr/local/lsws/waf/comodo_litespeed/rules.conf
}
I get
openlitespeed (lshttpd - #03): symbol lookup error: /usr/local/lsws//modules/mod_security.so: undefined symbol: yajl_alloc
and OLS start only admin panel

 

[David]

It seems the module loaded correctly but it runs failed and cause server crash.
If disable this module, server should be up.
It maybe because the server code and module code do not match.
I tested mod_security.so, and never see such issue.

 

[lskagan]

How do you have OLS installed via apt? If so you can just run `apt-get install ols-modsecurity` to install mod_security instead of compiling it.

 

[Maciej Jackowski]

No I compiled mod_security from the same OLS source
OLS from repository use nobody:nogroup to run server and I want to use www-data user/group

 

[David]

OK. The YAJL is an optional dependency, I do not know why it become a must and why check this symbol.
Will reply you later.
Please just disable the module right now.
Thanks.
David

 

[Maciej Jackowski]

You mean disable during mod_security compilation ?

 

[David]

Since our Makefile.f does not have the symbol linked, maybe you can try to add "-lyajl -lxml2 " to LDFLAGS and re-make the .so file if you have the dependency libraries installed. This way is try to fix this issue.
Otherwise, you can just disbale this module in the webAdmin and it will not bother server running.
I will debug and find a good solution.

 

[Maciej Jackowski]

-lyajl -lxml2 - core dump and errors like this
gdb: not foundsh: 1: gdb: not found
sh: 1: gdb: not found
mv: cannot stat '/tmp/lshttpd/core*': No such file or directory

 

[Maciej Jackowski]

./configure --with-yajl="/usr/lib/x86_64-linux-gnu /usr/include/yajl"
give /usr/local/lsws//modules/mod_security.so: undefined symbol: yajl_alloc
yajl is always shown as detected during configure

 

[David]

So you should have install yajl and yajl-devel when build the libarary libmodsecurity.a?
After the make, it should give you a result of which module is enabled or disabled. If you find yajl is enabled and now, you get such an error, maybe it is a bug of libmodsecurity, we need to tell them.