From c187a279bcdc43556227710373a7e1e3b948d56b Mon Sep 17 00:00:00 2001 From: Joe Orton Date: Mon, 31 Jan 2011 10:18:58 +0000 Subject: [PATCH] - generate dummy mod_ssl cert with CA:FALSE constraint (#667841) - add man page stubs for httpd.event, httpd.worker - drop distcache support - add STOP_TIMEOUT support to init script --- httpd.init | 9 +++++---- httpd.mpm.xml | 51 +++++++++++++++++++++++++++++++++++++++++++++++++++ httpd.spec | 26 +++++++++++++++++++++----- httpd.sysconf | 8 ++++++++ 4 files changed, 85 insertions(+), 9 deletions(-) create mode 100644 httpd.mpm.xml diff --git a/httpd.init b/httpd.init index 597eeb8..983c95e 100755 --- a/httpd.init +++ b/httpd.init @@ -45,6 +45,7 @@ prog=httpd pidfile=${PIDFILE-/var/run/httpd/httpd.pid} lockfile=${LOCKFILE-/var/lock/subsys/httpd} RETVAL=0 +STOP_TIMEOUT=${STOP_TIMEOUT-10} # The semantics of these two functions differ from the way apachectl does # things -- attempting to start while running is a failure, and shutdown @@ -59,12 +60,12 @@ start() { return $RETVAL } -# When stopping httpd a delay of >10 second is required before SIGKILLing the -# httpd parent; this gives enough time for the httpd parent to SIGKILL any -# errant children. +# When stopping httpd, a delay (of default 10 second) is required +# before SIGKILLing the httpd parent; this gives enough time for the +# httpd parent to SIGKILL any errant children. stop() { echo -n $"Stopping $prog: " - killproc -p ${pidfile} -d 10 $httpd + killproc -p ${pidfile} -d ${STOP_TIMEOUT} $httpd RETVAL=$? echo [ $RETVAL = 0 ] && rm -f ${lockfile} ${pidfile} diff --git a/httpd.mpm.xml b/httpd.mpm.xml new file mode 100644 index 0000000..8096f0f --- /dev/null +++ b/httpd.mpm.xml @@ -0,0 +1,51 @@ + + + + + + @DATE@ + Apache HTTP Server + httpd + @VERSION@ + + + + @PROGNAME@ + 8 + + + + @PROGNAME@ + httpd @MPM@ MPM executable + + + + + @PROGNAME@ + + + + + Description + + The @PROGNAME@ executable is an + alternative build of the httpd executable which + uses the @MPM@ Multi-Processing Module (MPM). + The executable accepts the same command-line arguments as + the httpd executable. + + To configure the SysV init scripts to use this MPM, set the + HTTPD environment variable in + the /etc/sysconfig/httpd configuration file. + + + + + See also + + httpd(8), + + + + diff --git a/httpd.spec b/httpd.spec index e1645ba..555b834 100644 --- a/httpd.spec +++ b/httpd.spec @@ -20,6 +20,7 @@ Source12: welcome.conf Source13: manual.conf Source14: httpd.tmpfiles # Documentation +Source31: httpd.mpm.xml Source33: README.confd # build/scripts patches Patch1: httpd-2.1.10-apctl.patch @@ -40,7 +41,7 @@ Patch54: httpd-2.2.0-authnoprov.patch License: ASL 2.0 Group: System Environment/Daemons BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root -BuildRequires: autoconf, perl, pkgconfig, findutils +BuildRequires: autoconf, perl, pkgconfig, findutils, xmlto BuildRequires: zlib-devel, libselinux-devel BuildRequires: apr-devel >= 1.2.0, apr-util-devel >= 1.2.0, pcre-devel >= 5.0 Requires: initscripts >= 8.36, /etc/mime.types, system-logos >= 7.92.1-1 @@ -96,7 +97,7 @@ the Apache HTTP Server. Group: System Environment/Daemons Summary: SSL/TLS module for the Apache HTTP Server Epoch: 1 -BuildRequires: openssl-devel, distcache-devel +BuildRequires: openssl-devel Requires(post): openssl, /bin/cat Requires(pre): httpd Requires: httpd = 0:%{version}-%{release}, httpd-mmn = %{mmn} @@ -189,7 +190,7 @@ popd # Build everything and the kitchen sink with the prefork build mpmbuild prefork \ --enable-mods-shared=all \ - --enable-ssl --with-ssl --enable-distcache \ + --enable-ssl --with-ssl --disable-distcache \ --enable-proxy \ --enable-cache \ --enable-disk-cache \ @@ -203,6 +204,14 @@ for f in %{mpms}; do mpmbuild $f --enable-modules=none done +# Build the man pages +ymdate=`date +'%b %Y'` +for mpm in %{mpms}; do + sed "s/@PROGNAME@/httpd.${mpm}/g;s/@DATE@/${ymdate}/g;s/@VERSION@/%{version}/g;s/@MPM@/${mpm}/g;" \ + < $RPM_SOURCE_DIR/httpd.mpm.xml > httpd.${mpm}.8.xml + xmlto man httpd.${mpm}.8.xml +done + %install rm -rf $RPM_BUILD_ROOT @@ -214,9 +223,10 @@ pushd prefork make DESTDIR=$RPM_BUILD_ROOT install popd -# install alternative MPMs +# install alternative MPMs, and man pages for f in %{mpms}; do install -m 755 ${f}/httpd $RPM_BUILD_ROOT%{_sbindir}/httpd.${f} + install -m 644 httpd.${f}.8 $RPM_BUILD_ROOT%{_mandir}/man8/httpd.${f}.8 done # install conf file/directory @@ -371,7 +381,7 @@ fi if [ ! -f %{sslcert} ] ; then cat << EOF | %{_bindir}/openssl req -new -key %{sslkey} \ - -x509 -days 365 -set_serial $RANDOM \ + -x509 -days 365 -set_serial $RANDOM -extensions v3_req \ -out %{sslcert} 2>/dev/null -- SomeState @@ -486,6 +496,12 @@ rm -rf $RPM_BUILD_ROOT %{_libdir}/httpd/build/*.sh %changelog +* Mon Jan 31 2011 Joe Orton - 2.2.17-7 +- generate dummy mod_ssl cert with CA:FALSE constraint (#667841) +- add man page stubs for httpd.event, httpd.worker +- drop distcache support +- add STOP_TIMEOUT support to init script + * Sat Jan 8 2011 Joe Orton - 2.2.17-6 - update default SSLCipherSuite per upstream trunk diff --git a/httpd.sysconf b/httpd.sysconf index 7102c61..b5ec1e7 100644 --- a/httpd.sysconf +++ b/httpd.sysconf @@ -20,3 +20,11 @@ # variable can be set. # #HTTPD_LANG=C + +# +# When stopping the server a 10 second timeout is allowed before +# forcibly terminating the parent process (with a SIGKILL signal). +# To allow a longer delay, set the STOP_TIMEOUT variable. +# +#STOP_TIMEOUT=10 +#