Rules in optional_rules dir are looking for files (such as: modsecurity_42_comment_spam.data , modsecurity_46_et_web_rules.data , modsecurity_46_et_sql_injection.data ) in their dir. But all of thoose file are one level up, in /etc/apache2/modules.d/mod_security dir.
When i enable optional_rules in mod_security.conf i'm getting:
Syntax error on line 1 of /etc/apache2/modules.d/mod_security/optional_rules/modsecurity_crs_46_et_sql_injection.conf:
Error creating rule: Could not open phrase file "/etc/apache2/modules.d/mod_security/optional_rules/modsecurity_46_et_sql_injection.data": No such file or directory

And there is problem with modsecurity_crs_42_comment_spam.conf , this file throws:
Syntax error on line 30 of /etc/apache2/modules.d/mod_security/optional_rules/modsecurity_crs_42_comment_spam.conf:
Error creating rule: Failed to resolve operator: pmFromFil


Reproducible: Always




# emerge --info
Portage 2.1.8.3 (hardened/linux/x86/10.0, gcc-4.4.4, glibc-2.11.2-r0, 2.6.32-hardened-r9 i686)
=================================================================
System uname: Linux-2.6.32-hardened-r9-i686-Intel-R-_Celeron-R-_CPU_2.40GHz-with-gentoo-1.12.13
Timestamp of tree: Mon, 19 Jul 2010 14:00:01 +0000
ccache version 2.4 [enabled]
app-shells/bash:     4.0_p37
dev-lang/python:     2.6.5-r2, 3.1.2-r3
dev-util/ccache:     2.4-r7
sys-apps/baselayout: 1.12.13
sys-apps/sandbox:    1.6-r2
sys-devel/autoconf:  2.13, 2.65
sys-devel/automake:  1.10.3, 1.11.1
sys-devel/binutils:  2.20.1-r1
sys-devel/gcc:       4.3.4, 4.4.4-r1
sys-devel/gcc-config: 1.4.1
sys-devel/libtool:   2.2.6b
virtual/os-headers:  2.6.30-r1
ACCEPT_KEYWORDS="x86"
ACCEPT_LICENSE="* -@EULA"
CBUILD="i686-pc-linux-gnu"
CFLAGS="-O2 -march=pentium4 -mtune=native -mfpmath=sse -fpeel-loops -fprefetch-loop-arrays -pipe"
CHOST="i686-pc-linux-gnu"
CONFIG_PROTECT="/etc /var/bind"
CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/eselect/postgresql /etc/fonts/fonts.conf /etc/gconf /etc/php/apache2-php5/ext-active/ /etc/php/cgi-php5/ext-active/ /etc/php/cli-php5/ext-active/ /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo"
CXXFLAGS="-O2 -march=pentium4 -mtune=native -mfpmath=sse -fpeel-loops -fprefetch-loop-arrays -pipe"
DISTDIR="/usr/portage/distfiles"
FEATURES="assume-digests ccache collision-protect distlocks fixpackages news parallel-fetch protect-owned sandbox sfperms strict unmerge-logs unmerge-orphans userfetch"
GENTOO_MIRRORS="http://distfiles.gentoo.org"
LANG="pl_PL"
LC_ALL="pl_PL"
LDFLAGS="-Wl,-O1"
LINGUAS="pl en"
PKGDIR="/usr/portage/packages"
PORTAGE_CONFIGROOT="/"
PORTAGE_RSYNC_EXTRA_OPTS="--compress-level=0"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
PORTDIR_OVERLAY="/usr/portage/local /usr/local/portage"
SYNC="rsync://192.168.2.6/gentoo-portage"
USE="acl acpi activefilter apache2 ares async automount bash-completion berkdb bzip2 caps chroot clamav clamd clamdtop cli contentcache cracklib crypt ctype cxx dri dsn erandom exiscan exiscan-acl extras fam ftp gdbm gif gmp gnutls gocr graphite gzip hardened iconv idn imap innodb iproute2 ipv6 jpeg json justify kqemu logrotate logwatch lzo maildir memlimit mhash mime mmap mmx mmxext modules mouse mudflap ncurses network-cron nls nntp nptl nptlonly ocrad openmp openssl pam pcre pic png posix pppd profile readline recode reflection reiserfs session smp snmp spell spl sse sse2 ssl suhosin svg sysfs syslog threads threadsafe tiff tools unicode unzip urandom vhosts vim-pager vim-syntax x86 xattr xml xmlreader zip zlib" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1        emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m       maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="alias auth_basic auth_digest authn_anon authn_default authn_file authz_default authz_groupfile authz_host autoindex cache dav dav_fs dav_lock dbd deflate dir disk_cache env expires ext_filter file_cache filter headers imagemap info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif so status unique_id userdir usertrack vhost_alias" APACHE2_MPMS="worker" ELIBC="glibc" INPUT_DEVICES="mouse keyboard" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="pl en" RUBY_TARGETS="ruby18" USERLAND="GNU" VIDEO_CARDS="sis" XTABLES_ADDONS="geoip ipp2p psd tarpit" 
Unset:  CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, FFLAGS, INSTALL_MASK, MAKEOPTS, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS