We have installed nagios log server on one of our Redhat 6 machines. A recent security scan revealed a high number of php vulnerabilities. It appears that php-5.3.3-48.el6_8.x86_64 as well asp php-cli, php-ldap, and php-common are installed. php-5.6.26-1.fc24 appears to contain fixes for this vulnerability. Will it cause problems with Nagios Log server to update php to php-5.6.26?
Thank you,
php v5.4
-
dwhitfield
- Former Nagios Staff
- Posts: 4583
- Joined: Wed Sep 21, 2016 10:29 am
- Location: NoLo, Minneapolis, MN
- Contact:
Re: php v5.4
5.6 is supported. If that's all you do, you will get the follow error, but the good news is it comes complete with instructions for fixing!
PHP script '/var/www/html/nagioslogserver/application/core/LS_Controller.php' is protected by SourceGuardian and requires a SourceGuardian loader 'ixed.5.6.lin' to be installed.
1) Click here to download the required 'ixed.5.6.lin' loader from the SourceGuardian site
2) Install the loader to /usr/lib64/php/modules
3) Edit /etc/php.ini and add 'extension=ixed.5.6.lin' directive
4) Restart the web server
Let us know if you have any problems with the update.
For clarity, 5.7 is NOT supported.
PHP script '/var/www/html/nagioslogserver/application/core/LS_Controller.php' is protected by SourceGuardian and requires a SourceGuardian loader 'ixed.5.6.lin' to be installed.
1) Click here to download the required 'ixed.5.6.lin' loader from the SourceGuardian site
2) Install the loader to /usr/lib64/php/modules
3) Edit /etc/php.ini and add 'extension=ixed.5.6.lin' directive
4) Restart the web server
Let us know if you have any problems with the update.
For clarity, 5.7 is NOT supported.
-
Linuxlogger
- Posts: 32
- Joined: Thu Jun 23, 2016 4:33 pm
Re: php v5.4
Can you please provide the download link. thank you
-
dwhitfield
- Former Nagios Staff
- Posts: 4583
- Joined: Wed Sep 21, 2016 10:29 am
- Location: NoLo, Minneapolis, MN
- Contact:
Re: php v5.4
http://www.sourceguardian.com/loaders.html -- there are different archive versions available but if zip is fine for you, http://www.sourceguardian.com/loaders/d ... x86_64.zip should work.
The various .lin files are in that package, so if you ever need to upgrade again, you should have them.
Please let us know if this does not solve your issue.
The various .lin files are in that package, so if you ever need to upgrade again, you should have them.
Please let us know if this does not solve your issue.
-
Linuxlogger
- Posts: 32
- Joined: Thu Jun 23, 2016 4:33 pm
Re: php v5.4
Looking for how to install sourceguardian package I found the following:
sudo mkdir /usr/local/sourceguardian
cd /usr/local/sourceguardian
sudo wget http://www.sourceguardian.com/loaders/d ... _64.tar.gz
sudo tar xzf loaders.linux-x86_64.tar.gz
sudo cp ixed.5.6.lin /opt/sp/php5.6/lib/php/extensions/no-debug-non-zts-20131226/
sudo bash -c 'echo "zend_extension=/opt/sp/php5.6/lib/php/extensions/no-debug-non-zts-20131226/ixed.5.6.lin" > /etc/php5.6-sp/conf.d/sourceguardian.ini'
sudo service php5.6-fpm-sp restart
since I downloaded and extracted the tar.gz file and copied it to /usr/lib64/php/modules my guess is that the command should read
sudo bash -c 'echo extension=/usr/lib64/php/modules/ixed.5.6.lin > I'm not sure what this should read
sudo service php restart?
sudo mkdir /usr/local/sourceguardian
cd /usr/local/sourceguardian
sudo wget http://www.sourceguardian.com/loaders/d ... _64.tar.gz
sudo tar xzf loaders.linux-x86_64.tar.gz
sudo cp ixed.5.6.lin /opt/sp/php5.6/lib/php/extensions/no-debug-non-zts-20131226/
sudo bash -c 'echo "zend_extension=/opt/sp/php5.6/lib/php/extensions/no-debug-non-zts-20131226/ixed.5.6.lin" > /etc/php5.6-sp/conf.d/sourceguardian.ini'
sudo service php5.6-fpm-sp restart
since I downloaded and extracted the tar.gz file and copied it to /usr/lib64/php/modules my guess is that the command should read
sudo bash -c 'echo extension=/usr/lib64/php/modules/ixed.5.6.lin > I'm not sure what this should read
sudo service php restart?
-
dwhitfield
- Former Nagios Staff
- Posts: 4583
- Joined: Wed Sep 21, 2016 10:29 am
- Location: NoLo, Minneapolis, MN
- Contact:
Re: php v5.4
I just edited the file in manually, but echoing just extension=ixed.5.6.lin should work. The instructions don't say to give the whole file path. I didn't give the file path and it worked for me.
I did not need to modify sourceguardian.ini, only php.ini as the instructions say.
I also did not need to restart a php service, just the web server as the instructions say. That said, I am testing on CentOS, not RHEL.
I think the instructions can be followed literally, although I understand that "install" is a confusing word. I just used cp to drop the .lin file in the appropriate directory.
I did not need to modify sourceguardian.ini, only php.ini as the instructions say.
I also did not need to restart a php service, just the web server as the instructions say. That said, I am testing on CentOS, not RHEL.
I think the instructions can be followed literally, although I understand that "install" is a confusing word. I just used cp to drop the .lin file in the appropriate directory.
-
Linuxlogger
- Posts: 32
- Joined: Thu Jun 23, 2016 4:33 pm
Re: php v5.4
I edited the php.ini file as instructed then restarted the web server, nothing. Then I had to restart the elasticsearch service due to logs filling the root partition. When I did I got the following errror:
sudo service elasticsearch start
PHP Warning: PHP Startup: Unable to load dynamic library '/usr/lib64/php/modules/ixed.5.6.lin' - /usr/lib64/php/modules/ixed.5.6.lin: undefined symbol: zend_is_auto_global_quick in Unknown on line 0
sudo service elasticsearch start
PHP Warning: PHP Startup: Unable to load dynamic library '/usr/lib64/php/modules/ixed.5.6.lin' - /usr/lib64/php/modules/ixed.5.6.lin: undefined symbol: zend_is_auto_global_quick in Unknown on line 0
Re: php v5.4
What process did you follow for updating PHP, and what version is your machine currently outputting as the active version? php -v
Former Nagios Employee