Ubuntu or Debian OS is used.
Plesk update fails with the following error message in
CONFIG_TEXT: dpkg: error processing archive /var/cache/apt/archives/libapache2-mod-security2_2.9.0-1_amd64.deb (--unpack):
trying to overwrite '/usr/lib/apache2/modules/mod_security2.so', which is also in package libapache2-modsecurity 2.9.2-ubuntu16.04.18021217
dpkg-deb: error: subprocess paste was killed by signal (Broken pipe)
Errors were encountered while processing:
E: Sub-process /usr/bin/dpkg returned an error code (1)
asl.dpkg-newfiles are present in
# ls -l /etc/cron.*/asl.dpkg*
-rwxr-xr-x 1 root root 3498 Sep 11 00:49 /etc/cron.daily/asl.dpkg-new
-rwxr-xr-x 1 root root 1096 Sep 11 00:49 /etc/cron.hourly/asl.dpkg-new
-rwxr-xr-x 1 root root 284 Sep 11 00:49 /etc/cron.monthly/asl.dpkg-new
-rwxr-xr-x 1 root root 1691 Sep 11 00:49 /etc/cron.weekly/asl.dpkg-new
ModSecurity cannot be switched on under Tools & Settings > Web Application Firewall (ModSecurity):
CONFIG_TEXT: Failed to install the ModSecurity rule set: modsecurity_ctl failed: gpg: directory
/var/lib/plesk/modsec/.gnupg' created gpg: new configuration file/var/lib/plesk/modsec/.gnupg/gpg.conf' created gpg: WARNING: options in
/var/lib/plesk/modsec/.gnupg/gpg.conf' are not yet active during this run gpg: keyring/var/lib/plesk/modsec/.gnupg/secring.gpg' created gpg: keyring
/var/lib/plesk/modsec/.gnupg/pubring.gpg' created gpg: /var/lib/plesk/modsec/.gnupg/trustdb.gpg: trustdb created gpg: key 4520AFA9: public key "Atomicorp (Atomicorp Official Signing Key) <firstname.lastname@example.org>" imported gpg: Total number processed: 1 gpg: imported: 1 (RSA: 1) gpg: assuming signed data in/tmp/tmp2cJFnp/aum' gpg: Signature made Wed Sep 11 19:04:26 2019 +07 using RSA key ID 4520AFA9 gpg: Good signature from "Atomicorp (Atomicorp Official Signing Key) email@example.com" gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: 1818 66DF 9DAC A40E 5B42 9B08 FFBD 5D0A 4520 AFA9 TERM environment variable not set. E: Package 'gpg' has no installation candidate --2019-09-12 12:48:55-- https://www.atomicorp.com/RPM-GPG-KEY.atomicorp.txt Resolving www.atomicorp.com (www.atomicorp.com)... 188.8.131.52 Connecting to www.atomicorp.com (www.atomicorp.com)|184.108.40.206|:443... connected. HTTP request sent, awaiting response... 200 OK Length: 1694 (1.7K) [text/plain] Saving to: 'STDOUT' 0K . 100% 246M=0s 2019-09-12 12:48:56 (246 MB/s) - written to stdout [1694/1694] WARNING: apt does not have a stable CLI interface. Use with caution in scripts. WARNING: apt does not have a stable CLI interface. Use with caution in scripts. debconf: unable to initialize frontend: Dialog debconf: (TERM is not set, so the dialog frontend is not usable.) debconf: falling back to frontend: Readline debconf: unable to initialize frontend: Readline debconf: (This frontend requires a controlling tty.) debconf: falling back to frontend: Teletype dpkg-preconfigure: unable to re-open stdin: E: Sub-process /usr/bin/dpkg returned an error code (1) Command '/bin/bash < /tmp/tmp2cJFnp/aum' returned non-zero exit status 1 Unable to download tortix rule set
Plesk bug with ID PPPM-11003 that will be fixed in one of the future product updates.
Until the bug is fixed, use the following workaround:
Connect to the server via SSH.
Download the attached empty package
libapache2-mod-security2_2.9.0-2_amd64.deband install it:
# wget https://plesk.zendesk.com/hc/article_attachments/360045811014/libapache2-mod-security2_2.9.0-2_amd64.deb
# dpkg -i libapache2-mod-security2_2.9.0-2_amd64.deb
Fix package dependencies:
# apt install -f
If the initial error was returned when switching on ModSecurity rather than Plesk update, the following additional step is required:
Log in to Plesk, navigate to Tools & Settings > Web Application Firewall (ModSecurity) and re-enable rule set/ModSecurity.
To prevent the issue from happening on the servers without the latest ruleset update, until the bug is fixed, uncheck the Update rule sets under Tools & Settings > Web Application Firewall (ModSecurity) > Settings tab.