diff options
| author |   Donny Davies <woodchip@gentoo.org> | 2002-12-16 18:07:34 +0000 |
|---|---|---|
| committer | Donny Davies <woodchip@gentoo.org> | 2002-12-16 18:07:34 +0000 |
| commit | 08bfc3c91d951a9d4a4d4078f2d130d2aa56ecb4 (patch) | |
| tree | fe55f132313e8f4a739ddc58e15e3fd1bacd33cf | |
| parent | fix rare failures with parallel makes (diff) | |
| download | gentoo-2-08bfc3c91d951a9d4a4d4078f2d130d2aa56ecb4.tar.gz gentoo-2-08bfc3c91d951a9d4a4d4078f2d130d2aa56ecb4.tar.bz2 gentoo-2-08bfc3c91d951a9d4a4d4078f2d130d2aa56ecb4.zip | |
#11209
| -rw-r--r-- | net-www/apache/ChangeLog | 7 | ||||
| -rw-r--r-- | net-www/apache/apache-1.3.27-r2.ebuild | 274 | ||||
| -rw-r--r-- | net-www/apache/files/digest-apache-1.3.27-r2 | 4 | ||||
| -rw-r--r-- | net-www/apache/files/suexec.pam | 2 | ||||
| -rw-r--r-- | net-www/apache/files/suexec_pam_gentoo.patch | 70 |
5 files changed, 356 insertions, 1 deletions
diff --git a/net-www/apache/ChangeLog b/net-www/apache/ChangeLog index 5869345e681f..a2429f453fbd 100644 --- a/net-www/apache/ChangeLog +++ b/net-www/apache/ChangeLog @@ -1,6 +1,11 @@ # ChangeLog for net-www/apache # Copyright 2002 Gentoo Technologies, Inc.; Distributed under the GPL -# $Header: /var/cvsroot/gentoo-x86/net-www/apache/ChangeLog,v 1.33 2002/12/15 11:58:45 bjb Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-www/apache/ChangeLog,v 1.34 2002/12/16 18:07:32 woodchip Exp $ + +*apache-1.3.27-r2 (16 Dec 2002) + + 16 Dec 2002; Donny Davies <woodchip@gentoo.org> : #11209; Added pam support + to suexec, and ipv6 support/patch. Thanks to Andrey Ulanov <drey@rt.mipt.ru>. 06 Dec 2002; Rodney Rees <manson@gentoo.org> : changed sparc ~sparc keywords diff --git a/net-www/apache/apache-1.3.27-r2.ebuild b/net-www/apache/apache-1.3.27-r2.ebuild new file mode 100644 index 000000000000..7f45df578864 --- /dev/null +++ b/net-www/apache/apache-1.3.27-r2.ebuild @@ -0,0 +1,274 @@ +# Copyright 1999-2002 Gentoo Technologies, Inc. +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-www/apache/apache-1.3.27-r2.ebuild,v 1.1 2002/12/16 18:07:34 woodchip Exp $ + +IUSE="ipv6 pam" + +mod_ssl_ver=2.8.11-${PV} + +S=${WORKDIR}/${PN}_${PV} +DESCRIPTION="The Apache Web Server" +HOMEPAGE="http://www.apache.org http://www.modssl.org" +KEYWORDS="~x86 ~ppc ~sparc ~alpha" +SRC_URI="http://httpd.apache.org/dist/httpd/apache_${PV}.tar.gz + mirror://gentoo/${P}-gentoo.diff.bz2 + ftp://ftp.modssl.org/source/mod_ssl-${mod_ssl_ver}.tar.gz + ipv6? http://motoyuki.bsdclub.org/data/IPv6/apache-1.3.27-mod_ssl-2.8.11-v6-20021004.diff.gz" +# The mod_ssl archive is only for providing the EAPI patch in here. +# You should install the net-www/mod_ssl package for the actual DSO. + +DEPEND="sys-devel/perl sys-libs/db + >=dev-libs/mm-1.1.3 + >=sys-libs/gdbm-1.8 + >=dev-libs/expat-1.95.2" +LICENSE="Apache-1.1" +SLOT="1" + +src_unpack() { + local myssl + unpack ${A} || die + cd ${S} || die + bzip2 -dc ${DISTDIR}/${P}-gentoo.diff.bz2 | patch -p1 || die + + # yet another perl path fix.. + cp htdocs/manual/search/manual-index.cgi \ + htdocs/manual/search/manual-index.cgi.orig + sed -e "s:/usr/local/bin/perl5:/usr/bin/perl:" \ + htdocs/manual/search/manual-index.cgi.orig \ + > htdocs/manual/search/manual-index.cgi + rm -f htdocs/manual/search/manual-index.cgi.orig + + # setup eapi... + myssl=${WORKDIR}/mod_ssl-${mod_ssl_ver} + cp ${myssl}/pkg.eapi/*.h src/include + cp ${myssl}/pkg.eapi/*.c src/ap + patch -p0 < ${myssl}/pkg.eapi/eapi.patch || die eapi + + # set a reasonable MM_CORE_PATH location.. + mv src/include/httpd.h src/include/httpd.h.orig + sed -e 's:logs/mm:/var/cache/apache-mm/mm:' \ + src/include/httpd.h.orig > src/include/httpd.h + + # thanks drey@rt.mipt.ru for these two ... + if use ipv6; then + zcat ${DISTDIR}/apache-1.3.27-mod_ssl-2.8.11-v6-20021004.diff.gz | patch -p0 || die + fi + + if use pam; then + patch -p1 <${FILESDIR}/suexec_pam_gentoo.patch || die + fi +} + +src_compile() { + local myconf mycflags + mycflags="${CFLAGS}" + unset CFLAGS ; unset CXXFLAGS + use ipv6 && myconf="--enable-rule=INET6" + + # Allow users to move the default data directory by setting the + # home directory of the 'apache' user elsewhere. + DATA_DIR=`grep ^apache: /etc/passwd | cut -d: -f6` + if [ -z "$DATA_DIR" ]; then + DATA_DIR="/home/httpd" + eerror "DATA_DIR is null! Using default." + eerror "Create the apache user and set the homedir to your desired location." + fi + einfo "Using $DATA_DIR as apache's default data directory." + + select_modules_config || \ + die "couldn't find apache-builtin-mods config file" + + #-DBUFFERED_LOGS + OPTIM="${mycflags} -DHARD_SERVER_LIMIT=${HARD_SERVER_LIMIT:=512} \ + -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64" \ + LIBS="-lgdbm -lpthread" \ + EAPI_MM=SYSTEM \ + ./configure \ + --prefix=/usr \ + --exec-prefix=/usr \ + --bindir=/usr/bin \ + --sbindir=/usr/sbin \ + --libexecdir=/usr/lib/apache \ + --mandir=/usr/share/man \ + --sysconfdir=/etc/apache/conf \ + --datadir=${DATA_DIR} \ + --iconsdir=${DATA_DIR}/icons \ + --htdocsdir=${DATA_DIR}/htdocs \ + --manualdir=/usr/share/doc/${PF}/manual \ + --cgidir=${DATA_DIR}/cgi-bin \ + --includedir=/usr/include/apache \ + --localstatedir=/var \ + --runtimedir=/var/run \ + --logfiledir=/var/log/apache \ + --proxycachedir=/var/cache/apache \ + --serverroot=/etc/apache \ + \ + --target=apache \ + --server-uid=apache \ + --server-gid=apache \ + --enable-rule=EAPI \ + --enable-rule=SHARED_CHAIN \ + --with-perl=/usr/bin/perl \ + \ + ${MY_BUILTINS} \ + \ + --enable-suexec \ + --suexec-uidmin=1000 \ + --suexec-gidmin=100 \ + --suexec-caller=apache \ + --suexec-userdir=public_html \ + --suexec-docroot=/home \ + --suexec-safepath="/bin:/usr/bin" \ + --suexec-logfile=/var/log/apache/suexec_log \ + \ + ${myconf} || die "bad ./configure" + + emake || die "compile problem" +} + +src_install() { + # Allow users to move the default data directory by setting the + # home directory of the 'apache' user elsewhere. + DATA_DIR=`grep ^apache: /etc/passwd | cut -d: -f6` + if [ -z "$DATA_DIR" ]; then + eerror "DATA_DIR is null! Using defaults." + eerror "You probably want to check /etc/passwd" + DATA_DIR="/home/httpd" + fi + + GID=`grep ^apache: /etc/group |cut -d: -f3` + if [ -z "${GID}" ]; then + einfo "Using default GID of 81 for Apache" + GID=81 + fi + + local myfile + make install-quiet root=${D} || die + dodoc ABOUT_APACHE Announcement INSTALL* LICENSE* README* WARNING* \ + ${FILESDIR}/robots.txt + + fowners root.${GID} /usr/sbin/suexec + fperms 4710 /usr/sbin/suexec + #fowners apache.apache ${DATA_DIR} + #fowners apache.apache ${DATA_DIR}/htdocs + + # nice support scripts.. + for myfile in apacheaddmod apachedelmod \ + apachelogserverstatus apachesplitlogfile + do + exeinto /usr/sbin + doexe ${FILESDIR}/$myfile + done + + # setup links in /etc/apache.. + cd ${D}/etc/apache + ln -sf ../../usr/lib/apache modules + # apxs needs this to pickup the right lib for install.. + ln -sf ../../usr/lib lib + ln -sf ../../var/log/apache logs + ln -sf ../../usr/lib/apache-extramodules extramodules + + # drop in a convenient link to the manual + dosym /usr/share/doc/${PF}/manual ${DATA_DIR}/htdocs/manual + + # deprecated config files, empty dirs.. + rm -f ${D}/etc/apache/conf/apache.conf.default + rm -f ${D}/etc/apache/conf/access.conf* + rm -f ${D}/etc/apache/conf/srm.conf* + + # We can't delete this if users specify /var/httpd for datadir + # rm -rf ${D}/var + + # now the config files.. + insinto /etc/apache/conf + doins ${FILESDIR}/conf/commonapache.conf + doins ${FILESDIR}/conf/apache.conf + + insinto /etc/apache/conf/vhosts + doins ${FILESDIR}/conf/VirtualHomePages.conf + doins ${FILESDIR}/conf/DynamicVhosts.conf + doins ${FILESDIR}/conf/Vhosts.conf + + exeinto /etc/init.d ; newexe ${FILESDIR}/apache.rc6 apache + insinto /etc/conf.d ; newins ${FILESDIR}/apache.confd apache + insinto /etc/apache ; doins ${FILESDIR}/apache-builtin-mods + + if use pam; then + insinto /etc/pam.d ; newins ${FILESDIR}/suexec.pam suexec + fi + + if [ "$DATA_DIR" != "/home/httpd" ]; then + einfo "Updating data_dir path." + echo grep -lr /home/httpd ${D} + grep -lr /home/httpd ${D} + sleep 30s + for FILE in `grep -lr /home/httpd ${D}`; do + echo "Running sed on: ${FILE}" + cp ${FILE} ${FILE}.orig + echo sed "s:/home/httpd:$DATA_DIR:g" + sed "s:/home/httpd:$DATA_DIR:g" < ${FILE}.orig > ${FILE} + rm ${FILE}.orig + done + fi + + dodir /var/cache/apache + touch ${D}/var/cache/apache/.keep + + dodir /var/cache/apache-mm + touch ${D}/var/cache/apache-mm/.keep + + dodir /usr/lib/apache-extramodules + touch ${D}/usr/lib/apache-extramodules/.keep + + dodir /etc/apache/conf/addon-modules + touch ${D}/etc/apache/conf/addon-modules/.keep + + dodir /var/log/apache + touch ${D}/var/log/apache/.keep +} + +pkg_postinst() { + # these are in baselayout now; it will not hurt to leave them here though + # moved to pkg_postinst by jnelson, moved to pkg_preinst by lostlogic + if ! groupmod apache; then + groupadd -g 81 apache || die "problem adding group apache" + fi + + # usermod returns 2 on user-exists-but-no-flags-given + usermod apache &>/dev/null + if [ $? != 2 ]; then + useradd -u 81 -g apache -s /bin/false -d /home/httpd -c "apache" apache + assert "problem adding user apache" + fi +} + +parse_modules_config() { + local filename=$1 + local name="" + local dso="" + local disable="" + [ -f ${filename} ] || return 1 + einfo "Using ${filename} for builtins." + for i in `cat $filename | sed "s/^#.*//"` ; do + if [ $i == "-" ] ; then + disable="true" + elif [ -z "$name" ] && [ ! -z "`echo $i | grep "mod_"`" ] ; then + name=`echo $i | sed "s/mod_//"` + elif [ "$disable" ] && ( [ $i == "static" ] || [ $i == "shared" ] ) ; then + MY_BUILTINS="${MY_BUILTINS} --disable-module=$name" + name="" ; disable="" + elif [ $i == "static" ] ; then + MY_BUILTINS="${MY_BUILTINS} --enable-module=$name --disable-shared=$name" + name="" ; disable="" + elif [ $i == "shared" ] ; then + MY_BUILTINS="${MY_BUILTINS} --enable-module=$name --enable-shared=$name" + name="" ; disable="" + fi + done +} + +select_modules_config() { + parse_modules_config /etc/apache/apache-builtin-mods || \ + parse_modules_config ${FILESDIR}/apache-builtin-mods || \ + return 1 +} diff --git a/net-www/apache/files/digest-apache-1.3.27-r2 b/net-www/apache/files/digest-apache-1.3.27-r2 new file mode 100644 index 000000000000..210483cef9d7 --- /dev/null +++ b/net-www/apache/files/digest-apache-1.3.27-r2 @@ -0,0 +1,4 @@ +MD5 65b89365a65dcad71d4402b4862beeaa apache_1.3.27.tar.gz 2306052 +MD5 312e00edcf29057235acca7c2f56e068 apache-1.3.27-gentoo.diff.bz2 6963 +MD5 f84bd971aa8db28f31ad6bab2e7acc2c mod_ssl-2.8.11-1.3.27.tar.gz 753416 +MD5 0a2355c0e26c1bf7510c1af0ccc46209 apache-1.3.27-mod_ssl-2.8.11-v6-20021004.diff.gz 37016 diff --git a/net-www/apache/files/suexec.pam b/net-www/apache/files/suexec.pam new file mode 100644 index 000000000000..8cf0b817dc62 --- /dev/null +++ b/net-www/apache/files/suexec.pam @@ -0,0 +1,2 @@ +#%PAM-1.0 +session required /lib/security/pam_limits.so diff --git a/net-www/apache/files/suexec_pam_gentoo.patch b/net-www/apache/files/suexec_pam_gentoo.patch new file mode 100644 index 000000000000..cad50147b683 --- /dev/null +++ b/net-www/apache/files/suexec_pam_gentoo.patch @@ -0,0 +1,70 @@ +diff -ur apache_1.3.27/src/support/Makefile.tmpl apache_1.3.27.old/src/support/Makefile.tmpl~ +--- apache_1.3.27/src/support/Makefile.tmpl Sat Mar 2 20:46:23 2002 ++++ apache_1.3.27.old/src/support/Makefile.tmpl Mon Nov 4 14:33:14 2002 +@@ -49,6 +49,8 @@ + -e 's%@LDFLAGS_MOD_SHLIB@%$(LDFLAGS_MOD_SHLIB)%g' \ + -e 's%@LIBS_SHLIB@%$(LIBS_SHLIB)%g' && chmod a+x apxs + ++suexec: CFLAGS += -DSUEXEC_PAM_SESSION ++suexec: LIBS += -lpam + suexec: suexec.o + $(CC) $(CFLAGS) -o suexec $(LDFLAGS) suexec.o $(LIBS) + +diff -ur apache_1.3.27/src/support/suexec.c apache_1.3.27.old/src/support/suexec.c +--- apache_1.3.27/src/support/suexec.c Mon Nov 4 14:30:16 2002 ++++ apache_1.3.27.old/src/support/suexec.c Mon Nov 4 14:35:45 2002 +@@ -92,6 +92,10 @@ + #include <stdarg.h> + #include <strings.h> + ++#ifdef SUEXEC_PAM_SESSION ++#include <security/pam_appl.h> ++#endif ++ + #include "suexec.h" + + /* +@@ -848,6 +852,43 @@ + #endif /* SUEXEC_UMASK */ + clean_env(); + ++#ifdef SUEXEC_PAM_SESSION ++ /* ++ * Use PAM session support. Initial goal was to use the pam_limits module. ++ */ ++ ++#ifndef PAM_SERVICE_NAME ++#define PAM_SERVICE_NAME "suexec" ++#endif /* PAM_SERVICE_NAME */ ++ ++#define PAM_CALL(call, name, err_code, do_end) \ ++ do \ ++ { \ ++ rc = (call); \ ++ if (rc != PAM_SUCCESS) \ ++ { \ ++ log_err("error: %s(): [%d] %s\n", (name), rc, pam_strerror(pamh, rc)); \ ++ (do_end) && pam_end(pamh, rc); \ ++ exit(err_code); \ ++ } \ ++ } while (0) ++ ++ { ++ int rc; ++ pam_handle_t *pamh = NULL; ++ struct pam_conv pamc = { NULL, NULL }; ++ ++ PAM_CALL(pam_start(PAM_SERVICE_NAME, actual_uname, &pamc, &pamh), ++ "pam_start", 241, 0); ++ PAM_CALL(pam_open_session(pamh, 0), "pam_open_session", 242, 1); ++ PAM_CALL(pam_close_session(pamh, 0), "pam_close_session", 243, 1); ++ PAM_CALL(pam_end(pamh, 0), "pam_end", 244, 0); ++ } ++ ++#undef PAM_CALL ++#undef PAM_SERVICE_NAME ++#endif /* SUEXEC_PAM_SESSION */ ++ + /* + * Be sure to close the log file so the CGI can't + * mess with it. If the exec fails, it will be reopened |