From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from smtp.gentoo.org (woodpecker.gentoo.org [140.211.166.183]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id BD00215FA50 for ; Fri, 03 Oct 2025 04:52:17 +0000 (UTC) Received: from lists.gentoo.org (bobolink.gentoo.org [140.211.166.189]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange x25519) (No client certificate requested) (Authenticated sender: relay-lists.gentoo.org@gentoo.org) by smtp.gentoo.org (Postfix) with ESMTPSA id A481D34317F for ; Fri, 03 Oct 2025 04:52:17 +0000 (UTC) Received: from bobolink.gentoo.org (localhost [127.0.0.1]) by bobolink.gentoo.org (Postfix) with ESMTP id D612B113137; Fri, 03 Oct 2025 04:52:10 +0000 (UTC) Received: from smtp.gentoo.org (mail.gentoo.org [IPv6:2001:470:ea4a:1:5054:ff:fec7:86e4]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange x25519) (No client certificate requested) by bobolink.gentoo.org (Postfix) with ESMTPS id CC3E0113137 for ; Fri, 03 Oct 2025 04:52:10 +0000 (UTC) Received: from oystercatcher.gentoo.org (oystercatcher.gentoo.org [148.251.78.52]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange x25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id 8080B340A5D for ; Fri, 03 Oct 2025 04:52:10 +0000 (UTC) Received: from localhost.localdomain (localhost [IPv6:::1]) by oystercatcher.gentoo.org (Postfix) with ESMTP id B8BCC3A84 for ; Fri, 03 Oct 2025 04:52:08 +0000 (UTC) From: "Sam James" To: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: 8bit Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "Sam James" Message-ID: <1759467093.90988a3d0b1b7f3a12f0df6437cfcbae4e78b83d.sam@gentoo> Subject: [gentoo-commits] repo/gentoo:master commit in: www-servers/nginx/, eclass/ X-VCS-Repository: repo/gentoo X-VCS-Files: eclass/nginx.eclass www-servers/nginx/nginx-1.28.0-r1.ebuild www-servers/nginx/nginx-1.28.0-r2.ebuild www-servers/nginx/nginx-1.29.0-r3.ebuild www-servers/nginx/nginx-1.29.0-r4.ebuild www-servers/nginx/nginx-1.29.1-r1.ebuild www-servers/nginx/nginx-1.29.1-r2.ebuild www-servers/nginx/nginx-9999.ebuild X-VCS-Directories: www-servers/nginx/ eclass/ X-VCS-Committer: sam X-VCS-Committer-Name: Sam James X-VCS-Revision: 90988a3d0b1b7f3a12f0df6437cfcbae4e78b83d X-VCS-Branch: master Date: Fri, 03 Oct 2025 04:52:08 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply X-Archives-Salt: f7c8e674-d884-4985-befb-34fb9fe36dda X-Archives-Hash: cc10189af1e8b19c8fa529d1b46fe8f4 commit: 90988a3d0b1b7f3a12f0df6437cfcbae4e78b83d Author: Zurab Kvachadze gmail com> AuthorDate: Wed Sep 17 10:42:51 2025 +0000 Commit: Sam James gentoo org> CommitDate: Fri Oct 3 04:51:33 2025 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=90988a3d eclass/nginx.eclass: change /var/tmp -> /var/cache + use new tmpfiles This commit changes of the default location of NGINX temporary files from /var/tmp/nginx (world-writable) to /var/cache/nginx (root-writable). Additionally, this revbumps all www-servers/nginx consumers of nginx.eclass to use the new nginx-r1.tmpfiles, where the path is updated accordingly. This fixes 962961 by specifying that the cache directory should only be pruned on boot, i.e. tmpfiles (even with --remove option) will not delete the temporary files of *running* NGINX. Closes: https://bugs.gentoo.org/962961 Signed-off-by: Zurab Kvachadze gmail.com> Part-of: https://github.com/gentoo/gentoo/pull/43823 Closes: https://github.com/gentoo/gentoo/pull/43823 Signed-off-by: Sam James gentoo.org> eclass/nginx.eclass | 8 ++------ .../nginx/{nginx-1.28.0-r1.ebuild => nginx-1.28.0-r2.ebuild} | 3 +-- .../nginx/{nginx-1.29.0-r3.ebuild => nginx-1.29.0-r4.ebuild} | 3 +-- .../nginx/{nginx-1.29.1-r1.ebuild => nginx-1.29.1-r2.ebuild} | 3 +-- www-servers/nginx/nginx-9999.ebuild | 3 +-- 5 files changed, 6 insertions(+), 14 deletions(-) diff --git a/eclass/nginx.eclass b/eclass/nginx.eclass index b8992d32875a..8d5272f3acdc 100644 --- a/eclass/nginx.eclass +++ b/eclass/nginx.eclass @@ -612,7 +612,7 @@ nginx_src_configure() { conf="${conf%%-temp-path*}" conf="${conf#--http-}" nginx_flags+=( - "--http-${conf}-temp-path=${EPREFIX}/var/tmp/nginx/${conf//-/_}_temp" + "--http-${conf}-temp-path=${EPREFIX}/var/cache/nginx/${conf//-/_}_temp" ) done < <(econf_ngx --help 2>/dev/null | grep -E -- '--http-([A-Za-z]+-?)+-temp-path') unset conf _txt @@ -939,11 +939,7 @@ nginx_pkg_postinst() { local file for file in "${NGINX_MISC_FILES[@]}"; do if [[ ${file} == *.tmpfiles ]]; then - # NGINX wrtites to /var/tmp/nginx as root during startup, therefore - # we abuse tmpfiles_process to pass the '--remove' option. - # This is done in order to clean possibly non-empty /var/tmp/nginx - # directory in world-writable /var/tmp. - tmpfiles_process --remove "${PN}-tmp.conf" + tmpfiles_process "${PN}-tmp.conf" break fi done diff --git a/www-servers/nginx/nginx-1.28.0-r1.ebuild b/www-servers/nginx/nginx-1.28.0-r2.ebuild similarity index 93% rename from www-servers/nginx/nginx-1.28.0-r1.ebuild rename to www-servers/nginx/nginx-1.28.0-r2.ebuild index fdf6369c9c0d..f5bb6269ab24 100644 --- a/www-servers/nginx/nginx-1.28.0-r1.ebuild +++ b/www-servers/nginx/nginx-1.28.0-r2.ebuild @@ -22,8 +22,7 @@ NGINX_MODULES=( NGINX_UPDATE_STREAM=stable NGINX_TESTS_COMMIT=06a36245e134eac985cdfc5fac982cb149f61412 NGINX_MISC_FILES=( - nginx-{r2.logrotate,r2.service,r4.conf,r6.initd,r1.confd} - nginx.tmpfiles + nginx-{r2.logrotate,r2.service,r4.conf,r6.initd,r1.confd,r1.tmpfiles} ) inherit nginx diff --git a/www-servers/nginx/nginx-1.29.0-r3.ebuild b/www-servers/nginx/nginx-1.29.0-r4.ebuild similarity index 93% rename from www-servers/nginx/nginx-1.29.0-r3.ebuild rename to www-servers/nginx/nginx-1.29.0-r4.ebuild index c8c26b2c1040..142e90ee2258 100644 --- a/www-servers/nginx/nginx-1.29.0-r3.ebuild +++ b/www-servers/nginx/nginx-1.29.0-r4.ebuild @@ -22,8 +22,7 @@ NGINX_MODULES=( NGINX_UPDATE_STREAM=mainline NGINX_TESTS_COMMIT=7f1e88e10dca8e4c135ab9e688df0c2484091125 NGINX_MISC_FILES=( - nginx-{r2.logrotate,r2.service,r4.conf,r6.initd,r1.confd} - nginx.tmpfiles + nginx-{r2.logrotate,r2.service,r4.conf,r6.initd,r1.confd,r1.tmpfiles} ) inherit nginx diff --git a/www-servers/nginx/nginx-1.29.1-r1.ebuild b/www-servers/nginx/nginx-1.29.1-r2.ebuild similarity index 93% rename from www-servers/nginx/nginx-1.29.1-r1.ebuild rename to www-servers/nginx/nginx-1.29.1-r2.ebuild index f58e1c861227..ae0f6a6065a8 100644 --- a/www-servers/nginx/nginx-1.29.1-r1.ebuild +++ b/www-servers/nginx/nginx-1.29.1-r2.ebuild @@ -22,8 +22,7 @@ NGINX_MODULES=( NGINX_UPDATE_STREAM=mainline NGINX_TESTS_COMMIT=06a36245e134eac985cdfc5fac982cb149f61412 NGINX_MISC_FILES=( - nginx-{r2.logrotate,r2.service,r4.conf,r6.initd,r1.confd} - nginx.tmpfiles + nginx-{r2.logrotate,r2.service,r4.conf,r6.initd,r1.confd,r1.tmpfiles} ) inherit nginx diff --git a/www-servers/nginx/nginx-9999.ebuild b/www-servers/nginx/nginx-9999.ebuild index 7aa37d32b67c..20d76192d5e8 100644 --- a/www-servers/nginx/nginx-9999.ebuild +++ b/www-servers/nginx/nginx-9999.ebuild @@ -22,8 +22,7 @@ NGINX_MODULES=( NGINX_UPDATE_STREAM=live NGINX_TESTS_COMMIT=live NGINX_MISC_FILES=( - nginx-{r2.logrotate,r2.service,r4.conf,r6.initd,r1.confd} - nginx.tmpfiles + nginx-{r2.logrotate,r2.service,r4.conf,r6.initd,r1.confd,r1.tmpfiles} ) inherit nginx