rpms/nginx
7
0
Fork 1
Code Issues Pull Requests Releases Activity

Make sure nginx directories are not world readable (#913724, #913735)

Browse Source
This commit is contained in:
Jamie Nguyen 2013-02-22 06:39:33 +00:00
parent 501734eb99
commit 0b5a896201
2 changed files with 16 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
nginx.spec
View File

@ -11,7 +11,7 @@
Name: nginx
Epoch: 1
Version: 1.2.7
Release: 1%{?dist}
Release: 2%{?dist}
Summary: A high performance web server and reverse proxy server
Group: System Environment/Daemons
@ -129,8 +129,9 @@ install -p -D -m 0644 %{SOURCE11} \
%{buildroot}%{_sysconfdir}/logrotate.d/nginx
install -p -d -m 0755 %{buildroot}%{nginx_confdir}/conf.d
install -p -d -m 0755 %{buildroot}%{nginx_home_tmp}
install -p -d -m 0755 %{buildroot}%{nginx_logdir}
install -p -d -m 0700 %{buildroot}%{nginx_home}
install -p -d -m 0700 %{buildroot}%{nginx_home_tmp}
install -p -d -m 0700 %{buildroot}%{nginx_logdir}
install -p -d -m 0755 %{buildroot}%{nginx_webroot}
install -p -m 0644 %{SOURCE12} \
@ -160,6 +161,12 @@ fi
%post
%systemd_post nginx.service
if [ $1 -eq 2 ]; then
# Make sure these directories are not world readable.
chmod 700 %{nginx_home}
chmod 700 %{nginx_home_tmp}
chmod 700 %{nginx_logdir}
fi
%preun
%systemd_preun nginx.service
@ -178,7 +185,6 @@ fi
%{_unitdir}/nginx.service
%dir %{nginx_confdir}
%dir %{nginx_confdir}/conf.d
%dir %{nginx_logdir}
%config(noreplace) %{nginx_confdir}/fastcgi.conf
%config(noreplace) %{nginx_confdir}/fastcgi.conf.default
%config(noreplace) %{nginx_confdir}/fastcgi_params
@ -198,11 +204,15 @@ fi
%dir %{perl_vendorarch}/auto/nginx
%{perl_vendorarch}/nginx.pm
%{perl_vendorarch}/auto/nginx/nginx.so
%attr(-,%{nginx_user},%{nginx_group}) %dir %{nginx_home}
%attr(-,%{nginx_user},%{nginx_group}) %dir %{nginx_home_tmp}
%attr(700,%{nginx_user},%{nginx_group}) %dir %{nginx_home}
%attr(700,%{nginx_user},%{nginx_group}) %dir %{nginx_home_tmp}
%attr(700,%{nginx_user},%{nginx_group}) %dir %{nginx_logdir}
%changelog
* Fri Feb 22 2013 Jamie Nguyen <jamielinux@fedoraproject.org> - 1:1.2.7-2
- make sure nginx directories are not world readable (#913724, #913735)
* Sat Feb 16 2013 Jamie Nguyen <jamielinux@fedoraproject.org> - 1:1.2.7-1
- update to upstream release 1.2.7
- add .asc file

1
sources
View File

@ -1,2 +1 @@
d252f5c689a14a668e241c744ccf5f06 nginx-1.2.7.tar.gz
ad82b6bc2d437995b9cc474d97441c9d nginx-1.2.7.tar.gz.asc