{"id":474,"date":"2012-10-02T09:45:03","date_gmt":"2012-10-02T07:45:03","guid":{"rendered":"http:\/\/elkano.org\/blog\/?p=474"},"modified":"2013-02-07T10:48:25","modified_gmt":"2013-02-07T09:48:25","slug":"modsecurity-audit-log-failed-to-unlock-global-mutex-permission-denied","status":"publish","type":"post","link":"https:\/\/elkano.org\/blog\/modsecurity-audit-log-failed-to-unlock-global-mutex-permission-denied\/","title":{"rendered":"ModSecurity: Audit log: Failed to unlock global mutex: Permission denied"},"content":{"rendered":"<p>When using Cpanel 11.34.4 with mod_security (with ASL rules) + mod_ruid2 I got this error in Apache error log:<\/p>\n<pre class=\"dontquote prettyprint lang-xml\">\r\nModSecurity: Audit log: Failed to unlock global mutex: Permission denied\r\n<\/pre>\n<p>To solve:<\/p>\n<p>put this lines into \/usr\/local\/apache\/conf\/modsec2.user.conf<\/p>\n<pre class=\"dontquote prettyprint lang-xml\">\r\n  SecAuditLogStorageDir \/var\/asl\/data\/audit\r\n  SecAuditLogType Concurrent\r\n<\/pre>\n<p>Be sure you have right permissions under \/var\/asl\/<\/p>\n<p><strong>UPDATE<\/strong><\/p>\n<p>You may still see this message in the error log file:<\/p>\n<pre class=\"dontquote prettyprint lang-xml\">\r\n[Thu Feb 07 09:49:14 2013] [error] [client 199.115.231.231] ModSecurity: Audit log: Failed to create subdirectories: \/var\/asl\/data\/audit\/20130207\/20130207-0949 (Permission denied)\r\n<\/pre>\n<p>This is caused because each subdirectory is created with each apache httpd process owner, because of mod_ruid2 functionality. To solve this issue I&#8217;ve added this new mod_security directives for creating the logs subdirectories with the correct permissions.<\/p>\n<pre class=\"dontquote prettyprint lang-xml\">\r\nSecAuditLogDirMode 0777\r\nSecAuditLogFileMode 0550\r\nSecAuditLogStorageDir \/var\/asl\/data\/audit\r\nSecAuditLogType Concurrent\r\n<\/pre>\n<p>The last thing you have to do to allow to apache setting this file permissions when creating new files is set correct file creation mask.<\/p>\n<p>I&#8217;ve edited \/etc\/init.d\/httpd file and I&#8217;ve added this line at the top:<\/p>\n<pre class=\"dontquote prettyprint lang-xml\">\r\numask 000\r\n<\/pre>\n","protected":false},"excerpt":{"rendered":"<p>When using Cpanel 11.34.4 with mod_security (with ASL rules) + mod_ruid2 I got this error in Apache error log: ModSecurity: Audit log: Failed to unlock global mutex: Permission denied To solve: put this lines into \/usr\/local\/apache\/conf\/modsec2.user.conf SecAuditLogStorageDir \/var\/asl\/data\/audit SecAuditLogType Concurrent Be sure you have right permissions under \/var\/asl\/ UPDATE You may still see this message [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[3],"tags":[48,65,64],"_links":{"self":[{"href":"https:\/\/elkano.org\/blog\/wp-json\/wp\/v2\/posts\/474"}],"collection":[{"href":"https:\/\/elkano.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/elkano.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/elkano.org\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/elkano.org\/blog\/wp-json\/wp\/v2\/comments?post=474"}],"version-history":[{"count":7,"href":"https:\/\/elkano.org\/blog\/wp-json\/wp\/v2\/posts\/474\/revisions"}],"predecessor-version":[{"id":673,"href":"https:\/\/elkano.org\/blog\/wp-json\/wp\/v2\/posts\/474\/revisions\/673"}],"wp:attachment":[{"href":"https:\/\/elkano.org\/blog\/wp-json\/wp\/v2\/media?parent=474"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/elkano.org\/blog\/wp-json\/wp\/v2\/categories?post=474"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/elkano.org\/blog\/wp-json\/wp\/v2\/tags?post=474"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}