Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ModSecurity: Audit log: Failed to create subdirectories #69

Open
afansmth opened this issue Jul 14, 2018 · 5 comments
Open

ModSecurity: Audit log: Failed to create subdirectories #69

afansmth opened this issue Jul 14, 2018 · 5 comments

Comments

@afansmth
Copy link

pls help me to solve this
[:error] [pid 34915] [client 192.168.100.10:51750] [client 192.168.100.10] ModSecurity: Audit log: Failed to create subdirectories: /var/log/mlogc/data/20180714/20180714-1714 (Permission denied) [hostname "192.168.100.26"] [uri "/.noindex.html"] [unique_id "W0nM78slVvAqGUJmnQuyNQAAAAQ"]
@quenenni
Copy link

I had the same problem because apache is running not only with the user www-data, but with all kind of virtual users, like this:
AssignUserId #2010 #2010
After several attempts, I decided to run a script everyday at 23h59 to create all the folders necessary for the next day with the right permissions.
The right permissions are 0777 on folders because every user (virtual or not) must be able to write there.

Not the best for security, but I didn't find a better way to do it.

Here is my script:

#!/bin/bash
DAY=$(date -d 'tomorrow' '+%Y%m%d');

DIR="/var/log/modsec/data/$DAY"

if ! test -d $DIR; then
    mkdir $DIR
    chmod 0777 $DIR
fi

for ((i=0;i<=23;i++)); do
    if [ $i -lt 10 ]; then
        HOUR="0$i"
    else
        HOUR=$i
    fi

    for ((j=0;j<=59;j++)); do
        if [ $j -lt 10 ]; then
            MIN="0$j"
        else
            MIN=$j
        fi

        DIR="/var/log/modsec/data/$DAY/$DAY-$HOUR$MIN"
        if ! test -d $DIR; then
            mkdir $DIR
            chmod 0777 $DIR
        fi
    done
done

I don't have the problem anymore.

Hope this help.

@afansmth
Copy link
Author

@quenenni thanks for ur respons, i will try it soon. hopefully it can help me. thanks.

@afansmth
Copy link
Author

@quenenni hey, i has use ur script but the apache need to make directory again call /var/log/mlogc/date/date-time/time-uniqe_id

ModSecurity: Audit log: Failed to create file: /var/log/mlogc/data/20180718/20180718-1637/20180718-163739-W08KY8uo9q6YSsBO83ilkAAAAAQ (Permission denied) [hostname "192.168.100.26"] [uri "/data"] [unique_id "W08KY8uo9q6YSsBO83ilkAAAAAQ"]

how i can add unique_id on the script ?

@afansmth
Copy link
Author

i solved my issues with
chcon -R -t httpd_sys_rw_content_t /var/log/mlogc/data/*

@isnuryusuf
Copy link

dont forget to
semanage fcontext -a -t httpd_sys_rw_content_t '/var/log/mlogc/data/'

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@quenenni @isnuryusuf @afansmth