Bug 208144

Summary: [maintainer update] [patch] www/mod_security: update to 2.9.1
Product: Ports & Packages Reporter: Walter Hop <walter>
Component: Individual Port(s)Assignee: Olli Hauer <ohauer>
Status: Closed FIXED    
Severity: Affects Only Me CC: ohauer
Priority: --- Keywords: patch
Version: LatestFlags: ohauer: merge-quarterly?
Hardware: Any   
OS: Any   
Attachments:
Description Flags
diff
rakuco: maintainer-approval+
poudriere log
none
improved diff
walter: maintainer-approval+
poudriere log
none
mod_security rework v1
none
diff with textual updates none

Description Walter Hop 2016-03-19 19:08:28 UTC 
Created attachment 168395 [details]
diff

Changes:
- ModSecurity: update to 2.9.1
- Add support for Lua 5.1 or higher (was 5.1 only)
- pkg-plist: bring back mod_unique_id activation, fix deprecated @exec
- README: point user to configuration files

portlint -C:
looks fine.

poudriere: see attachment.
Comment 1 Walter Hop 2016-03-19 19:08:46 UTC 
Created attachment 168396 [details]
poudriere log
Comment 2 Dmitry Marakasov freebsd_committer freebsd_triage 2016-03-24 12:12:31 UTC 
For me it fails on both 9.x and 10.x:

====>> Error: Files or directories modified:
%%APACHEETCDIR%%/httpd.conf size (20360, 20361)
build of www/mod_security ended at Thu Mar 24 14:37:58 MSK 2016

Please set up clean deinstallation.
Comment 3 Dmitry Marakasov freebsd_committer freebsd_triage 2016-03-24 12:17:09 UTC 
httpd.conf diff:

 #LoadModule expires_module libexec/apache24/mod_expires.so
 LoadModule headers_module libexec/apache24/mod_headers.so
 #LoadModule usertrack_module libexec/apache24/mod_usertrack.so
-#LoadModule unique_id_module libexec/apache24/mod_unique_id.so
+LoadModule unique_id_module   libexec/apache24/mod_unique_id.so
 LoadModule setenvif_module libexec/apache24/mod_setenvif.so
 LoadModule version_module libexec/apache24/mod_version.so
 #LoadModule remoteip_module libexec/apache24/mod_remoteip.so

It should be returned back into original state with @pre/postunexec
Comment 4 Walter Hop 2016-03-24 12:39:30 UTC 
Thanks for the comment Dimitry! 

It won't be exactly trivial to do that I think, so I'll remove the APXS activation and just add the instruction to pkg-message for the user to do it themselves.

How did you test this, by the way? I'd like to perform that test too in the future.
Comment 5 Walter Hop 2016-03-30 19:26:40 UTC 
Created attachment 168797 [details]
improved diff

improved diff, got rid of apxs which left a modified httpd.conf on deinstall
Comment 6 Walter Hop 2016-03-30 19:28:55 UTC 
Created attachment 168798 [details]
poudriere log
Comment 7 Olli Hauer freebsd_committer freebsd_triage 2016-04-07 18:52:14 UTC 
Created attachment 169078 [details]
mod_security rework v1

I've taken the liberty to rework parts of your patch.

- install sample mod_security.conf to etc/apache2x/modules.d
- remove some PLIST_SUB vars (already defined in Mk/bsd.apache.mk)
- adjust pkg-plist

In case you have better instructions for the sample config file I'm happy to change the text.
With the additional config file you can list additional requirements and hints
E.g look into devel/subversion/files/220_subversion.conf.sample.in
Comment 8 Walter Hop 2016-04-16 11:36:46 UTC 
Created attachment 169368 [details]
diff with textual updates

Looks good, thanks for the change.
Made small changes to comments and README for the new port layout.
Comment 9 commit-hook freebsd_committer freebsd_triage 2016-04-16 17:29:49 UTC 
A commit references this bug:

Author: ohauer
Date: Sat Apr 16 17:29:08 UTC 2016
New revision: 413465
URL: https://svnweb.freebsd.org/changeset/ports/413465

Log:
  - update to 2.9.1
  - install etc/apache2x/modules.d/280_mod_security.conf.sample
  - adjust README and pkg-message to reflect new module activation
  - adjust and sort pkg-plist

  Changes:
  - ModSecurity: update to 2.9.1
  - Add support for Lua 5.1 or higher (was 5.1 only)
  - pkg-plist: bring back mod_unique_id activation, fix deprecated @exec
  - README: point user to configuration files

  PR:		208144
  Submitted by:	Walter Hop (maintainer)
  MFH:		2016Q2

Changes:
  head/www/mod_security/Makefile
  head/www/mod_security/distinfo
  head/www/mod_security/files/280_mod_security.conf.sample.in
  head/www/mod_security/files/README.in
  head/www/mod_security/files/pkg-message.in
  head/www/mod_security/pkg-plist
Comment 10 Olli Hauer freebsd_committer freebsd_triage 2016-04-16 17:36:14 UTC 
Committed
Comment 11 commit-hook freebsd_committer freebsd_triage 2016-04-16 18:11:07 UTC 
A commit references this bug:

Author: ohauer
Date: Sat Apr 16 18:10:47 UTC 2016
New revision: 413475
URL: https://svnweb.freebsd.org/changeset/ports/413475

Log:
  MFH: r413465

  - update to 2.9.1
  - install etc/apache2x/modules.d/280_mod_security.conf.sample
  - adjust README and pkg-message to reflect new module activation
  - adjust and sort pkg-plist

  Changes:
  - ModSecurity: update to 2.9.1
  - Add support for Lua 5.1 or higher (was 5.1 only)
  - pkg-plist: bring back mod_unique_id activation, fix deprecated @exec
  - README: point user to configuration files

  PR:		208144
  Submitted by:	Walter Hop (maintainer)

  Approved by:	ports-secteam (jason)

Changes:
_U  branches/2016Q2/
  branches/2016Q2/www/mod_security/Makefile
  branches/2016Q2/www/mod_security/distinfo
  branches/2016Q2/www/mod_security/files/280_mod_security.conf.sample.in
  branches/2016Q2/www/mod_security/files/README.in
  branches/2016Q2/www/mod_security/files/pkg-message.in
  branches/2016Q2/www/mod_security/pkg-plist