Geoiplookup unable to lock proc mutex for non-httpd users #426

rcbarnett-zz · 2013-10-17T20:20:01Z

MODSEC-278: When using ModSecurity with a per-user request handling module such as MPM-ITK or mod_ruid2, geoiplookup will not be able to lock the proc mutex and thus fail to do the lookup:

Message: Geo Lookup: Failed to lock proc mutex: Permission denied

Vhosts/directories that do not have a specific user assigned, but rather the 'global' httpd user, do not get this error message.

rcbarnett-zz · 2013-10-17T20:20:01Z

Original reporter: lb06

rcbarnett-zz · 2013-10-17T20:20:01Z

lb06: FYI: A workaround is possible using libapache2-mod-geoip. This module populates the ENV variables with GEO* data. You can then perform GEO lookups using SecRule ENV:GEOIP_* rather than with GEO:*.

victorhora · 2018-09-22T21:22:29Z

The global mutex is optional since 112ba45 (included in 2.9.2 release)

This shouldn't be a concern with libModSecurity (aka 3.0) and libMaxMind.

Cheers

ghost assigned zimmerle Oct 17, 2013

quenenni mentioned this issue Jun 22, 2016

Geo Lookup: Failed to lock proc mutex #1168

Closed

zimmerle added the CPANEL itk label Jul 20, 2016

victorhora added this to the v2.9.3 milestone Sep 22, 2018

victorhora closed this as completed Sep 22, 2018

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Geoiplookup unable to lock proc mutex for non-httpd users #426

Geoiplookup unable to lock proc mutex for non-httpd users #426

rcbarnett-zz commented Oct 17, 2013

rcbarnett-zz commented Oct 17, 2013

rcbarnett-zz commented Oct 17, 2013

victorhora commented Sep 22, 2018

Geoiplookup unable to lock proc mutex for non-httpd users #426

Geoiplookup unable to lock proc mutex for non-httpd users #426

Comments

rcbarnett-zz commented Oct 17, 2013

rcbarnett-zz commented Oct 17, 2013

rcbarnett-zz commented Oct 17, 2013

victorhora commented Sep 22, 2018