diff options
author | Lars Wendler <polynomial-c@gentoo.org> | 2018-07-17 09:08:50 +0200 |
---|---|---|
committer | Lars Wendler <polynomial-c@gentoo.org> | 2018-07-17 09:10:03 +0200 |
commit | 04d8c60e97d7fcbd225b060c244a4709cd2f73ab (patch) | |
tree | c79e6c7987c2ffec8a6e82a5f218d67e5ef9af60 /www-servers | |
parent | apache-2.eclass: New suexec options. (diff) | |
download | gentoo-04d8c60e97d7fcbd225b060c244a4709cd2f73ab.tar.gz gentoo-04d8c60e97d7fcbd225b060c244a4709cd2f73ab.tar.bz2 gentoo-04d8c60e97d7fcbd225b060c244a4709cd2f73ab.zip |
www-servers/apache: Revbump to add new suexec related USE flags.
Also fixed a parallel install issue with suexec binary.
Closes: https://bugs.gentoo.org/661358
Package-Manager: Portage-2.3.43, Repoman-2.3.10
Diffstat (limited to 'www-servers')
-rw-r--r-- | www-servers/apache/apache-2.4.34-r1.ebuild (renamed from www-servers/apache/apache-2.4.34.ebuild) | 12 | ||||
-rw-r--r-- | www-servers/apache/files/apache-2.4.34-suexec_parallel_install.patch | 19 | ||||
-rw-r--r-- | www-servers/apache/metadata.xml | 2 |
3 files changed, 31 insertions, 2 deletions
diff --git a/www-servers/apache/apache-2.4.34.ebuild b/www-servers/apache/apache-2.4.34-r1.ebuild index eee96296f454..cf545f229ee8 100644 --- a/www-servers/apache/apache-2.4.34.ebuild +++ b/www-servers/apache/apache-2.4.34-r1.ebuild @@ -130,21 +130,29 @@ HOMEPAGE="https://httpd.apache.org/" # some helper scripts are Apache-1.1, thus both are here LICENSE="Apache-2.0 Apache-1.1" SLOT="2" -KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~x86-fbsd ~amd64-linux ~x64-macos ~x86-macos ~m68k-mint ~sparc64-solaris ~x64-solaris" +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-linux ~x64-macos ~x86-macos ~m68k-mint ~sparc64-solaris ~x64-solaris" + # Enable http2 by default (bug #563452) # FIXME: Move to apache-2.eclass once this has reached stable. IUSE="${IUSE/apache2_modules_http2/+apache2_modules_http2}" +# New suexec options (since 2.4.34) +IUSE="${IUSE} +suexec-caps suexec-syslog" CDEPEND="apache2_modules_brotli? ( >=app-arch/brotli-0.6.0:= ) apache2_modules_http2? ( >=net-libs/nghttp2-1.2.1 ) apache2_modules_md? ( >=dev-libs/jansson-2.10 )" -DEPEND+="${CDEPEND}" +DEPEND+="${CDEPEND} + suexec? ( suexec-caps? ( sys-libs/libcap ) )" RDEPEND+="${CDEPEND}" REQUIRED_USE="apache2_modules_http2? ( ssl ) apache2_modules_md? ( ssl )" +PATCHES=( + "${FILESDIR}/${PN}-2.4.34-suexec_parallel_install.patch" #661358 +) + pkg_setup() { # dependend critical modules which are not allowed in global scope due # to USE flag conditionals (bug #499260) diff --git a/www-servers/apache/files/apache-2.4.34-suexec_parallel_install.patch b/www-servers/apache/files/apache-2.4.34-suexec_parallel_install.patch new file mode 100644 index 000000000000..d5543f7004be --- /dev/null +++ b/www-servers/apache/files/apache-2.4.34-suexec_parallel_install.patch @@ -0,0 +1,19 @@ +https://bugs.gentoo.org/661358 + +--- httpd-2.4.34/Makefile.in ++++ httpd-2.4.34/Makefile.in +@@ -277,12 +277,12 @@ + $(INSTALL_PROGRAM) $(top_builddir)/support/suexec $(DESTDIR)$(sbindir); \ + fi + +-install-suexec-setuid: ++install-suexec-setuid: install-suexec-binary + @if test -f $(builddir)/support/suexec; then \ + chmod 4755 $(DESTDIR)$(sbindir)/suexec; \ + fi + +-install-suexec-caps: ++install-suexec-caps: install-suexec-binary + @if test -f $(builddir)/support/suexec; then \ + setcap 'cap_setuid,cap_setgid+pe' $(DESTDIR)$(sbindir)/suexec; \ + fi diff --git a/www-servers/apache/metadata.xml b/www-servers/apache/metadata.xml index 293e43d3f29a..af77bdc266ca 100644 --- a/www-servers/apache/metadata.xml +++ b/www-servers/apache/metadata.xml @@ -13,6 +13,8 @@ </longdescription> <use> <flag name="suexec">Install suexec with apache</flag> + <flag name="suexec-caps">Install suexec with capabilities instead of SUID</flag> + <flag name="suexec-syslog">Log suexec to syslog instead of to a separate file</flag> <flag name="static">Link in apache2 modules statically rather then plugins</flag> <flag name="apache2_modules_access_compat">Group authorizations based on host (name or IP address). Available as a compatibility module with previous versions.</flag> <flag name="apache2_modules_authn_core">Provides core authentication capabilities common to all authentication providers (functionality provided by authn_alias in previous versions).</flag> |