Bug 208144 - [maintainer update] [patch] www/mod_security: update to 2.9.1
Summary: [maintainer update] [patch] www/mod_security: update to 2.9.1
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Only Me
Assignee: Olli Hauer
URL:
Keywords: patch
Depends on:
Blocks:
 
Reported: 2016-03-19 19:08 UTC by Walter Hop
Modified: 2016-04-16 18:11 UTC (History)
1 user (show)

See Also:
ohauer: merge-quarterly?


Attachments
diff (2.22 KB, patch)
2016-03-19 19:08 UTC, Walter Hop
rakuco: maintainer-approval+
Details | Diff
poudriere log (129.28 KB, text/plain)
2016-03-19 19:08 UTC, Walter Hop
no flags Details
improved diff (3.31 KB, patch)
2016-03-30 19:26 UTC, Walter Hop
walter: maintainer-approval+
Details | Diff
poudriere log (123.04 KB, text/plain)
2016-03-30 19:28 UTC, Walter Hop
no flags Details
mod_security rework v1 (5.49 KB, patch)
2016-04-07 18:52 UTC, Olli Hauer
no flags Details | Diff
diff with textual updates (5.54 KB, patch)
2016-04-16 11:36 UTC, Walter Hop
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Walter Hop 2016-03-19 19:08:28 UTC
Created attachment 168395 [details]
diff

Changes:
- ModSecurity: update to 2.9.1
- Add support for Lua 5.1 or higher (was 5.1 only)
- pkg-plist: bring back mod_unique_id activation, fix deprecated @exec
- README: point user to configuration files

portlint -C:
looks fine.

poudriere: see attachment.
Comment 1 Walter Hop 2016-03-19 19:08:46 UTC
Created attachment 168396 [details]
poudriere log
Comment 2 Dmitry Marakasov freebsd_committer 2016-03-24 12:12:31 UTC
For me it fails on both 9.x and 10.x:

====>> Error: Files or directories modified:
%%APACHEETCDIR%%/httpd.conf size (20360, 20361)
build of www/mod_security ended at Thu Mar 24 14:37:58 MSK 2016

Please set up clean deinstallation.
Comment 3 Dmitry Marakasov freebsd_committer 2016-03-24 12:17:09 UTC
httpd.conf diff:

 #LoadModule expires_module libexec/apache24/mod_expires.so
 LoadModule headers_module libexec/apache24/mod_headers.so
 #LoadModule usertrack_module libexec/apache24/mod_usertrack.so
-#LoadModule unique_id_module libexec/apache24/mod_unique_id.so
+LoadModule unique_id_module   libexec/apache24/mod_unique_id.so
 LoadModule setenvif_module libexec/apache24/mod_setenvif.so
 LoadModule version_module libexec/apache24/mod_version.so
 #LoadModule remoteip_module libexec/apache24/mod_remoteip.so

It should be returned back into original state with @pre/postunexec
Comment 4 Walter Hop 2016-03-24 12:39:30 UTC
Thanks for the comment Dimitry! 

It won't be exactly trivial to do that I think, so I'll remove the APXS activation and just add the instruction to pkg-message for the user to do it themselves.

How did you test this, by the way? I'd like to perform that test too in the future.
Comment 5 Walter Hop 2016-03-30 19:26:40 UTC
Created attachment 168797 [details]
improved diff

improved diff, got rid of apxs which left a modified httpd.conf on deinstall
Comment 6 Walter Hop 2016-03-30 19:28:55 UTC
Created attachment 168798 [details]
poudriere log
Comment 7 Olli Hauer freebsd_committer 2016-04-07 18:52:14 UTC
Created attachment 169078 [details]
mod_security rework v1

I've taken the liberty to rework parts of your patch.

- install sample mod_security.conf to etc/apache2x/modules.d
- remove some PLIST_SUB vars (already defined in Mk/bsd.apache.mk)
- adjust pkg-plist

In case you have better instructions for the sample config file I'm happy to change the text.
With the additional config file you can list additional requirements and hints
E.g look into devel/subversion/files/220_subversion.conf.sample.in
Comment 8 Walter Hop 2016-04-16 11:36:46 UTC
Created attachment 169368 [details]
diff with textual updates

Looks good, thanks for the change.
Made small changes to comments and README for the new port layout.
Comment 9 commit-hook freebsd_committer 2016-04-16 17:29:49 UTC
A commit references this bug:

Author: ohauer
Date: Sat Apr 16 17:29:08 UTC 2016
New revision: 413465
URL: https://svnweb.freebsd.org/changeset/ports/413465

Log:
  - update to 2.9.1
  - install etc/apache2x/modules.d/280_mod_security.conf.sample
  - adjust README and pkg-message to reflect new module activation
  - adjust and sort pkg-plist

  Changes:
  - ModSecurity: update to 2.9.1
  - Add support for Lua 5.1 or higher (was 5.1 only)
  - pkg-plist: bring back mod_unique_id activation, fix deprecated @exec
  - README: point user to configuration files

  PR:		208144
  Submitted by:	Walter Hop (maintainer)
  MFH:		2016Q2

Changes:
  head/www/mod_security/Makefile
  head/www/mod_security/distinfo
  head/www/mod_security/files/280_mod_security.conf.sample.in
  head/www/mod_security/files/README.in
  head/www/mod_security/files/pkg-message.in
  head/www/mod_security/pkg-plist
Comment 10 Olli Hauer freebsd_committer 2016-04-16 17:36:14 UTC
Committed
Comment 11 commit-hook freebsd_committer 2016-04-16 18:11:07 UTC
A commit references this bug:

Author: ohauer
Date: Sat Apr 16 18:10:47 UTC 2016
New revision: 413475
URL: https://svnweb.freebsd.org/changeset/ports/413475

Log:
  MFH: r413465

  - update to 2.9.1
  - install etc/apache2x/modules.d/280_mod_security.conf.sample
  - adjust README and pkg-message to reflect new module activation
  - adjust and sort pkg-plist

  Changes:
  - ModSecurity: update to 2.9.1
  - Add support for Lua 5.1 or higher (was 5.1 only)
  - pkg-plist: bring back mod_unique_id activation, fix deprecated @exec
  - README: point user to configuration files

  PR:		208144
  Submitted by:	Walter Hop (maintainer)

  Approved by:	ports-secteam (jason)

Changes:
_U  branches/2016Q2/
  branches/2016Q2/www/mod_security/Makefile
  branches/2016Q2/www/mod_security/distinfo
  branches/2016Q2/www/mod_security/files/280_mod_security.conf.sample.in
  branches/2016Q2/www/mod_security/files/README.in
  branches/2016Q2/www/mod_security/files/pkg-message.in
  branches/2016Q2/www/mod_security/pkg-plist