Where is lua?

jimlongo

• November 20, 2013 13:53

[root@vps]# lua -v Lua 5.1.4 Copyright (C) 1994-2008 Lua.org, PUC-Rio I'm trying to enable the 2nd line in modsec2.conf #LoadFile /opt/lua/lib/liblua.so That file doesn't exist. Here's what I have /opt/lua/lib/lua/5.1/ (empty directory) /usr/lib/lua/5.1/ (empty directory) /usr/share/lua/5.1/ (empty directory) binary files at /opt/lua/lib/liblua.a /usr/bin/lua /opt/lua/bin/lua /opt/lua/bin/lua.c
tried all of them, and shouldn't it be this one? [root@vps]# which lua /usr/bin/lua
but still if I put this in modsec2.conf LoadFile /usr/bin/lua Apache won't restart. Thanks.

• 

  cPanelMichael

  • November 20, 2013 21:17

  Hello :) Please let us know the specific OS that's installed on this system: cat /etc/redhat-release
  Also, what specific error message is output when Apache fails to start? Thank you.

  0
• 

  jimlongo

  • November 21, 2013 00:01

  Thanks for the reply. [root@vps ~]# cat /etc/redhat-release CentOS release 5.10 (Final)
  If I try LoadFile /usr/bin/lua in modsec2.conf I get the following error when trying to restart apache from CL [root@vps ~]# service httpd restart httpd: Syntax error on line 39 of /usr/local/apache/conf/httpd.conf: Syntax error on line 5 of /usr/local/apache/conf/modsec2.conf: Cannot load /usr/bin/lua into server: /usr/bin/lua: cannot dynamically load executable
  If I try to restart Apache through the WHM interface I get Apache restart failed. Unable to load pid from pid file and no httpd process found in process list. If apache restart reported success but it failed soon after, it may be caused by oddities with mod_ssl. You should run /usr/local/cpanel/scripts/ssl_crt_status as part of your troubleshooting process. Pass it --help for more details. Also be sure to examine apache's various log files. Apache Restart Output: Log: [Wed Nov 20 17:33:50.629847 2013] [:error] [pid 5594] [client 5.10.83.43:53701] File does not exist: /home/wfc/public_html/wfc_robin_duke.html [Wed Nov 20 17:58:17.476523 2013] [:error] [pid 19479] [client 37.72.190.141:34417] File does not exist: /home/wanless/public_html/forums/profile.php, referer: http://wanlesstennis.com/forums/viewtopic.php?f=11&t=1164 [Wed Nov 20 17:58:23.451212 2013] [:error] [pid 5574] [client 37.72.190.141:35934] File does not exist: /home/wanless/public_html/forums/profile.php, referer: http://wanlesstennis.com/forums/viewtopic.php?f=11&t=1164 [Wed Nov 20 18:32:55.967657 2013] [:error] [pid 16363] [client 147.255.173.248:18047] File does not exist: /home/wanless/public_html/forums/profile.php, referer: http://wanlesstennis.com/forums/viewforum.php?f=18 [Wed Nov 20 18:32:56.593914 2013] [:error] [pid 15799] [client 147.255.173.248:18147] File does not exist: /home/wanless/public_html/forums/profile.php, referer: http://wanlesstennis.com/forums/viewforum.php?f=18 [Wed Nov 20 18:40:58.148293 2013] [cgi:error] [pid 12144] [client 94.23.233.204:59308] AH01215: configuration file not found: [default] at send_a_message.pl line 104. [Wed Nov 20 19:23:35.752205 2013] [access_compat:error] [pid 28142] [client 192.99.0.179:37216] AH01797: client denied by server configuration: /home/rdiv/public_html/ [Wed Nov 20 19:23:38.595696 2013] [access_compat:error] [pid 5594] [client 192.99.0.179:37386] AH01797: client denied by server configuration: /home/rdiv/public_html/403.html [Wed Nov 20 19:23:40.391813 2013] [access_compat:error] [pid 15799] [client 192.99.0.179:37545] AH01797: client denied by server configuration: /home/rdiv/public_html/wp-login.php [Wed Nov 20 19:23:40.393152 2013] [access_compat:error] [pid 15799] [client 192.99.0.179:37545] AH01797: client denied by server configuration: /home/rdiv/public_html/403.html [Wed Nov 20 19:58:13.608579 2013] [mpm_prefork:notice] [pid 5570] AH00169: caught SIGTERM, shutting down
  

  0
• 

  cPanelMichael

  • November 21, 2013 16:40

  Feel free to open a support ticket so we can take a closer look. You can post the ticket number here so we can update this thread with the outcome. Thank you.

  0
• 

  jimlongo

  • November 21, 2013 17:09

  Ticket# 4401941

  0
• 

  cPanelMichael

  • November 21, 2013 19:14

  To update, I would like to add some aditional information from our Mod_Security documentation: [QUOTE]ModSecurity version 2.5 adds support for rule scripting via lua. Lua is known to have difficulties building. Lua build failures will not cause an Apache build to halt, but errors will appear in the build log upon build failure, and lua support will not be enabled. If you wish to use lua in your custom ruleset, you should carefully read about the proper usage of lua and ensure that the lua build was a success. Some things to watch out for when you use lua: ModSecurity marks it as "Experimental," use at your own risk. Lua syntax or permission errors will result in Apache not being able to start. Apache must be able to read the lua file. Lua script changes require an Apache restart to take effect. Lua scripts should be stored in /usr/local/apache/conf in a sub directory such as /usr/local/apache/conf/modsec-lua. Storing scripts in this location will ensure that they are available whenever Apache configurations are tested or when Apache is restarted. It will also keep them intact through EasyApache builds. ALERT! Warning: If you fail to store lua scripts in /usr/local/apache/conf then Apache cannot build. This could result in a broken ModSecurity configuration.
  Thank you.

  0
• 

  jimlongo

  • November 21, 2013 19:58

  Well I guess I'll give up on that. I couldn't build lua 5.2.2 on my platform. CentOS 5.1 I tried all the recommendations in their readme. And it keeps coming back with build errors.

  0
• 

  jimlongo

  • November 25, 2013 04:17

  In case it helps anyone. I found that there are 2 resources available which might help. 1. Centos has a yum installer for lua 5.1.4 Did not try this, but I've been told it works. $ yum install lua lua-devel 2. The problem for me is not that lua wouldn't compile. make and make install will both work. What you need to do is create the dynamic shared library and object. Following the instructions on this page worked for me. [url=http://www.linuxfromscratch.org/blfs/view/svn/general/lua.html]Lua-5.2.2 ==install the patch from that page patch -Np1 -i ../lua-5.2.2-shared_library-2.patch && sed -i '/#define LUA_ROOT/s:/usr/local/:/usr/:' src/luaconf.h && make linux
  ==install lua in /usr/local/apache/conf per cpanel requirement make INSTALL_TOP=/usr/local/apache/conf/modsec_lua TO_LIB="liblua.so liblua.so.5.2 liblua.so.5.2.1" \ INSTALL_DATA="cp -d" INSTALL_MAN=/usr/local/apache/conf/modsec_lua/share/man/man1 install && mkdir -pv /usr/local/apache/conf/modsec_lua/share/doc/lua-5.2.2 && cp -v doc/*.{html,css,gif,png} /usr/local/apache/conf/modsec_lua/share/doc/lua-5.2.2
  

  0
• 

  dfcs

  • June 11, 2015 20:10

  This is an old thread, but I thought I'd respond anyways in case someone else needs help with it. Your main issue is described in this error: "Syntax error on line 5 of /usr/local/apache/conf/modsec2.conf: Cannot load /usr/bin/lua into server: /usr/bin/lua: cannot dynamically load executable" You're trying to use "LoadFile" against an ELF executable. for more information.

  0

Please sign in to leave a comment.