The recommended mod_security configuration https://raw.githubusercontent.com/SpiderLabs/ModSecurity/master/modsecurity.conf-recommended that is distributed as /usr/share/doc/mod_security-2.9.1-r1/modsecurity.conf-recommended.bz2 lists SecUnicodeMapFile set to the file called unicode.mapping. The file is provided in the package repository https://github.com/SpiderLabs/ModSecurity/blob/v2/master/unicode.mapping. However, the file is not installed after emerging mod_security from portage: equery f www-apache/mod_security-2.9.1-r1 * Searching for mod_security2.9.1-r1 in www-apache ... * Contents of www-apache/mod_security-2.9.1-r1: /etc /etc/apache2 /etc/apache2/modules.d /etc/apache2/modules.d/79_mod_security.conf /usr /usr/lib /usr/lib/apache2 /usr/lib/apache2/modules /usr/lib/apache2/modules/mod_security2.so /usr/share /usr/share/doc /usr/share/doc/mod_security-2.9.1-r1 /usr/share/doc/mod_security-2.9.1-r1/CHANGES.bz2 /usr/share/doc/mod_security-2.9.1-r1/README.TXT.bz2 /usr/share/doc/mod_security-2.9.1-r1/modsecurity.conf-recommended.bz2 /var /var/lib /var/lib/modsecurity /var/lib/modsecurity/.keep_www-apache_mod_security-0 /var/lib/modsecurity/data /var/lib/modsecurity/data/.keep_www-apache_mod_security-0 /var/lib/modsecurity/tmp /var/lib/modsecurity/tmp/.keep_www-apache_mod_security-0 /var/lib/modsecurity/upload /var/lib/modsecurity/upload/.keep_www-apache_mod_security-0 Is it possible to keep the file from the source after installation, please?
I see for example Fedora neither providing that file and it seems to cause not issues... what is the problem you are hitting? (I cannot access the pointed link)
I do not remember completely anymore but as far as I can remember I followed https://wiki.gentoo.org/wiki/Apache#Enabling_mod_security which uses /usr/share/doc/mod_security-2.9.1-r1/modsecurity.conf-recommended.bz2 as a basis for the configuration. However, modsecurity.conf-recommended refers to the file unicode.mapping ("SecUnicodeMapFile unicode.mapping 20127" on line 218 in the modsecurity.conf-recommended in https://www.modsecurity.org/tarball/2.9.2/modsecurity-2.9.2.tar.gz). I guess that running mod_security with modsecurity.conf-recommended as the configuration resulted in an error mentioning the file unicode.mapping is missing. I downloaded the file from the github repository and mod_security worked.
This is still an issue. Please either include the 'unicode.mapping' file, or patch the 'modsecurity.conf-recommended' file to NOT refer to the 'unicode.mapping' file by default.
Strictly speaking it's an optional part, but it's annoying to start with an example configuration that does not work. A modified version that retains the missing file: https://github.com/gentoo/gentoo/pull/24272
The bug has been closed via the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=2ca6bc6ad0eed589bffad56c71d0974e957ed464 commit 2ca6bc6ad0eed589bffad56c71d0974e957ed464 Author: Tomáš Mózes <hydrapolic@gmail.com> AuthorDate: 2022-02-19 10:43:29 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2022-02-20 00:30:41 +0000 www-apache/mod_security: keep unicode.mapping Closes: https://bugs.gentoo.org/642476 Signed-off-by: Tomáš Mózes <hydrapolic@gmail.com> Signed-off-by: Sam James <sam@gentoo.org> .../mod_security/mod_security-2.9.5-r1.ebuild | 125 +++++++++++++++++++++ 1 file changed, 125 insertions(+)