VM, Atomic Secured Linux, and mod_fcgid


I am running VM Pro on a Centos 5.4 production server. I am using Atomic Secured Linux (ASL) security suite which includes a hardened kernel, vulnerability scanner, userspace and host Intrusion Prevention Systems, malware/rootkit detection and elimination, blacklisting technologies and web application firewalling. ASL was originally designed to secure a Plesk environment, but now can act as a stand-alone security suite.

I am trying to use as much as I can from the VM repos. The only incompatibility I found during setup was with clamav. ASL chocked on the VM setup. Resolved this problem by removing VM clamav, and let ASL install its own version. I had to tweak some settings, but I got it working. Everything has been running smoothly for several months.

Here is the problem: For the first time, the VM update module (which uses yum to do the updating) wants to replace one of its own packages (mod_fcgid-2.2-1.el5.vm.i386.rpm) with one from the atomic repo (mod_fcgid-2.3.4-2.el5.art.i386.rpm). There is no update for mod_fcgid in the VM repo. It also appears that mod_fcgid is not an “official” centos package. Scott Shinn of Atomicorp stated that their version was “…based on the same thing that will be in RHEL/CentOS 6.”

My question: Is there anything special about the VM version (mod_fcgid-2.2-1.el5.vm.i386.rpm)?

I’ve posted on the Atomicorp forum, and will report back anything I learn there.


Is it special? Only in that it’s compiled to work with the Apache version included in the VM repo.

So, what’s special about the Apache version in the VM repo? Only that suexec is compiled to use /home, rather than /var/www. But that’s a big enough issue that they decided to provide an Apache version with the updated suexec.

You’re welcome to use any fcgid version you like, but just remember that it’s a compiled Apache module, and I suspect you’ll run into issues if the Apache version is different… perhaps even if some compile-time options are different.

You could always try it and let us know! :slight_smile: