Debian has fixed this by updating apache2 to use dlopen's search path and changing mod-security.load to not use any absolute path. This is a nice clean fix.
For an SRU, I think our options are:
1) Also SRU apache2 to use the search path as Debian has done, but this seems a bit too major for an SRU.
2a) Change mod-security.load dynamically on postinst, but this will prompt on future upgrade (as it's a conffile).
2b) Use ucf to update mod-security.load dynamically on postinst, but this requires introducing ucf which seems excessive for an SRU.
3) Symlink /usr/lib/libxml2.so.2 on postinst, but this would break m-a for libxml2.
I don't like any of these options. What other fix is possible? Or are one of these acceptable?
Debian has fixed this by updating apache2 to use dlopen's search path and changing mod-security.load to not use any absolute path. This is a nice clean fix.
For an SRU, I think our options are:
1) Also SRU apache2 to use the search path as Debian has done, but this seems a bit too major for an SRU. libxml2. so.2 on postinst, but this would break m-a for libxml2.
2a) Change mod-security.load dynamically on postinst, but this will prompt on future upgrade (as it's a conffile).
2b) Use ucf to update mod-security.load dynamically on postinst, but this requires introducing ucf which seems excessive for an SRU.
3) Symlink /usr/lib/
I don't like any of these options. What other fix is possible? Or are one of these acceptable?