From: "Lars Wendler" <polynomial-c@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Subject: [gentoo-commits] repo/gentoo:master commit in: www-servers/apache/files/, www-servers/apache/
Date: Tue, 17 Jul 2018 07:10:11 +0000 (UTC) [thread overview]
Message-ID: <1531811403.04d8c60e97d7fcbd225b060c244a4709cd2f73ab.polynomial-c@gentoo> (raw)
commit: 04d8c60e97d7fcbd225b060c244a4709cd2f73ab
Author: Lars Wendler <polynomial-c <AT> gentoo <DOT> org>
AuthorDate: Tue Jul 17 07:08:50 2018 +0000
Commit: Lars Wendler <polynomial-c <AT> gentoo <DOT> org>
CommitDate: Tue Jul 17 07:10:03 2018 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=04d8c60e
www-servers/apache: Revbump to add new suexec related USE flags.
Also fixed a parallel install issue with suexec binary.
Closes: https://bugs.gentoo.org/661358
Package-Manager: Portage-2.3.43, Repoman-2.3.10
.../{apache-2.4.34.ebuild => apache-2.4.34-r1.ebuild} | 12 ++++++++++--
.../files/apache-2.4.34-suexec_parallel_install.patch | 19 +++++++++++++++++++
www-servers/apache/metadata.xml | 2 ++
3 files changed, 31 insertions(+), 2 deletions(-)
diff --git a/www-servers/apache/apache-2.4.34.ebuild b/www-servers/apache/apache-2.4.34-r1.ebuild
similarity index 96%
rename from www-servers/apache/apache-2.4.34.ebuild
rename to www-servers/apache/apache-2.4.34-r1.ebuild
index eee96296f45..cf545f229ee 100644
--- a/www-servers/apache/apache-2.4.34.ebuild
+++ b/www-servers/apache/apache-2.4.34-r1.ebuild
@@ -130,21 +130,29 @@ HOMEPAGE="https://httpd.apache.org/"
# some helper scripts are Apache-1.1, thus both are here
LICENSE="Apache-2.0 Apache-1.1"
SLOT="2"
-KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~x86-fbsd ~amd64-linux ~x64-macos ~x86-macos ~m68k-mint ~sparc64-solaris ~x64-solaris"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-linux ~x64-macos ~x86-macos ~m68k-mint ~sparc64-solaris ~x64-solaris"
+
# Enable http2 by default (bug #563452)
# FIXME: Move to apache-2.eclass once this has reached stable.
IUSE="${IUSE/apache2_modules_http2/+apache2_modules_http2}"
+# New suexec options (since 2.4.34)
+IUSE="${IUSE} +suexec-caps suexec-syslog"
CDEPEND="apache2_modules_brotli? ( >=app-arch/brotli-0.6.0:= )
apache2_modules_http2? ( >=net-libs/nghttp2-1.2.1 )
apache2_modules_md? ( >=dev-libs/jansson-2.10 )"
-DEPEND+="${CDEPEND}"
+DEPEND+="${CDEPEND}
+ suexec? ( suexec-caps? ( sys-libs/libcap ) )"
RDEPEND+="${CDEPEND}"
REQUIRED_USE="apache2_modules_http2? ( ssl )
apache2_modules_md? ( ssl )"
+PATCHES=(
+ "${FILESDIR}/${PN}-2.4.34-suexec_parallel_install.patch" #661358
+)
+
pkg_setup() {
# dependend critical modules which are not allowed in global scope due
# to USE flag conditionals (bug #499260)
diff --git a/www-servers/apache/files/apache-2.4.34-suexec_parallel_install.patch b/www-servers/apache/files/apache-2.4.34-suexec_parallel_install.patch
new file mode 100644
index 00000000000..d5543f7004b
--- /dev/null
+++ b/www-servers/apache/files/apache-2.4.34-suexec_parallel_install.patch
@@ -0,0 +1,19 @@
+https://bugs.gentoo.org/661358
+
+--- httpd-2.4.34/Makefile.in
++++ httpd-2.4.34/Makefile.in
+@@ -277,12 +277,12 @@
+ $(INSTALL_PROGRAM) $(top_builddir)/support/suexec $(DESTDIR)$(sbindir); \
+ fi
+
+-install-suexec-setuid:
++install-suexec-setuid: install-suexec-binary
+ @if test -f $(builddir)/support/suexec; then \
+ chmod 4755 $(DESTDIR)$(sbindir)/suexec; \
+ fi
+
+-install-suexec-caps:
++install-suexec-caps: install-suexec-binary
+ @if test -f $(builddir)/support/suexec; then \
+ setcap 'cap_setuid,cap_setgid+pe' $(DESTDIR)$(sbindir)/suexec; \
+ fi
diff --git a/www-servers/apache/metadata.xml b/www-servers/apache/metadata.xml
index 293e43d3f29..af77bdc266c 100644
--- a/www-servers/apache/metadata.xml
+++ b/www-servers/apache/metadata.xml
@@ -13,6 +13,8 @@
</longdescription>
<use>
<flag name="suexec">Install suexec with apache</flag>
+ <flag name="suexec-caps">Install suexec with capabilities instead of SUID</flag>
+ <flag name="suexec-syslog">Log suexec to syslog instead of to a separate file</flag>
<flag name="static">Link in apache2 modules statically rather then plugins</flag>
<flag name="apache2_modules_access_compat">Group authorizations based on host (name or IP address). Available as a compatibility module with previous versions.</flag>
<flag name="apache2_modules_authn_core">Provides core authentication capabilities common to all authentication providers (functionality provided by authn_alias in previous versions).</flag>
next reply other threads:[~2018-07-17 7:10 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-07-17 7:10 Lars Wendler [this message]
-- strict thread matches above, loose matches on Subject: below --
2024-05-11 7:13 [gentoo-commits] repo/gentoo:master commit in: www-servers/apache/files/, www-servers/apache/ Hans de Graaff
2024-02-06 3:26 Sam James
2023-05-26 9:35 Sam James
2022-07-22 7:51 Hans de Graaff
2019-09-04 7:16 Lars Wendler
2016-11-02 14:39 Lars Wendler
2016-03-03 16:16 Lars Wendler
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1531811403.04d8c60e97d7fcbd225b060c244a4709cd2f73ab.polynomial-c@gentoo \
--to=polynomial-c@gentoo.org \
--cc=gentoo-commits@lists.gentoo.org \
--cc=gentoo-dev@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox