Skip to content

Add interface in libModSecurity for reopening log files #1968

New issue
New issue
Open
#2304
Open
Add interface in libModSecurity for reopening log files#1968
#2304
Assignees
zimmerlevictorhora
Labels
3.xRelated to ModSecurity version 3.xRIP - Type - FeatureRIP - libmodsecuritynew featureThis is a new feature
Milestone
v3.1.0
@victorhora

Description

@victorhora
victorhora
opened on Nov 28, 2018
Contributor

This is related with feature request owasp-modsecurity/ModSecurity-nginx#121

Modsecurity should reopen audit log on these two signals for proper logrotate operation.

As noted at owasp-modsecurity/ModSecurity-nginx#121 (comment), we could leverage a similar approach as described at https://forum.nginx.org/read.php?29,247488,247500#msg-247500 (i.e. use standard nginx API to open some stub-file with ngx_conf_open_file(), add required handler, and use it for detecting USR1 and HUP signals from master process)

But it seems like libModSecurity currently does not have a nice interface to initiate audit/debug log files reopening by connector's request.

There's a PoC on how we could accomplish that on the connector at owasp-modsecurity/ModSecurity-nginx#121 (comment) as a starting point.

Activity

victorhora
added
RIP - Type - Feature
enhancement
RIP - libmodsecurity
TBF by libmodsec
3.xRelated to ModSecurity version 3.x
on Nov 28, 2018
victorhora
added this to the v3.0.4 milestone on Nov 28, 2018
victorhora
assigned
zimmerle
and
victorhora
on Nov 28, 2018
victorhora
mentioned this on Nov 28, 2018
zimmerle
added
new featureThis is a new feature
and removed
TBF by libmodsec
enhancement
on Nov 30, 2018
brandonpayton
linked a pull request that will close this issue on May 1, 2020
remort

remort commented on Oct 4, 2022

@remort
remort
on Oct 4, 2022

Any news up on that?

airween
mentioned this on Jan 30, 2024
baptiste-fourmont

baptiste-fourmont commented on Dec 3, 2024

@baptiste-fourmont
baptiste-fourmont
on Dec 3, 2024

Any news?

airween

airween commented on Dec 3, 2024

@airween
airween
on Dec 3, 2024
Member

Hi @baptiste-fourmont,

Any news?

Unfortunately not. If you have any idea how can we solve this, feel free to open a PR. But I try to keep this on the table...

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Metadata

Metadata

Assignees

Labels

3.xRelated to ModSecurity version 3.xRIP - Type - FeatureRIP - libmodsecuritynew featureThis is a new feature

Type

No type

Projects

No projects

Milestone

Relationships

None yet

    Development

    Participants

    @airween@zimmerle@remort@victorhora@baptiste-fourmont

    Issue actions
      Add interface in libModSecurity for reopening log files · Issue #1968 · owasp-modsecurity/ModSecurity