1 Reply Latest reply on Feb 9, 2017 8:39 AM by Kary Tankink

    HIPS Linux Package Improvements


      Better RPMs?

      Instead of having HIPS (or something) looking for apache and editing httpd.conf.  Perhaps it would make more sense to make the MFEhiplsm-apache-8.0.0-3881.RH6.x86_64 more intelligent.


      Don't modify /etc/httpd/httpd.conf

      The convention on RedHat flavored systems is to have apache module packages contain the module and a /etc/httpd/conf.d/<name>.load file.  On RedHat 7 the files go in /etc/httpd/conf.modules.d/.

      See "Configuration Layout" here:  https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Sy stem_Administrators_Guide/ch-Web_Servers.html


      Known Apache Versions

      Also since the versions of Apache are known in RedHat and the packages are even taylored to the RH Version there is no need to include modules for versions of apache that aren't available.


      Red Hat Enterprise Linux Application Compatibility Policies - Red Hat Customer Portal




      Red Hat/CentOS 6

      MFEhiplsm-apache-8.0.0-3881.RH6.x86_64.rpm package would contain:





      And /etc/httpd/conf.d/mfehip.load would contain:

      LoadModule /opt/McAfee/hip/web/mod_mfehip22_64.so


      Red Hat 7/Centos 7

      MFEhiplsm-apache-8.0.0-3881.RH7.x86_64.rpm package would contain:





      And /etc/httpd/conf.modules.d/mfehip.load would contain:

      LoadModule /opt/McAfee/hip/web/mod_mfehip24_64.so


      Moving the Modules Around

      Also why are the modules copied to /.apach/?  Is it really necessary?  Why apach?  Was apache too many characters?