docker-nginx icon indicating copy to clipboard operation
docker-nginx copied to clipboard

Published 20 hours ago verified publisher icon nginxinc

Unable to build image with modsecurity

Open hathagat opened this issue 2 years ago • 0 comments

Describe the bug

Hi, trying to build the image results in an error because the pcre library is missing. It seems like the module should be build with pcre2 using --with-pcre2 during the configure step.

Related issues:

  • https://github.com/SpiderLabs/ModSecurity/issues/2750
  • https://github.com/nginxinc/docker-nginx/issues/735

Is this an issue or do I need to build the module another way?

To reproduce

Steps to reproduce the behavior:

  1. Use this Dockerfile: https://github.com/nginxinc/docker-nginx/blob/master/modules/Dockerfile
  2. Build according to readme: docker build --build-arg ENABLED_MODULES="modsecurity" -t my-nginx-with-modsecurity .
Spoiler: Error log 
[...]
#10 121.9 checking for libpcre config script... no
#10 121.9 configure: *** pcre library not found.
#10 121.9 configure: error: pcre library is required
#10 122.0 make: *** [debian/rules:47: config.pre.nginx] Error 1
#10 122.0 dpkg-buildpackage: error: debian/rules build subprocess returned exit status 2
#10 122.0 debuild: fatal error at line 1182:
#10 122.0 dpkg-buildpackage -us -uc -ui failed
#10 122.0 real 24.37
#10 122.0 user 23.40
#10 122.0 sys 3.78
#10 122.0 make: *** [Makefile:210: module-modsecurity] Error 29
#10 122.0 + find ../../ -maxdepth 1 -mindepth 1 -type f -name *.deb -exec mv -v {} /tmp/packages/ ;
#10 122.0 + BUILT_MODULES= modsecurity
#10 122.0 + echo BUILT_MODULES=" modsecurity"
#10 DONE 122.5s

#11 [stage-1 2/7] COPY --from=builder /tmp/packages /tmp/packages
#11 CACHED

#12 [stage-1 3/7] RUN set -ex     && apt update     && . /tmp/packages/modules.env     && for module in $BUILT_MODULES; do            apt install --no-install-suggests --no-install-recommends -y /tmp/packages/nginx-module-${module}_1.25.2*.deb;        done     && rm -rf /tmp/packages     && rm -rf /var/lib/apt/lists/
#12 0.474 + apt update
#12 0.482 
#12 0.482 WARNING: apt does not have a stable CLI interface. Use with caution in scripts.
#12 0.482 
#12 0.550 Get:1 http://deb.debian.org/debian bookworm InRelease [151 kB]
#12 0.593 Get:2 http://deb.debian.org/debian bookworm-updates InRelease [52.1 kB]
#12 0.608 Get:3 http://deb.debian.org/debian-security bookworm-security InRelease [48.0 kB]
#12 0.728 Get:4 http://deb.debian.org/debian bookworm/main amd64 Packages [8906 kB]
#12 1.459 Get:5 http://deb.debian.org/debian bookworm-updates/main amd64 Packages [4732 B]
#12 1.459 Get:6 http://deb.debian.org/debian-security bookworm-security/main amd64 Packages [57.6 kB]
#12 2.675 Fetched 9220 kB in 2s (4249 kB/s)
#12 2.675 Reading package lists...
#12 3.710 Building dependency tree...
#12 3.968 Reading state information...
#12 4.033 All packages are up to date.
#12 4.043 + . /tmp/packages/modules.env
#12 4.043 + BUILT_MODULES= modsecurity
#12 4.043 + apt install --no-install-suggests --no-install-recommends -y /tmp/packages/nginx-module-modsecurity_1.25.2*.deb
#12 4.050 
#12 4.050 WARNING: apt does not have a stable CLI interface. Use with caution in scripts.
#12 4.050 
#12 4.054 Reading package lists...
#12 5.086 E: Unsupported file /tmp/packages/nginx-module-modsecurity_1.25.2*.deb given on commandline
#12 ERROR: process "/bin/sh -c set -ex     && apt update     && . /tmp/packages/modules.env     && for module in $BUILT_MODULES; do            apt install --no-install-suggests --no-install-recommends -y /tmp/packages/nginx-module-${module}_${NGINX_VERSION}*.deb;        done     && rm -rf /tmp/packages     && rm -rf /var/lib/apt/lists/" did not complete successfully: exit code: 100
------
 > [stage-1 3/7] RUN set -ex     && apt update     && . /tmp/packages/modules.env     && for module in $BUILT_MODULES; do            apt install --no-install-suggests --no-install-recommends -y /tmp/packages/nginx-module-${module}_1.25.2*.deb;        done     && rm -rf /tmp/packages     && rm -rf /var/lib/apt/lists/:
0.482 
0.550 Get:1 http://deb.debian.org/debian bookworm InRelease [151 kB]
0.593 Get:2 http://deb.debian.org/debian bookworm-updates InRelease [52.1 kB]
0.608 Get:3 http://deb.debian.org/debian-security bookworm-security InRelease [48.0 kB]
0.728 Get:4 http://deb.debian.org/debian bookworm/main amd64 Packages [8906 kB]
1.459 Get:5 http://deb.debian.org/debian bookworm-updates/main amd64 Packages [4732 B]
1.459 Get:6 http://deb.debian.org/debian-security bookworm-security/main amd64 Packages [57.6 kB]


6.086 E: Unsupported file /tmp/packages/nginx-module-modsecurity_1.25.2*.deb given on commandline
------
Dockerfile:74
--------------------
  73 |     COPY --from=builder /tmp/packages /tmp/packages
  74 | >>> RUN set -ex \
  75 | >>>     && apt update \
  76 | >>>     && . /tmp/packages/modules.env \
  77 | >>>     && for module in $BUILT_MODULES; do \
  78 | >>>            apt install --no-install-suggests --no-install-recommends -y /tmp/packages/nginx-module-${module}_${NGINX_VERSION}*.deb; \
  79 | >>>        done \
  80 | >>>     && rm -rf /tmp/packages \
  81 | >>>     && rm -rf /var/lib/apt/lists/
  82 |     
--------------------
ERROR: failed to solve: process "/bin/sh -c set -ex     && apt update     && . /tmp/packages/modules.env     && for module in $BUILT_MODULES; do            apt install --no-install-suggests --no-install-recommends -y /tmp/packages/nginx-module-${module}_${NGINX_VERSION}*.deb;        done     && rm -rf /tmp/packages     && rm -rf /var/lib/apt/lists/" did not complete successfully: exit code: 100

Expected behavior

The image is build successfully.

Your environment

  • Docker version 24.0.5, build ced0996
  • Debian GNU/Linux 11 (bullseye)
  • 6.1.0-0.deb11.7-amd64

hathagat avatar Aug 25 '23 12:08 hathagat