From 680e53b37eefa7e434f6281466077ce6b7bc7f2c Mon Sep 17 00:00:00 2001 From: Jerome Charaoui Date: Tue, 2 Feb 2010 23:42:43 -0500 Subject: add php_additional_open_basedirs and php_additional_options in php vhost (fully implemented in standard template only, for now) --- manifests/vhost.pp | 6 +- manifests/vhost/php/standard.pp | 4 + manifests/vhost/template.pp | 3 + templates/vhosts/php/CentOS.erb | 165 +++++++++++++++++++++++++++++++++++++++- templates/vhosts/php/Debian.erb | 165 +++++++++++++++++++++++++++++++++++++++- templates/vhosts/php/php.erb | 154 ------------------------------------- 6 files changed, 339 insertions(+), 158 deletions(-) mode change 120000 => 100644 templates/vhosts/php/CentOS.erb mode change 120000 => 100644 templates/vhosts/php/Debian.erb delete mode 100644 templates/vhosts/php/php.erb diff --git a/manifests/vhost.pp b/manifests/vhost.pp index f1a20f0..1f2db90 100644 --- a/manifests/vhost.pp +++ b/manifests/vhost.pp @@ -30,6 +30,8 @@ define apache::vhost( $php_use_pear = false, $php_safe_mode = true, $php_default_charset = 'absent', + $php_additional_open_basedirs = 'absent', + $php_additional_options = 'absent', $cgi_binpath = 'absent', $default_charset = 'absent', $do_includes = false, @@ -83,6 +85,8 @@ define apache::vhost( php_use_pear => $php_use_pear, php_safe_mode => $php_safe_mode, php_default_charset => $php_default_charset, + php_additional_open_basedirs => $php_additional_open_basedirs, + php_additional_options => $php_additional_options, run_mode => $run_mode, run_uid => $run_uid, run_gid => $run_gid, @@ -98,6 +102,4 @@ define apache::vhost( } default: { fail("no such vhost_mode: $vhost_mode defined for $name.") } } - } - diff --git a/manifests/vhost/php/standard.pp b/manifests/vhost/php/standard.pp index a6e2ff0..6a83a42 100644 --- a/manifests/vhost/php/standard.pp +++ b/manifests/vhost/php/standard.pp @@ -35,6 +35,8 @@ define apache::vhost::php::standard( $php_safe_mode = true, $php_safe_mode_exec_bins = 'absent', $php_default_charset = 'absent', + $php_additional_open_basedirs = 'absent', + $php_additional_options = 'absent', $do_includes = false, $options = 'absent', $additional_options = 'absent', @@ -146,6 +148,8 @@ define apache::vhost::php::standard( php_use_pear => $php_use_pear, php_safe_mode => $php_safe_mode, php_default_charset => $real_php_default_charset, + php_additional_open_basedirs => $php_additional_open_basedirs, + php_additional_options => $php_additional_options, ssl_mode => $ssl_mode, htpasswd_file => $htpasswd_file, htpasswd_path => $htpasswd_path, diff --git a/manifests/vhost/template.pp b/manifests/vhost/template.pp index b0b2e8d..a9e0dbe 100644 --- a/manifests/vhost/template.pp +++ b/manifests/vhost/template.pp @@ -42,6 +42,8 @@ define apache::vhost::template( $php_use_pear = false, $php_safe_mode = true, $php_default_charset = 'absent', + $php_additional_open_basedirs = 'absent', + $php_additional_options = 'absent', $run_mode = 'normal', $run_uid = 'absent', $run_gid = 'absent', @@ -102,6 +104,7 @@ define apache::vhost::template( } } + # set default dirs for templates # php php_safe_mode_exec_bin directory case $php_safe_mode_exec_bin_dir { diff --git a/templates/vhosts/php/CentOS.erb b/templates/vhosts/php/CentOS.erb deleted file mode 120000 index ef6a366..0000000 --- a/templates/vhosts/php/CentOS.erb +++ /dev/null @@ -1 +0,0 @@ -php.erb \ No newline at end of file diff --git a/templates/vhosts/php/CentOS.erb b/templates/vhosts/php/CentOS.erb new file mode 100644 index 0000000..bb88741 --- /dev/null +++ b/templates/vhosts/php/CentOS.erb @@ -0,0 +1,164 @@ +# <%= servername %> +<%- unless ssl_mode.to_s == 'only' then -%> + + Include include.d/defaults.inc + + ServerName <%= servername %> + <%- unless serveralias.to_s.empty? then -%> + ServerAlias <%= serveralias %> + <%- end -%> + <%- unless server_admin.to_s.empty? or server_admin.to_s == 'absent' then -%> + ServerAdmin <%= server_admin %> + <%- end -%> + DocumentRoot <%= documentroot %>/ + + ErrorLog <%= logdir %>/error_log + CustomLog <%= logdir %>/access_log combined + <%- if ssl_mode.to_s == 'force' then -%> + Redirect permanent / https://<%= servername %>/ + <%- end -%> + <%- if default_charset.to_s != 'absent' then -%> + AddDefaultCharset <%= default_charset %> + <%- end -%> + <%- if run_mode.to_s == 'itk' -%> + + AssignUserId <%= run_uid+" "+run_gid %> + + <%- end -%> + <%- if not ssl_mode.to_s == 'force' then -%> + /"> + AllowOverride <%= allow_override %> + <%- if options.to_s != 'absent' or do_includes.to_s == 'true' then -%> + Options <%- unless options.to_s == 'absent' then -%><%= options %><%- end -%><%- if do_includes.to_s == 'true' and not options.include?('+Includes') then -%> +Includes<%- end -%> + + <%- end -%> + <%- unless htpasswd_file.to_s == 'absent' then -%> + AuthType Basic + AuthName "Access fuer <%= servername %>" + AuthUserFile <%= real_htpasswd_path %> + require valid-user + <%- end -%> + php_admin_flag engine on + <%- if php_safe_mode.to_s == 'false' -%> + php_admin_flag safe_mode Off + <%- end -%> + <%- unless php_default_charset.to_s == 'absent' then -%> + php_admin_value default_charset <%= php_default_charset %> + <%- end -%> + php_admin_value open_basedir <%- if php_use_smarty.to_s == 'true' -%>/usr/share/Smarty:<%- end -%><%- if php_use_pear.to_s == 'true' -%>/usr/share/pear:<%- end -%><%= documentroot %>:<%= real_php_upload_tmp_dir %>:<%= real_php_session_save_path %><% unless php_additional_open_basedirs.to_s == 'absent' %><%- php_additional_open_basedirs.each do |php_additional_open_basedir| -%>:<%= php_additional_open_basedir %><%- end -%><%- end %> + php_admin_value upload_tmp_dir <%= real_php_upload_tmp_dir %> + php_admin_value session.save_path <%= real_php_session_save_path %> + <%- unless php_safe_mode_exec_bins.to_s == 'absent' then -%> + php_admin_value safe_mode_exec_dir <%= real_php_safe_mode_exec_bin_dir %> + <%- end -%> + <%- unless php_additional_options.to_s == 'absent' then -%> + <%- php_additional_options.each do |php_additional_option| -%> + <%= php_additional_option %> + <%- end -%> + <%- end -%> + + <%- end -%> + + + <%- if mod_security.to_s == 'true' then -%> + SecRuleEngine On + <%- if mod_security_relevantonly.to_s == 'true' then -%> + SecAuditEngine RelevantOnly + <%- else -%> + SecAuditEngine On + <%- end -%> + <%- else -%> + SecRuleEngine Off + SecAuditEngine Off + <%- end -%> + SecAuditLogType Concurrent + SecAuditLogStorageDir <%= logdir %>/ + SecAuditLog <%= logdir %>/mod_security_audit.log + SecDebugLog <%= logdir %>/mod_security_debug.log + + + <%- unless additional_options.to_s == 'absent' then -%> + <%= additional_options %> + <%- end -%> + +<%- end -%> + +<%- unless ssl_mode.to_s == 'false' then -%> + + Include include.d/defaults.inc + Include include.d/ssl_defaults.inc + + ServerName <%= servername %> + <%- unless serveralias.to_s.empty? then -%> + ServerAlias <%= serveralias %> + <%- end -%> + <%- unless server_admin.to_s.empty? or server_admin.to_s == 'absent' then -%> + ServerAdmin <%= server_admin %> + <%- end -%> + DocumentRoot <%= documentroot %>/ + + ErrorLog <%= logdir %>/error_log + CustomLog <%= logdir %>/access_log combined + <%- if run_mode.to_s == 'itk' -%> + + AssignUserId <%= run_uid+" "+run_gid %> + + <%- end -%> + <%- if default_charset.to_s != 'absent' then -%> + AddDefaultCharset <%= default_charset %> + <%- end -%> + /"> + AllowOverride <%= allow_override %> + <%- if options.to_s != 'absent' or do_includes.to_s == 'true' then -%> + Options <%- unless options.to_s == 'absent' then -%><%= options %><%- end -%><%- if do_includes.to_s == 'true' and not options.include?('+Includes') then -%> +Includes<%- end -%> + + <%- end -%> + <%- unless htpasswd_file.to_s == 'absent' then -%> + AuthType Basic + AuthName "Access fuer <%= servername %>" + AuthUserFile <%= real_htpasswd_path %> + require valid-user + <%- end -%> + php_admin_flag engine on + <%- if php_safe_mode.to_s == 'false' -%> + php_admin_flag safe_mode Off + <%- end -%> + <%- unless php_default_charset.to_s == 'absent' then -%> + php_admin_value default_charset <%= php_default_charset %> + <%- end -%> + php_admin_value open_basedir <%- if php_use_smarty.to_s == 'true' -%>/usr/share/php/Smarty/:<%- end -%><%- if php_use_pear.to_s == 'true' -%>/usr/share/pear/:<%- end -%><%= documentroot %>:<%= real_php_upload_tmp_dir %>:<%= real_php_session_save_path %><% unless php_additional_open_basedirs.to_s == 'absent' %><%- php_additional_open_basedirs.each do |php_additional_open_basedir| -%>:<%= php_additional_open_basedir %><%- end -%><%- end %> + php_admin_value upload_tmp_dir <%= real_php_upload_tmp_dir %> + php_admin_value session.save_path <%= real_php_session_save_path %> + <%- unless php_safe_mode_exec_bins.to_s == 'absent' then -%> + php_admin_value safe_mode_exec_dir <%= real_php_safe_mode_exec_bin_dir %> + <%- end -%> + <%- unless php_additional_options.to_s == 'absent' then -%> + <%- php_additional_options.each do |php_additional_option| -%> + <%= php_additional_option %> + <%- end -%> + <%- end -%> + + + + <%- if mod_security.to_s == 'true' then -%> + SecRuleEngine On + <%- if mod_security_relevantonly.to_s == 'true' then -%> + SecAuditEngine RelevantOnly + <%- else -%> + SecAuditEngine On + <%- end -%> + <%- else -%> + SecRuleEngine Off + SecAuditEngine Off + <%- end -%> + SecAuditLogType Concurrent + SecAuditLogStorageDir <%= logdir %>/ + SecAuditLog <%= logdir %>/mod_security_audit.log + SecDebugLog <%= logdir %>/mod_security_debug.log + + + <%- unless additional_options.to_s == 'absent' then -%> + <%= additional_options %> + <%- end -%> + +<%- end -%> diff --git a/templates/vhosts/php/Debian.erb b/templates/vhosts/php/Debian.erb deleted file mode 120000 index ef6a366..0000000 --- a/templates/vhosts/php/Debian.erb +++ /dev/null @@ -1 +0,0 @@ -php.erb \ No newline at end of file diff --git a/templates/vhosts/php/Debian.erb b/templates/vhosts/php/Debian.erb new file mode 100644 index 0000000..1f24fec --- /dev/null +++ b/templates/vhosts/php/Debian.erb @@ -0,0 +1,164 @@ +# <%= servername %> +<%- unless ssl_mode.to_s == 'only' then -%> + + Include include.d/defaults.inc + + ServerName <%= servername %> + <%- unless serveralias.to_s.empty? then -%> + ServerAlias <%= serveralias %> + <%- end -%> + <%- unless server_admin.to_s.empty? or server_admin.to_s == 'absent' then -%> + ServerAdmin <%= server_admin %> + <%- end -%> + DocumentRoot <%= documentroot %>/ + + ErrorLog <%= logdir %>/error_log + CustomLog <%= logdir %>/access_log combined + <%- if ssl_mode.to_s == 'force' then -%> + Redirect permanent / https://<%= servername %>/ + <%- end -%> + <%- if default_charset.to_s != 'absent' then -%> + AddDefaultCharset <%= default_charset %> + <%- end -%> + <%- if run_mode.to_s == 'itk' -%> + + AssignUserId <%= run_uid+" "+run_gid %> + + <%- end -%> + <%- if not ssl_mode.to_s == 'force' then -%> + /"> + AllowOverride <%= allow_override %> + <%- if options.to_s != 'absent' or do_includes.to_s == 'true' then -%> + Options <%- unless options.to_s == 'absent' then -%><%= options %><%- end -%><%- if do_includes.to_s == 'true' and not options.include?('+Includes') then -%> +Includes<%- end -%> + + <%- end -%> + <%- unless htpasswd_file.to_s == 'absent' then -%> + AuthType Basic + AuthName "Access fuer <%= servername %>" + AuthUserFile <%= real_htpasswd_path %> + require valid-user + <%- end -%> + php_admin_flag engine on + <%- if php_safe_mode.to_s == 'false' -%> + php_admin_flag safe_mode Off + <%- end -%> + <%- unless php_default_charset.to_s == 'absent' then -%> + php_admin_value default_charset <%= php_default_charset %> + <%- end -%> + php_admin_value open_basedir <%- if php_use_smarty.to_s == 'true' || php_use_pear.to_s == 'true' -%>/usr/share/php:<%- end -%><%= documentroot %>:<%= real_php_upload_tmp_dir %>:<%= real_php_session_save_path %><% unless php_additional_open_basedirs.to_s == 'absent' %><%- php_additional_open_basedirs.each do |php_additional_open_basedir| -%>:<%= php_additional_open_basedir %><%- end -%><%- end %> + php_admin_value upload_tmp_dir <%= real_php_upload_tmp_dir %> + php_admin_value session.save_path <%= real_php_session_save_path %> + <%- unless php_safe_mode_exec_bins.to_s == 'absent' then -%> + php_admin_value safe_mode_exec_dir <%= real_php_safe_mode_exec_bin_dir %> + <%- end -%> + <%- unless php_additional_options.to_s == 'absent' then -%> + <%- php_additional_options.each do |php_additional_option| -%> + <%= php_additional_option %> + <%- end -%> + <%- end -%> + + <%- end -%> + + + <%- if mod_security.to_s == 'true' then -%> + SecRuleEngine On + <%- if mod_security_relevantonly.to_s == 'true' then -%> + SecAuditEngine RelevantOnly + <%- else -%> + SecAuditEngine On + <%- end -%> + <%- else -%> + SecRuleEngine Off + SecAuditEngine Off + <%- end -%> + SecAuditLogType Concurrent + SecAuditLogStorageDir <%= logdir %>/ + SecAuditLog <%= logdir %>/mod_security_audit.log + SecDebugLog <%= logdir %>/mod_security_debug.log + + + <%- unless additional_options.to_s == 'absent' then -%> + <%= additional_options %> + <%- end -%> + +<%- end -%> + +<%- unless ssl_mode.to_s == 'false' then -%> + + Include include.d/defaults.inc + Include include.d/ssl_defaults.inc + + ServerName <%= servername %> + <%- unless serveralias.to_s.empty? then -%> + ServerAlias <%= serveralias %> + <%- end -%> + <%- unless server_admin.to_s.empty? or server_admin.to_s == 'absent' then -%> + ServerAdmin <%= server_admin %> + <%- end -%> + DocumentRoot <%= documentroot %>/ + + ErrorLog <%= logdir %>/error_log + CustomLog <%= logdir %>/access_log combined + <%- if run_mode.to_s == 'itk' -%> + + AssignUserId <%= run_uid+" "+run_gid %> + + <%- end -%> + <%- if default_charset.to_s != 'absent' then -%> + AddDefaultCharset <%= default_charset %> + <%- end -%> + /"> + AllowOverride <%= allow_override %> + <%- if options.to_s != 'absent' or do_includes.to_s == 'true' then -%> + Options <%- unless options.to_s == 'absent' then -%><%= options %><%- end -%><%- if do_includes.to_s == 'true' and not options.include?('+Includes') then -%> +Includes<%- end -%> + + <%- end -%> + <%- unless htpasswd_file.to_s == 'absent' then -%> + AuthType Basic + AuthName "Access fuer <%= servername %>" + AuthUserFile <%= real_htpasswd_path %> + require valid-user + <%- end -%> + php_admin_flag engine on + <%- if php_safe_mode.to_s == 'false' -%> + php_admin_flag safe_mode Off + <%- end -%> + <%- unless php_default_charset.to_s == 'absent' then -%> + php_admin_value default_charset <%= php_default_charset %> + <%- end -%> + php_admin_value open_basedir <%- if php_use_smarty.to_s == 'true' || php_use_pear.to_s == 'true' -%>/usr/share/php:<%- end -%><%= documentroot %>:<%= real_php_upload_tmp_dir %>:<%= real_php_session_save_path %><% unless php_additional_open_basedirs.to_s == 'absent' %><%- php_additional_open_basedirs.each do |php_additional_open_basedir| -%>:<%= php_additional_open_basedir %><%- end -%><%- end %> + php_admin_value upload_tmp_dir <%= real_php_upload_tmp_dir %> + php_admin_value session.save_path <%= real_php_session_save_path %> + <%- unless php_safe_mode_exec_bins.to_s == 'absent' then -%> + php_admin_value safe_mode_exec_dir <%= real_php_safe_mode_exec_bin_dir %> + <%- end -%> + <%- unless php_additional_options.to_s == 'absent' then -%> + <%- php_additional_options.each do |php_additional_option| -%> + <%= php_additional_option %> + <%- end -%> + <%- end -%> + + + + <%- if mod_security.to_s == 'true' then -%> + SecRuleEngine On + <%- if mod_security_relevantonly.to_s == 'true' then -%> + SecAuditEngine RelevantOnly + <%- else -%> + SecAuditEngine On + <%- end -%> + <%- else -%> + SecRuleEngine Off + SecAuditEngine Off + <%- end -%> + SecAuditLogType Concurrent + SecAuditLogStorageDir <%= logdir %>/ + SecAuditLog <%= logdir %>/mod_security_audit.log + SecDebugLog <%= logdir %>/mod_security_debug.log + + + <%- unless additional_options.to_s == 'absent' then -%> + <%= additional_options %> + <%- end -%> + +<%- end -%> diff --git a/templates/vhosts/php/php.erb b/templates/vhosts/php/php.erb deleted file mode 100644 index 4a6c829..0000000 --- a/templates/vhosts/php/php.erb +++ /dev/null @@ -1,154 +0,0 @@ -# <%= servername %> -<%- unless ssl_mode.to_s == 'only' then -%> - - Include include.d/defaults.inc - - ServerName <%= servername %> - <%- unless serveralias.to_s.empty? then -%> - ServerAlias <%= serveralias %> - <%- end -%> - <%- unless server_admin.to_s.empty? or server_admin.to_s == 'absent' then -%> - ServerAdmin <%= server_admin %> - <%- end -%> - DocumentRoot <%= documentroot %>/ - - ErrorLog <%= logdir %>/error_log - CustomLog <%= logdir %>/access_log combined - <%- if ssl_mode.to_s == 'force' then -%> - Redirect permanent / https://<%= servername %>/ - <%- end -%> - <%- if default_charset.to_s != 'absent' then -%> - AddDefaultCharset <%= default_charset %> - <%- end -%> - <%- if run_mode.to_s == 'itk' -%> - - AssignUserId <%= run_uid+" "+run_gid %> - - <%- end -%> - <%- if not ssl_mode.to_s == 'force' then -%> - /"> - AllowOverride <%= allow_override %> - <%- if options.to_s != 'absent' or do_includes.to_s == 'true' then -%> - Options <%- unless options.to_s == 'absent' then -%><%= options %><%- end -%><%- if do_includes.to_s == 'true' and not options.include?('+Includes') then -%> +Includes<%- end -%> - - <%- end -%> - <%- unless htpasswd_file.to_s == 'absent' then -%> - AuthType Basic - AuthName "Access fuer <%= servername %>" - AuthUserFile <%= real_htpasswd_path %> - require valid-user - <%- end -%> - php_admin_flag engine on - <%- if php_safe_mode.to_s == 'false' -%> - php_admin_flag safe_mode Off - <%- end -%> - <%- unless php_default_charset.to_s == 'absent' then -%> - php_admin_value default_charset <%= php_default_charset %> - <%- end -%> - php_admin_value open_basedir <%- if php_use_smarty.to_s == 'true' -%>/usr/share/php/Smarty/:<%- end -%><%- if php_use_pear.to_s == 'true' -%>/usr/share/pear/:<%- end -%><%= documentroot %>:<%= real_php_upload_tmp_dir %>:<%= real_php_session_save_path %> - php_admin_value upload_tmp_dir <%= real_php_upload_tmp_dir %> - php_admin_value session.save_path <%= real_php_session_save_path %> - <%- unless php_safe_mode_exec_bins.to_s == 'absent' then -%> - php_admin_value safe_mode_exec_dir <%= real_php_safe_mode_exec_bin_dir %> - <%- end -%> - - <%- end -%> - - - <%- if mod_security.to_s == 'true' then -%> - SecRuleEngine On - <%- if mod_security_relevantonly.to_s == 'true' then -%> - SecAuditEngine RelevantOnly - <%- else -%> - SecAuditEngine On - <%- end -%> - <%- else -%> - SecRuleEngine Off - SecAuditEngine Off - <%- end -%> - SecAuditLogType Concurrent - SecAuditLogStorageDir <%= logdir %>/ - SecAuditLog <%= logdir %>/mod_security_audit.log - SecDebugLog <%= logdir %>/mod_security_debug.log - - - <%- unless additional_options.to_s == 'absent' then -%> - <%= additional_options %> - <%- end -%> - -<%- end -%> - -<%- unless ssl_mode.to_s == 'false' then -%> - - Include include.d/defaults.inc - Include include.d/ssl_defaults.inc - - ServerName <%= servername %> - <%- unless serveralias.to_s.empty? then -%> - ServerAlias <%= serveralias %> - <%- end -%> - <%- unless server_admin.to_s.empty? or server_admin.to_s == 'absent' then -%> - ServerAdmin <%= server_admin %> - <%- end -%> - DocumentRoot <%= documentroot %>/ - - ErrorLog <%= logdir %>/error_log - CustomLog <%= logdir %>/access_log combined - <%- if run_mode.to_s == 'itk' -%> - - AssignUserId <%= run_uid+" "+run_gid %> - - <%- end -%> - <%- if default_charset.to_s != 'absent' then -%> - AddDefaultCharset <%= default_charset %> - <%- end -%> - /"> - AllowOverride <%= allow_override %> - <%- if options.to_s != 'absent' or do_includes.to_s == 'true' then -%> - Options <%- unless options.to_s == 'absent' then -%><%= options %><%- end -%><%- if do_includes.to_s == 'true' and not options.include?('+Includes') then -%> +Includes<%- end -%> - - <%- end -%> - <%- unless htpasswd_file.to_s == 'absent' then -%> - AuthType Basic - AuthName "Access fuer <%= servername %>" - AuthUserFile <%= real_htpasswd_path %> - require valid-user - <%- end -%> - php_admin_flag engine on - <%- if php_safe_mode.to_s == 'false' -%> - php_admin_flag safe_mode Off - <%- end -%> - <%- unless php_default_charset.to_s == 'absent' then -%> - php_admin_value default_charset <%= php_default_charset %> - <%- end -%> - php_admin_value open_basedir <%- if php_use_smarty.to_s == 'true' -%>/usr/share/php/Smarty/:<%- end -%><%- if php_use_pear.to_s == 'true' -%>/usr/share/pear/:<%- end -%><%= documentroot %>:<%= real_php_upload_tmp_dir %>:<%= real_php_session_save_path %> - php_admin_value upload_tmp_dir <%= real_php_upload_tmp_dir %> - php_admin_value session.save_path <%= real_php_session_save_path %> - <%- unless php_safe_mode_exec_bins.to_s == 'absent' then -%> - php_admin_value safe_mode_exec_dir <%= real_php_safe_mode_exec_bin_dir %> - <%- end -%> - - - - <%- if mod_security.to_s == 'true' then -%> - SecRuleEngine On - <%- if mod_security_relevantonly.to_s == 'true' then -%> - SecAuditEngine RelevantOnly - <%- else -%> - SecAuditEngine On - <%- end -%> - <%- else -%> - SecRuleEngine Off - SecAuditEngine Off - <%- end -%> - SecAuditLogType Concurrent - SecAuditLogStorageDir <%= logdir %>/ - SecAuditLog <%= logdir %>/mod_security_audit.log - SecDebugLog <%= logdir %>/mod_security_debug.log - - - <%- unless additional_options.to_s == 'absent' then -%> - <%= additional_options %> - <%- end -%> - -<%- end -%> -- cgit v1.2.3