Skip to content

Cannot find modsecurity in /usr/local/modsecurity/include and /usr/local/modsecurity/lib/ #329

New issue
New issue
Open
Open
Cannot find modsecurity in /usr/local/modsecurity/include and /usr/local/modsecurity/lib/#329
@bijancot

Description

@bijancot
bijancot
opened on Aug 20, 2024

Hi guys, so i try to build nginx with mod security with command look like this :

export TENGINE_VERSION=3.1.0
export YAJL_VERSION=2.1.0
export MODSEC_VERSION=v3.0.12
export MODSEC_NGX_VERSION=v1.0.3
export TEMP_DIR=/mnt/data/ehe/wrapper-tengine/install
export MODSECURITY_INC="/usr/local/modsecurity/include/"
export MODSECURITY_LIB="/usr/local/modsecurity/lib/"

mkdir -p ${TEMP_DIR} \
&& curl -fsSL https://github.com/openresty/luajit2/archive/${LUAJIT_VERSION}.tar.gz -o luajit.tar.gz \
&& tar zxf luajit.tar.gz -C ${TEMP_DIR} \
&& cd ${TEMP_DIR}/luajit2-${LUAJIT_VERSION#v} \
&& make -j4 && make install -j4 \
&& export LUAJIT_INC=/usr/local/include/luajit-2.1 \
&& export LUAJIT_LIB=/usr/local/lib \
&& ln -sf luajit /usr/local/bin/luajit \
&& cd .. \
&& curl -fsSL https://github.com/lloyd/yajl/archive/refs/tags/${YAJL_VERSION}.tar.gz -o yajl.tar.gz \
&& tar zxf yajl.tar.gz -C ${TEMP_DIR} \
&& cd ${TEMP_DIR}/yajl-${YAJL_VERSION} \
&& ./configure && make && make -j4 install -j4 \
&& ldconfig /usr/local/lib \

# rm -Rf ${TEMP_DIR}/modsecurity-${MODSEC_VERSION} \
git clone --depth 1 -b v3/master --single-branch https://github.com/owasp-modsecurity/ModSecurity ${TEMP_DIR}/modsecurity-${MODSEC_VERSION} \
&& cd ${TEMP_DIR}/modsecurity-${MODSEC_VERSION} \
&& git submodule init \
&& git submodule update \
&& ./build.sh \
&& ./configure \
&& make -j4 \
&& make install -j4

cd ${TEMP_DIR}/tengine-${TENGINE_VERSION} \
&& MODSECURITY_INC="/usr/local/modsecurity/include/" MODSECURITY_LIB="/usr/local/modsecurity/lib/" ./configure --with-ld-opt="-lpcre" --prefix=/etc/nginx --sbin-path=/usr/sbin  \
        --error-log-path=/var/log/nginx/error.log \
        --conf-path=/etc/nginx/nginx.conf --pid-path=/run/nginx.pid \
	--add-dynamic-module=${TEMP_DIR}/modsecurity-nginx-${MODSEC_NGX_VERSION} \
	--with-compat \
&& make -j4 && make install -j4

but it always give me this error

checking for ModSecurity library in "/usr/local/modsecurity/lib/" and "/usr/local/modsecurity/include/" (specified by the MODSECURITY_LIB and MODSECURITY_INC env) ... not found
        ./configure: error: ngx_http_modsecurity_module requires the ModSecurity library and MODSECURITY_LIB is defined as "/usr/local/modsecurity/lib/" and MODSECURITY_INC (path for modsecurity.h) "/usr/local/modsecurity/include/", but we cannot find ModSecurity there.

i already follow the steps in repository and even execute steps that suggested like :

libtool: finish: PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/var/lib/snapd/snap/bin:/sbin" ldconfig -n /usr/local/modsecurity/lib
----------------------------------------------------------------------
Libraries have been installed in:
   /usr/local/modsecurity/lib

If you ever happen to want to link against installed libraries
in a given directory, LIBDIR, you must either use libtool, and
specify the full pathname of the library, or use the '-LLIBDIR'
flag during linking and do at least one of the following:
   - add LIBDIR to the 'LD_LIBRARY_PATH' environment variable
     during execution
   - add LIBDIR to the 'LD_RUN_PATH' environment variable
     during linking
   - use the '-Wl,-rpath -Wl,LIBDIR' linker flag
   - have your system administrator add LIBDIR to '/etc/ld.so.conf'

See any operating system documentation about shared libraries for
more information, such as the ld(1) and ld.so(8) manual pages

and this is the directory of modsecurity looks like :

/usr/local/modsecurity
├── bin
│   └── modsec-rules-check
├── include
│   └── modsecurity
│       ├── actions
│       │   └── action.h
│       ├── anchored_set_variable.h
│       ├── anchored_set_variable_translation_proxy.h
│       ├── anchored_variable.h
│       ├── audit_log.h
│       ├── collection
│       │   ├── collection.h
│       │   └── collections.h
│       ├── debug_log.h
│       ├── intervention.h
│       ├── modsecurity.h
│       ├── reading_logs_via_rule_message.h
│       ├── rule.h
│       ├── rule_marker.h
│       ├── rule_message.h
│       ├── rules_exceptions.h
│       ├── rules.h
│       ├── rules_set.h
│       ├── rules_set_phases.h
│       ├── rules_set_properties.h
│       ├── rule_unconditional.h
│       ├── rule_with_actions.h
│       ├── rule_with_operator.h
│       ├── transaction.h
│       ├── variable_origin.h
│       └── variable_value.h
└── lib
    ├── libmodsecurity.a
    ├── libmodsecurity.la
    ├── libmodsecurity.so -> libmodsecurity.so.3.0.12
    ├── libmodsecurity.so.3 -> libmodsecurity.so.3.0.12
    ├── libmodsecurity.so.3.0.12
    └── pkgconfig
        └── modsecurity.pc

any other suggestion regarding this issues?

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions