Wiz
Basic Pleskian
TITLE:
EXPECTED RESULT:
ANY ADDITIONAL INFORMATION:
Bug with Plesk's Modsecurity v2.9.3
PRODUCT, VERSION, OPERATING SYSTEM, ARCHITECTURE:Plesk Obsidian Version 18.0.19, Debian 9, amd64, libapache2-modsecurity-plesk_2.9.3-v.debian.9+p18.0.19.3+t191002.1251
PROBLEM DESCRIPTION:Hello,
I wish to report a bug, and the fix, in the current released version of Plesk's modsecurity package version which is causing a segmentation fault in apache under Plesk Obsidian/Debian 9.
/var/log/apache2# apt-cache policy libapache2-modsecurity-plesk
libapache2-modsecurity-plesk:
Installed: 2.9.3-v.debian.9+p18.0.19.3+t191002.1251
Candidate: 2.9.3-v.debian.9+p18.0.19.3+t191002.1251
Version table:
*** 2.9.3-v.debian.9+p18.0.19.3+t191002.1251 500
500 http://autoinstall.plesk.com/pool/PSA_18.0.19_1013 stretch/all amd64 Packages
500 http://autoinstall.plesk.com/pool/PSA_18.0.19_1013 stretch/extras amd64 Packages
100 /var/lib/dpkg/status
The fix/patch has already been committed to SpiderLabs/ModSecurity and Plesk needs to recompile libapache2-modsecurity-plesk to v2.9.4 and release it via Obsidian's update channel.
Please share the above with your developers so it is actioned as soon as possible as I am unable to use my custom modsecurity rules due to this.
Thank you.
Wiz
STEPS TO REPRODUCE:I wish to report a bug, and the fix, in the current released version of Plesk's modsecurity package version which is causing a segmentation fault in apache under Plesk Obsidian/Debian 9.
/var/log/apache2# apt-cache policy libapache2-modsecurity-plesk
libapache2-modsecurity-plesk:
Installed: 2.9.3-v.debian.9+p18.0.19.3+t191002.1251
Candidate: 2.9.3-v.debian.9+p18.0.19.3+t191002.1251
Version table:
*** 2.9.3-v.debian.9+p18.0.19.3+t191002.1251 500
500 http://autoinstall.plesk.com/pool/PSA_18.0.19_1013 stretch/all amd64 Packages
500 http://autoinstall.plesk.com/pool/PSA_18.0.19_1013 stretch/extras amd64 Packages
100 /var/lib/dpkg/status
The fix/patch has already been committed to SpiderLabs/ModSecurity and Plesk needs to recompile libapache2-modsecurity-plesk to v2.9.4 and release it via Obsidian's update channel.
Please share the above with your developers so it is actioned as soon as possible as I am unable to use my custom modsecurity rules due to this.
Thank you.
Wiz
The fault is caused when using 'SecRemoteRules' in custom modsecurity rules - ref: SecRemoteRules (2.9.3) - Segfault · Issue #1982 · SpiderLabs/ModSecurity
ACTUAL RESULT:
Code:
systemctl status apache2.service
● apache2.service - The Apache HTTP Server
Loaded: loaded (/lib/systemd/system/apache2.service; disabled; vendor preset: enabled)
Active: failed (Result: exit-code) since Wed 2019-10-16 16:37:49 +04; 2s ago
Process: 14963 ExecStop=/usr/sbin/apachectl stop (code=exited, status=139)
Process: 14980 ExecStart=/usr/sbin/apachectl start (code=exited, status=139)
Oct 16 16:37:48 xx.xxxxxx.xx systemd[1]: Starting The Apache HTTP Server...
Oct 16 16:37:49 xx.xxxxxx.xx apachectl[14980]: Segmentation fault
Oct 16 16:37:49 xx.xxxxxx.xx apachectl[14980]: Action 'start' failed.
Oct 16 16:37:49 xx.xxxxxx.xx apachectl[14980]: The Apache error log may have more information.
Oct 16 16:37:49 xx.xxxxxx.xx systemd[1]: apache2.service: Control process exited, code=exited status=139
Oct 16 16:37:49 xx.xxxxxx.xx systemd[1]: Failed to start The Apache HTTP Server.
Oct 16 16:37:49 xx.xxxxxx.xx systemd[1]: apache2.service: Unit entered failed state.
Oct 16 16:37:49 xx.xxxxxx.xx systemd[1]: apache2.service: Failed with result 'exit-code'.
journalctl -xe
Oct 16 16:37:48 xx.xxxxxx.xx systemd[1]: Starting The Apache HTTP Server...
-- Subject: Unit apache2.service has begun start-up
-- Defined-By: systemd
-- Support: https://www.debian.org/support
--
-- Unit apache2.service has begun starting up.
Oct 16 16:37:49 xx.xxxxxx.xx apachectl[14980]: Segmentation fault
Oct 16 16:37:49 xx.xxxxxx.xx apachectl[14980]: Action 'start' failed.
Oct 16 16:37:49 xx.xxxxxx.xx apachectl[14980]: The Apache error log may have more information.
Oct 16 16:37:49 xx.xxxxxx.xx kernel: apache2[14983]: segfault at 38 ip 00007fc00fb6d0a8 sp 00007ffcab7d8ce0 error 4 in mod_security2.so[7fc00fb03000+b5000]
Oct 16 16:37:49 xx.xxxxxx.xx systemd[1]: apache2.service: Control process exited, code=exited status=139
Oct 16 16:37:49 xx.xxxxxx.xx systemd[1]: Failed to start The Apache HTTP Server.
-- Subject: Unit apache2.service has failed
-- Defined-By: systemd
-- Support: https://www.debian.org/support
--
-- Unit apache2.service has failed.
--
-- The result is failed.
Oct 16 16:37:49 xx.xxxxxx.xx systemd[1]: apache2.service: Unit entered failed state.
Oct 16 16:37:49 xx.xxxxxx.xx systemd[1]: apache2.service: Failed with result 'exit-code'.
Error log via the gui:
modsecurity_ctl failed: START httpd_modules_ctl --enable security2,unique_id Enabling module security2. To activate the new configuration, you need to run: systemctl restart apache2 Module unique_id already enabled INFO: [Wed Oct 16 15:05:50 +04 2019]: Service: apache2, Action: start Trying to start service apache2... failed Oct 16 15:05:50 xx.xxxxxx.xx systemd[1]: Starting The Apache HTTP Server... Oct 16 15:05:50 xx.xxxxxx.xx apachectl[13859]: Segmentation fault Oct 16 15:05:50 xx.xxxxxx.xx apachectl[13859]: Action 'start' failed. Oct 16 15:05:50 xx.xxxxxx.xx apachectl[13859]: The Apache error log may have more information. Oct 16 15:05:50 xx.xxxxxx.xx systemd[1]: apache2.service: Control process exited, code=exited status=139 Oct 16 15:05:50 xx.xxxxxx.xx systemd[1]: Failed to start The Apache HTTP Server. Oct 16 15:05:50 xx.xxxxxx.xx systemd[1]: apache2.service: Unit entered failed state. Oct 16 15:05:50 xx.xxxxxx.xx systemd[1]: apache2.service: Failed with result 'exit-code'. ***** problem report ***** start service apache2 /opt/psa/admin/sbin/pleskrc execution failed: Job for apache2.service failed because the control process exited with error code. See "systemctl status apache2.service" and "journalctl -xe" for details. /opt/psa/admin/sbin/pleskrc execution failed: Job for apache2.service failed because the control process exited with error code. See "systemctl status apache2.service" and "journalctl -xe" for details.
PleskUtilException
Message modsecurity_ctl failed: START httpd_modules_ctl --enable security2,unique_id Enabling module security2. To activate the new configuration, you need to run: systemctl restart apache2 Module unique_id already enabled INFO: [Wed Oct 16 15:05:50 +04 2019]: Service: apache2, Action: start Trying to start service apache2... failed Oct 16 15:05:50 xx.xxxxxx.xx systemd[1]: Starting The Apache HTTP Server... Oct 16 15:05:50 xx.xxxxxx.xx apachectl[13859]: Segmentation fault Oct 16 15:05:50 xx.xxxxxx.xx apachectl[13859]: Action 'start' failed. Oct 16 15:05:50 xx.xxxxxx.xx apachectl[13859]: The Apache error log may have more information. Oct 16 15:05:50 xx.xxxxxx.xx systemd[1]: apache2.service: Control process exited, code=exited status=139 Oct 16 15:05:50 xx.xxxxxx.xx systemd[1]: Failed to start The Apache HTTP Server. Oct 16 15:05:50 xx.xxxxxx.xx systemd[1]: apache2.service: Unit entered failed state. Oct 16 15:05:50 xx.xxxxxx.xx systemd[1]: apache2.service: Failed with result 'exit-code'. ***** problem report ***** start service apache2 /opt/psa/admin/sbin/pleskrc execution failed: Job for apache2.service failed because the control process exited with error code. See "systemctl status apache2.service" and "journalctl -xe" for details. /opt/psa/admin/sbin/pleskrc execution failed: Job for apache2.service failed because the control process exited with error code. See "systemctl status apache2.service" and "journalctl -xe" for details.
File Agent.php
Line 210
Code:
systemctl status apache2.service
● apache2.service - The Apache HTTP Server
Loaded: loaded (/lib/systemd/system/apache2.service; disabled; vendor preset: enabled)
Active: active (running) since Wed 2019-10-16 16:23:31 +04; 8min ago
Process: 8148 ExecReload=/usr/sbin/apachectl graceful (code=exited, status=0/SUCCESS)
Process: 2293 ExecStart=/usr/sbin/apachectl start (code=exited, status=0/SUCCESS)
Main PID: 2328 (apache2)
Tasks: 153 (limit: 4915)
CGroup: /system.slice/apache2.service
├─2328 /usr/sbin/apache2 -k start
├─8164 /usr/sbin/apache2 -k start
├─8165 /usr/sbin/apache2 -k start
├─8167 Passenger watchdog
├─8170 Passenger core
├─8191 /usr/sbin/apache2 -k start
└─8226 /usr/sbin/apache2 -k start
Oct 16 16:23:30 xx.xxxxxx.xx systemd[1]: Starting The Apache HTTP Server...
Oct 16 16:23:31 xx.xxxxxx.xx systemd[1]: Started The Apache HTTP Server.
Oct 16 16:23:55 xx.xxxxxx.xx systemd[1]: Reloading The Apache HTTP Server.
Oct 16 16:23:56 xx.xxxxxx.xx systemd[1]: Reloaded The Apache HTTP Server.
Oct 16 16:30:27 xx.xxxxxx.xx systemd[1]: Reloading The Apache HTTP Server.
Oct 16 16:30:27 xx.xxxxxx.xx systemd[1]: Reloaded The Apache HTTP Server.
Oct 16 16:30:27 xx.xxxxxx.xx systemd[1]: Reloading The Apache HTTP Server.
-- Subject: Unit apache2.service has begun reloading its configuration
-- Defined-By: systemd
-- Support: https://www.debian.org/support
--
-- Unit apache2.service has begun reloading its configuration
Oct 16 16:30:27 xx.xxxxxx.xx systemd[1]: Reloaded The Apache HTTP Server.
-- Subject: Unit apache2.service has finished reloading its configuration
-- Defined-By: systemd
-- Support: https://www.debian.org/support
--
-- Unit apache2.service has finished reloading its configuration
--
-- The result is done.
YOUR EXPECTATIONS FROM PLESK SERVICE TEAM:Confirm bug