From 62b43fb3b1629f2e2f5bd32c68e844db2aab4dc5 Mon Sep 17 00:00:00 2001 From: Paul Howarth Date: Tue, 27 Mar 2012 21:14:19 +0100 Subject: [PATCH] Fix compatibility with httpd 2.4 in F-18/RHEL-7 onwards - Fix compatibility with httpd 2.4 in F-18/RHEL-7 onwards - Use /run rather than /var/run from F-15/RHEL-7 onwards --- fcgid24.conf | 12 ++++++++ mod_fcgid-tmpfs.conf | 2 +- mod_fcgid.spec | 70 +++++++++++++++++++++++++++++++++----------- 3 files changed, 66 insertions(+), 18 deletions(-) create mode 100644 fcgid24.conf diff --git a/fcgid24.conf b/fcgid24.conf new file mode 100644 index 0000000..2e7d486 --- /dev/null +++ b/fcgid24.conf @@ -0,0 +1,12 @@ +# This is the Apache server configuration file for providing FastCGI support +# through mod_fcgid +# +# Documentation is available at +# http://httpd.apache.org/mod_fcgid/mod/mod_fcgid.html + +# Use FastCGI to process .fcg .fcgi & .fpl scripts +AddHandler fcgid-script fcg fcgi fpl + +# Sane place to put sockets and shared memory file +FcgidIPCDir /run/mod_fcgid +FcgidProcessTableFile /run/mod_fcgid/fcgid_shm diff --git a/mod_fcgid-tmpfs.conf b/mod_fcgid-tmpfs.conf index 1a4897a..02e7d08 100644 --- a/mod_fcgid-tmpfs.conf +++ b/mod_fcgid-tmpfs.conf @@ -1 +1 @@ -d /var/run/mod_fcgid - apache apache +d /run/mod_fcgid - apache apache diff --git a/mod_fcgid.spec b/mod_fcgid.spec index 8ec4000..7d1a381 100644 --- a/mod_fcgid.spec +++ b/mod_fcgid.spec @@ -9,14 +9,29 @@ %global selinux_buildreqs %{nil} %else %global selinux_module 1 -%global selinux_types %(%{__awk} '/^#[[:space:]]*SELINUXTYPE=/,/^[^#]/ { if ($3 == "-") printf "%s ", $2 }' /etc/selinux/config 2>/dev/null) +%global selinux_types %(awk '/^#[[:space:]]*SELINUXTYPE=/,/^[^#]/ { if ($3 == "-") printf "%s ", $2 }' /etc/selinux/config 2>/dev/null) %global selinux_variants %([ -z "%{selinux_types}" ] && echo mls strict targeted || echo %{selinux_types}) %global selinux_buildreqs checkpolicy, selinux-policy-devel, hardlink %endif +# apxs script location +%{!?_httpd_apxs: %global _httpd_apxs %{_sbindir}/apxs} + +# Module Magic Number +%{!?_httpd_mmn: %global _httpd_mmn %(cat %{_includedir}/httpd/.mmn 2>/dev/null || echo missing-httpd-devel)} + +# For httpd ≥ 2.4 we have a different filesystem layout +%if 0%{?fedora} > 17 || 0%{?rhel} > 6 +%global httpd24 1 +%global rundir /run +%else +%global httpd24 0 +%global rundir %{_localstatedir}/run +%endif + Name: mod_fcgid Version: 2.3.6 -Release: 5%{?dist} +Release: 6%{?dist} Summary: FastCGI interface module for Apache 2 Group: System Environment/Daemons License: ASL 2.0 @@ -26,18 +41,19 @@ Source1: fcgid.conf Source2: mod_fcgid-2.1-README.RPM Source3: mod_fcgid-2.1-README.SELinux Source4: mod_fcgid-tmpfs.conf +Source5: fcgid24.conf Source10: fastcgi.te Source11: fastcgi-2.5.te Source12: fastcgi.fc Patch0: mod_fcgid-2.3.4-fixconf-shellbang.patch Patch1: mod_fcgid-2.3.6-bz783742.patch -BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) +BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(id -nu) BuildRequires: httpd-devel >= 2.0, pkgconfig -Requires: httpd-mmn = %([ -a %{_includedir}/httpd/.mmn ] && %{__cat} %{_includedir}/httpd/.mmn || echo missing) +Requires: httpd-mmn = %{_httpd_mmn} # sed required for fixconf script Requires: /bin/sed # systemd-units needed for ownership of /etc/tmpfiles.d directory -%if 0%{?fedora} > 14 +%if 0%{?fedora} > 14 || 0%{?rhel} > 6 Requires: systemd-units %endif # Make sure that selinux-policy is sufficiently up-to-date if it's installed @@ -64,8 +80,8 @@ the number of fastcgi servers, and kicking out corrupt fastcgi servers as soon as possible. %if %{selinux_module} -%global selinux_policyver %(%{__sed} -e 's,.*selinux-policy-\\([^/]*\\)/.*,\\1,' /usr/share/selinux/devel/policyhelp || echo 0.0.0) -%global selinux_policynum %(echo %{selinux_policyver} | %{__awk} -F. '{ printf "%d%02d%02d", $1, $2, $3 }') +%global selinux_policyver %(sed -e 's,.*selinux-policy-\\([^/]*\\)/.*,\\1,' /usr/share/selinux/devel/policyhelp || echo 0.0.0) +%global selinux_policynum %(echo %{selinux_policyver} | awk -F. '{ printf "%d%02d%02d", $1, $2, $3 }') %package selinux Summary: SELinux policy module supporting FastCGI applications with mod_fcgid Group: System Environment/Base @@ -90,6 +106,7 @@ SELinux policy module supporting FastCGI applications with mod_fcgid. cp -p %{SOURCE1} fcgid.conf cp -p %{SOURCE2} README.RPM cp -p %{SOURCE3} README.SELinux +cp -p %{SOURCE5} fcgid24.conf %if 0%{?selinux_policynum} < 20501 cp -p %{SOURCE10} fastcgi.te %else @@ -105,7 +122,7 @@ cp -p %{SOURCE12} fastcgi.fc %patch1 -p3 %build -APXS=/usr/sbin/apxs ./configure.apxs +APXS=%{_httpd_apxs} ./configure.apxs make %if %{selinux_module} for selinuxvariant in %{selinux_variants} @@ -119,15 +136,25 @@ done %install rm -rf %{buildroot} make DESTDIR=%{buildroot} MKINSTALLDIRS="mkdir -p" install +%if %{httpd24} +mkdir -p %{buildroot}{%{_httpd_confdir},%{_httpd_modconfdir}} +echo "LoadModule fcgid_module modules/mod_fcgid.so" > %{buildroot}%{_httpd_modconfdir}/fcgid.conf +install -D -m 644 fcgid24.conf %{buildroot}%{_httpd_confdir}/fcgid.conf +%else install -D -m 644 fcgid.conf %{buildroot}%{_sysconfdir}/httpd/conf.d/fcgid.conf -install -d -m 755 %{buildroot}%{_localstatedir}/run/mod_fcgid +%endif +install -d -m 755 %{buildroot}%{rundir}/mod_fcgid # Include the manual as %%doc, don't need it elsewhere +%if %{httpd24} +rm -rf %{buildroot}%{_httpd_contentdir}/manual +%else rm -rf %{buildroot}%{_var}/www/manual +%endif -# Make sure /var/run/mod_fcgid exists at boot time for systems -# with /var/run on tmpfs (#656625) -%if 0%{?fedora} > 14 +# Make sure %%{rundir}/mod_fcgid exists at boot time for systems +# with %%{rundir} on tmpfs (#656625) +%if 0%{?fedora} > 14 || 0%{?rhel} > 6 install -d -m 755 %{buildroot}%{_sysconfdir}/tmpfiles.d install -p -m 644 %{SOURCE4} %{buildroot}%{_sysconfdir}/tmpfiles.d/mod_fcgid.conf %endif @@ -156,7 +183,7 @@ do %{_datadir}/selinux/${selinuxvariant}/fastcgi.pp &> /dev/null || : done # Fix up non-standard directory context from earlier packages -/sbin/restorecon -R %{_localstatedir}/run/mod_fcgid || : +/sbin/restorecon -R %{rundir}/mod_fcgid || : %postun selinux # Clean up after package removal @@ -166,8 +193,8 @@ if [ $1 -eq 0 ]; then /usr/sbin/semodule -s ${selinuxvariant} -r fastcgi &> /dev/null || : done # Clean up any remaining file contexts (shouldn't be any really) - [ -d %{_localstatedir}/run/mod_fcgid ] && \ - /sbin/restorecon -R %{_localstatedir}/run/mod_fcgid &> /dev/null || : + [ -d %{rundir}/mod_fcgid ] && \ + /sbin/restorecon -R %{rundir}/mod_fcgid &> /dev/null || : fi exit 0 %endif @@ -179,11 +206,16 @@ exit 0 %doc docs/manual/mod/mod_fcgid.html.en modules/fcgid/ChangeLog %doc build/fixconf.sed %{_libdir}/httpd/modules/mod_fcgid.so +%if %{httpd24} +%config(noreplace) %{_httpd_modconfdir}/fcgid.conf +%config(noreplace) %{_httpd_confdir}/fcgid.conf +%else %config(noreplace) %{_sysconfdir}/httpd/conf.d/fcgid.conf -%if 0%{?fedora} > 14 +%endif +%if 0%{?fedora} > 14 || 0%{?rhel} > 6 %{_sysconfdir}/tmpfiles.d/mod_fcgid.conf %endif -%dir %attr(0755,apache,apache) %{_localstatedir}/run/mod_fcgid/ +%dir %attr(0755,apache,apache) %{rundir}/mod_fcgid/ %if %{selinux_module} %files selinux @@ -193,6 +225,10 @@ exit 0 %endif %changelog +* Tue Mar 27 2012 Paul Howarth 2.3.6-6 +- Fix compatibility with httpd 2.4 in F-18/RHEL-7 onwards +- Use /run rather than /var/run from F-15/RHEL-7 onwards + * Sun Jan 22 2012 Paul Howarth 2.3.6-5 - Fix regression in 2.3.6 that broke process controls when using vhost-specific configuration (upstream issue 49902, #783742, CVE-2012-1181)