Running aum -u fails with the error and breaks Apache

Created:

2017-03-31 14:28:33 UTC

Modified:

2017-08-08 13:19:05 UTC

0

Was this article helpful?


Have more questions?

Submit a request

Running aum -u fails with the error and breaks Apache

Symptoms

ModSecurity is installed on the server.

Execution of # aum -u gives the following result:

# aum -u


Checking versions ...

ASL version is current: [PASS]
Updating Web Application Firewall to 201704031637: updated [PASS]
-------------------------------------------------------------------
Errors were encountered:
L CODE SOURCE MESSAGES
- ---- ------ --------------------------------------------------------------
2 9901 ASLCommon::cmd_system ERROR: '/bin/cp -af /var/asl/rules/modsec/template-* /var/asl/data/temp[lates/ >/dev/null 2>&1 (1)'
2 9901 ASLCommon::cmd_system ERROR: '/usr/sbin/apachectl -t >/dev/null 2>$1 (1)'
2 9901 ASLCommon::cmd_exec ERROR: '(1) /usr/sbin/apachectl -t 2>&1 -- [Fri Apr 07 17:09:15.588579 2017] [so:warn] [pid 11445:tid 140533768259648] Ah01574 : module unique_id_module is already loaded, skipping||[Fri Apr 07 17:09:15.629545 2017] [so:warn] [pid 11445:tld 140533768259648] AH01574: module security2_module is already loaded, skipping||AH00526: Syntax error on line 36 of /etc/httpd/conf/modsecurity.d/rules/tortix/modsec/50_plesk_basic_asl_rules.conf:||ModSecurity: Found another rule with the same id'
2 601 c_modsec::apply_rules There is a problem with the apache config: [Fri Apr 07 17:09:15.588579 2017] [so:warn] [pid 11445:tid 140533768259648] Ah01574 : module unique_id_module is already loaded, skipping||[Fri Apr 07 17:09:15.629545 2017] [so:warn] [pid 11445:tld 140533768259648] AH01574: module security2_module is already loaded, skipping||AH00526: Syntax error on line 36 of /etc/httpd/conf/modsecurity.d/rules/tortix/modsec/50_plesk_basic_asl_rules.conf:||ModSecurity: Found another rule with the same id
2 601 c_modsec::apply_rules There is a problem with the apache config: Rolling back to the previous update
3 600 c_modsec::apply_rules Errors occured with Apache

Also, in an attempt to restart Apache service, it is failed:

# service httpd restart
Redirecting to /bin/systemctl restart  httpd.service
Job for httpd.service failed because the control process exited with error code. See "systemctl status httpd.service" and "journalctl -xe" for details.
# service httpd status
Redirecting to /bin/systemctl status  httpd.service
● httpd.service - The Apache HTTP Server
   Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled)
   Active: failed (Result: exit-code) since Fri 2017-04-07 17:09:48 NOVT; 44min ago
     Docs: man:httpd(8)
           man:apachectl(8)
  Process: 11493 ExecStop=/bin/kill -WINCH ${MAINPID} (code=exited, status=1/FAILURE)
  Process: 11491 ExecStart=/usr/sbin/httpd $OPTIONS -DFOREGROUND (code=exited, status=1/FAILURE)
  Main PID: 11491 (code=exited, status=1/FAILURE)
Apr 07 17:09:48 server.name httpd[11491]: [Fri Apr 07 17:09:48.000891 2017] [so:warn] [pid 11491:tid 139756822018112] AH01574: module unique_id_module... skipping
Apr 07 17:09:48 server.name httpd[11491]: [Fri Apr 07 17:09:48.042885 2017] [so:warn] [pid 11491:tid 139756822018112] AH01574: module security2_module... skipping
Apr 07 17:09:48 server.name httpd[11491]: AH00526: Syntax error on line 36 of /etc/httpd/conf/modsecurity.d/rules/tortix/modsec/50_plesk_basic_asl_rules.conf:
Apr 07 17:09:48 server.name httpd[11491]: ModSecurity: Found another rule with the same id
Apr 07 17:09:48 server.name kill[11493]: kill: cannot find process ""
Hint: Some lines were ellipsized, use -l to show in full.

The additional configuration file /etc/httpd/conf.d/security2.conf is created, which contains duplicate directives from /etc/httpd/conf.d/00_mod_security.conf.

Cause

It is the known bug PPPM-6090. It will be fixed in future updates.

Resolution

As a workaround use the following action plan:

1) Delete the file /etc/httpd/conf.d/security2.conf,which contains duplicate configuration directives.

2) Stop and start Apache:

# service httpd stop
Redirecting to /bin/systemctl stop  httpd.service
# service httpd start
Redirecting to /bin/systemctl start  httpd.service
Have more questions? Submit a request
Please sign in to leave a comment.