Re: [OpenIndiana-discuss] More recent modsecurity pkg
In message <80D191A7E0B2DF4688923CB3AA5C27DE79D121C2@pham0030.resco.local>, =?u tf-8?B?U3RlZmFuIE3DvGxsZXItV2lsa2Vu?= writes: >well, completely rebuilding httpd with all its modules was actually what I was > hoping not to need. Although your scriptlets look tempting. Are these comman >ds what was used in the original IPS build process as well? config.nice will reveal how OI's httpd was configured. http://pkg.openindiana.org/hipster/en/search.shtml?token=config.nice&action=Search> I generally find the OS-provided httpd not to be built precisely to my needs, so I favor OmniTI's KYSTYS for OmniOS. YMMV. Happy hacking, John groenv...@acm.org ___ openindiana-discuss mailing list openindiana-discuss@openindiana.org http://openindiana.org/mailman/listinfo/openindiana-discuss
Re: [OpenIndiana-discuss] More recent modsecurity pkg
Hi John, >Try building Apache with gcc and then building modsecurity >against your custom Apache. .. well, completely rebuilding httpd with all its modules was actually what I was hoping not to need. Although your scriptlets look tempting. Are these commands what was used in the original IPS build process as well? Cheers Stefan Dr. Stefan Müller-Wilken Business Unit Manager Java Consulting Acando GmbH Millerntorplatz 1, 20359 Hamburg, Germany Phone: +49 40 822259-239 Mobile: +49 173 2155804 www.acando.de - Acando GmbH, Millerntorplatz 1, 20359 Hamburg, Germany | Geschäftsführer: Guido Ahle | Amtsgericht Hamburg, HRB 76048 | USt-IdNr.: DE208833022 ___ openindiana-discuss mailing list openindiana-discuss@openindiana.org http://openindiana.org/mailman/listinfo/openindiana-discuss
Re: [OpenIndiana-discuss] More recent modsecurity pkg
In message <572ae717.9040...@gmail.com>, Nikola M writes: >On 05/ 3/16 11:25 PM, Stefan Müller-Wilken wrote: >>could anyone with access to the Sun Studio environment do me a great >>favor and lift the mod_security package from its current IPS >>incarnation to the 2.9.1 available from modsecurity.org? >>I tried to compile it with 'gcc' but that will crash Apache httpd >>under oi_151a9 when loading the module. Try building Apache with gcc and then building modsecurity against your custom Apache. $ env PATH=/usr/bin:/usr/sbin:/usr/ccs/bin:/usr/gnu/bin:/usr/sfw/bin \ CC=gcc CFLAGS="-m64 -O3" LDFLAGS="-m64" \ ./configure --with-expat=/usr --with-ssl=/usr --enable-ssl \ --enable-proxy --enable-rewrite --enable-modules=all \ --enable-mods-shared=all --with-included-apr --prefix=/opt/apache22 $ env PATH=/usr/bin:/usr/sbin:/usr/ccs/bin:/usr/gnu/bin:/usr/sfw/bin \ CC=gcc CFLAGS="-m64 -O3" LDFLAGS=-m64 \ ./configure --with-apxs=/opt/apache22/bin/apxs \ --with-apr=/opt/apache22/bin/apr-1-config \ --with-apu=/opt/apache22/bin/apu-1-config \ --prefix=/opt/apache22/modsecurity John groenv...@acm.org ___ openindiana-discuss mailing list openindiana-discuss@openindiana.org http://openindiana.org/mailman/listinfo/openindiana-discuss
Re: [OpenIndiana-discuss] More recent modsecurity pkg
On 05/ 5/16 01:01 AM, Nikola M wrote: Speaking of proprietary, Orcl Solaris is not as proprietary as one might think, since there are open parts of Solaris: https://solaris.java.net/ The majority of the packages in the Oracle Solaris 11 IPS repo are indeed Open Source software (and the recipes for them shared on the above site where OI can see & use them) - but it's the ~30% that aren't that most people complain about. -- -Alan Coopersmith- alan.coopersm...@oracle.com Oracle Solaris Engineering - http://blogs.oracle.com/alanc ___ openindiana-discuss mailing list openindiana-discuss@openindiana.org http://openindiana.org/mailman/listinfo/openindiana-discuss
Re: [OpenIndiana-discuss] More recent modsecurity pkg
-Oorspronkelijk bericht- Van: Nikola M [mailto:minik...@gmail.com] Verzonden: donderdag 5 mei 2016 10:02 Aan: Discussion list for OpenIndiana Onderwerp: Re: [OpenIndiana-discuss] More recent modsecurity pkg On 05/ 5/16 09:48 AM, the outsider wrote: > I also have a Solaris 11.3 machine with contract. > But what are the legal consequences if I compile anything on it? Your code, your binaries. plus you have a contract. Even if you don't I know they (Orcl) makes OS releases (without support/updates) available fo your use and for development. Openindiana can be used for production use without a contract, but it suppose you are active in tresting and making it better :) > The costs of a contract are not as high as many people think. I think they are 1K USD per 1 socket server? But it's sort of off-topic on this list to advocate proprietary products support contracts. I do not advocate anything, but it costs ~ € 750,- for any SUN hardware server per year. Dual or single processor same price. And you get hard- and software support, even on X4140 and X4150 servers. It is a bargain if you compare it with Windows server datacentre. The price you mention is for non-sun/oracle hardware There are nice second hand systems available on Ebay. Speaking of proprietary, Orcl Solaris is not as proprietary as one might think, since there are open parts of Solaris: https://solaris.java.net/ where Openindiana uses a part of it (IPS, parts of X etc hg.openindiana.org) OmniTI and Joyent as I know sell support for their illumos-based distros. (And Nexenta but with pool size limitation and weren't following it lately.) ___ openindiana-discuss mailing list openindiana-discuss@openindiana.org http://openindiana.org/mailman/listinfo/openindiana-discuss ___ openindiana-discuss mailing list openindiana-discuss@openindiana.org http://openindiana.org/mailman/listinfo/openindiana-discuss
Re: [OpenIndiana-discuss] More recent modsecurity pkg
On 05/ 5/16 09:48 AM, the outsider wrote: I also have a Solaris 11.3 machine with contract. But what are the legal consequences if I compile anything on it? Your code, your binaries. plus you have a contract. Even if you don't I know they (Orcl) makes OS releases (without support/updates) available fo your use and for development. Openindiana can be used for production use without a contract, but it suppose you are active in tresting and making it better :) The costs of a contract are not as high as many people think. I think they are 1K USD per 1 socket server? But it's sort of off-topic on this list to advocate proprietary products support contracts. Speaking of proprietary, Orcl Solaris is not as proprietary as one might think, since there are open parts of Solaris: https://solaris.java.net/ where Openindiana uses a part of it (IPS, parts of X etc hg.openindiana.org) OmniTI and Joyent as I know sell support for their illumos-based distros. (And Nexenta but with pool size limitation and weren't following it lately.) ___ openindiana-discuss mailing list openindiana-discuss@openindiana.org http://openindiana.org/mailman/listinfo/openindiana-discuss
Re: [OpenIndiana-discuss] More recent modsecurity pkg
I also have a Solaris 11.3 machine with contract. But what are the legal consequences if I compile anything on it? The costs of a contract are not as high as many people think. -Oorspronkelijk bericht- Van: Nikola M [mailto:minik...@gmail.com] Verzonden: donderdag 5 mei 2016 8:24 Aan: Discussion list for OpenIndiana Onderwerp: Re: [OpenIndiana-discuss] More recent modsecurity pkg On 05/ 3/16 11:25 PM, Stefan Müller-Wilken wrote: > Dear all, > > could anyone with access to the Sun Studio environment do me a great favor and lift the mod_security package from its current IPS incarnation to the 2.9.1 available from modsecurity.org? I tried to compile it with 'gcc' but that will crash Apache httpd under oi_151a9 when loading the module. It is not easy to get older patched Studio releases today. I also tried to install newest Studio on newest OI hipster, but Orcl is making Studio only Solaris-aware and it doesn't regularly install, because of a linker depending on Solaris 11. If anyone of you have support contract with Oracle and wnat Solaris studio to support building on illumos, please ask them via regular channel. Studio that used to be used to compile illumos and OI, before moving to GCC, with md5sums is named: 43ecac9ceecf0dbe8297ae8caacce457 sunstudio12-patched-ii-2009Sep-sol-x86.tar.bz2 1490e3a8eddd972d7467a36afdf88a5a sunstudio12u1-patched-ii-2010Feb-sol-x86.tar.gz (Hash: d08486a68dda65b045b9cd887559fb771da4852c ) Patched SPARC Studio is also not easy to find, (Hash: dde33b1801b8148df06b6980da750c4294f9afdc ) if someone has older,patched Studio for SPARC, please report. ___ openindiana-discuss mailing list openindiana-discuss@openindiana.org http://openindiana.org/mailman/listinfo/openindiana-discuss ___ openindiana-discuss mailing list openindiana-discuss@openindiana.org http://openindiana.org/mailman/listinfo/openindiana-discuss
Re: [OpenIndiana-discuss] More recent modsecurity pkg
On 05/ 3/16 11:25 PM, Stefan Müller-Wilken wrote: Dear all, could anyone with access to the Sun Studio environment do me a great favor and lift the mod_security package from its current IPS incarnation to the 2.9.1 available from modsecurity.org? I tried to compile it with 'gcc' but that will crash Apache httpd under oi_151a9 when loading the module. It is not easy to get older patched Studio releases today. I also tried to install newest Studio on newest OI hipster, but Orcl is making Studio only Solaris-aware and it doesn't regularly install, because of a linker depending on Solaris 11. If anyone of you have support contract with Oracle and wnat Solaris studio to support building on illumos, please ask them via regular channel. Studio that used to be used to compile illumos and OI, before moving to GCC, with md5sums is named: 43ecac9ceecf0dbe8297ae8caacce457 sunstudio12-patched-ii-2009Sep-sol-x86.tar.bz2 1490e3a8eddd972d7467a36afdf88a5a sunstudio12u1-patched-ii-2010Feb-sol-x86.tar.gz (Hash: d08486a68dda65b045b9cd887559fb771da4852c ) Patched SPARC Studio is also not easy to find, (Hash: dde33b1801b8148df06b6980da750c4294f9afdc ) if someone has older,patched Studio for SPARC, please report. ___ openindiana-discuss mailing list openindiana-discuss@openindiana.org http://openindiana.org/mailman/listinfo/openindiana-discuss