bump for security bug #212930

(Portage version: 2.1.4.4)
author: Thilo Bangert <bangert@gentoo.org> 2008-03-10 22:12:21 +0000
committer: Thilo Bangert <bangert@gentoo.org> 2008-03-10 22:12:21 +0000
commit: 5f8a8996e339899e09b650e30dcd10a895f43fc4 (patch)
tree: 6361b9f1f3bb2e4f2f1d144b04fefd4c7115219f /www-servers
parent: Remove old (diff)
download: gentoo-2-5f8a8996e339899e09b650e30dcd10a895f43fc4.tar.gz
gentoo-2-5f8a8996e339899e09b650e30dcd10a895f43fc4.tar.bz2
gentoo-2-5f8a8996e339899e09b650e30dcd10a895f43fc4.zip
7 files changed, 480 insertions, 1 deletions
diff --git a/www-servers/lighttpd/ChangeLog b/www-servers/lighttpd/ChangeLog
index 9f275e16acc6..ea2fb16e7242 100644
--- a/www-servers/lighttpd/ChangeLog
+++ b/www-servers/lighttpd/ChangeLog
@@ -1,6 +1,17 @@
 # ChangeLog for www-servers/lighttpd
 # Copyright 2000-2008 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/www-servers/lighttpd/ChangeLog,v 1.164 2008/03/04 18:51:30 dertobi123 Exp $
+# $Header: /var/cvsroot/gentoo-x86/www-servers/lighttpd/ChangeLog,v 1.165 2008/03/10 22:12:20 bangert Exp $
+
+*lighttpd-1.4.18-r3 (10 Mar 2008)
+
+  10 Mar 2008; Thilo Bangert <bangert@gentoo.org>
+  +files/1.4.18-r3/03_all_lighttpd-1.4.11-errorlog-pipe.diff,
+  +files/1.4.18-r3/04_all_lighttpd-1.4.13-deprecated-ldap-api.diff,
+  +files/1.4.18-r3/06_all_lighttpd-1.4.18-mod_cgi_source_disclosure-changese
+  t-211956.diff, +files/1.4.18-r3/05_all_lighttpd-fix-DoS.diff,
+  +files/1.4.18-r3/07_all_lighttpd-1.4.18-mod_userdir-information_disclosure
+  .diff, +lighttpd-1.4.18-r3.ebuild:
+  bump for security bug #212930
 
   04 Mar 2008; Tobias Scherbaum <dertobi123@gentoo.org>
   lighttpd-1.4.18-r2.ebuild:
diff --git a/www-servers/lighttpd/files/1.4.18-r3/03_all_lighttpd-1.4.11-errorlog-pipe.diff b/www-servers/lighttpd/files/1.4.18-r3/03_all_lighttpd-1.4.11-errorlog-pipe.diff
new file mode 100644
index 000000000000..c168eba74683
--- /dev/null
+++ b/www-servers/lighttpd/files/1.4.18-r3/03_all_lighttpd-1.4.11-errorlog-pipe.diff
@@ -0,0 +1,179 @@
+diff -ur lighttpd-1.4.11.orig/src/base.h lighttpd-1.4.11/src/base.h
+--- lighttpd-1.4.11.orig/src/base.h	2006-01-13 06:51:04.000000000 -0800
++++ lighttpd-1.4.11/src/base.h	2006-12-17 18:01:39.000000000 -0800
+@@ -505,7 +505,7 @@
+ 	
+ 	/* the errorlog */
+ 	int errorlog_fd;
+-	enum { ERRORLOG_STDERR, ERRORLOG_FILE, ERRORLOG_SYSLOG } errorlog_mode;
++	enum { ERRORLOG_STDERR, ERRORLOG_FILE, ERRORLOG_SYSLOG, ERRORLOG_PIPE } errorlog_mode;
+ 	buffer *errorlog_buf;
+ 	
+ 	fdevents *ev, *ev_ins;
+diff -ur lighttpd-1.4.11.orig/src/log.c lighttpd-1.4.11/src/log.c
+--- lighttpd-1.4.11.orig/src/log.c	2005-13-07 05:01:35.000000000 -0800
++++ lighttpd-1.4.11/src/log.c	2006-12-17 18:09:43.000000000 -0800
+@@ -34,10 +34,11 @@
+ /** 
+  * open the errorlog
+  * 
+- * we have 3 possibilities:
++ * we have 4 possibilities:
+  * - stderr (default)
+  * - syslog 
+  * - logfile
++ * - pipe
+  * 
+  * if the open failed, report to the user and die
+  * 
+@@ -57,21 +58,81 @@
+ 		srv->errorlog_mode = ERRORLOG_SYSLOG;
+ 	} else if (!buffer_is_empty(srv->srvconf.errorlog_file)) {
+ 		const char *logfile = srv->srvconf.errorlog_file->ptr;
+-		
+-		if (-1 == (srv->errorlog_fd = open(logfile, O_APPEND | O_WRONLY | O_CREAT | O_LARGEFILE, 0644))) {
+-			log_error_write(srv, __FILE__, __LINE__, "SSSS", 
+-					"opening errorlog '", logfile,
+-					"' failed: ", strerror(errno));
+-			
++
++		if (logfile[0] == '|') {
++#ifdef HAVE_FORK
++			/* create write pipe and spawn process */
++
++			int to_log_fds[2];
++			pid_t pid;
++
++			if (pipe(to_log_fds)) {
++				log_error_write(srv, __FILE__, __LINE__, "ss",
++				"pipe failed: ", strerror(errno));
++				return -1;
++			}
++
++			/* fork, execve */
++			switch (pid = fork()) {
++			case 0:
++				/* child */
++
++				close(STDIN_FILENO);
++				dup2(to_log_fds[0], STDIN_FILENO);
++				close(to_log_fds[0]);
++				/* not needed */
++				close(to_log_fds[1]);
++
++				/* we don't need the client socket */
++				for (fd = 3; fd < 256; fd++) {
++					close(fd);
++				}
++
++				/* exec the log-process (skip the | )
++				 *
++				 */
++
++				execl("/bin/sh", "sh", "-c", logfile + 1, NULL);
++				
++				log_error_write(srv, __FILE__, __LINE__, "sss",
++					"spawning log-process failed: ",
++					strerror(errno), logfile + 1);
++
++				exit(-1);
++				break;
++			case -1:
++				/* error */
++				log_error_write(srv, __FILE__, __LINE__, "ss", "fork failed:", strerror(errno));
++				break;
++			default:
++				close(to_log_fds[0]);
++
++				srv->errorlog_fd = to_log_fds[1];
++
++				break;
++			}
++			srv->errorlog_mode = ERRORLOG_PIPE;
++#else
++			log_error_write(srv, __FILE__, __LINE__, "SSS",
++				"opening errorlog '", logfile,"' impossible");
+ 			return -1;
+-		}
++#endif
++		} else {
++			if (-1 == (srv->errorlog_fd = open(logfile, O_APPEND | O_WRONLY | O_CREAT | O_LARGEFILE, 0644))) {
++				log_error_write(srv, __FILE__, __LINE__, "SSSS",
++  					"opening errorlog '", logfile,
++  					"' failed: ", strerror(errno));
++  
++				return -1;
++			}
++			srv->errorlog_mode = ERRORLOG_FILE;
++  		}
+ #ifdef FD_CLOEXEC
+-		/* close fd on exec (cgi) */
+-		fcntl(srv->errorlog_fd, F_SETFD, FD_CLOEXEC);
++  		/* close fd on exec (cgi) */
++  		fcntl(srv->errorlog_fd, F_SETFD, FD_CLOEXEC);
+ #endif
+-		srv->errorlog_mode = ERRORLOG_FILE;
+-	}
+-	
++  	}
++  
+ 	log_error_write(srv, __FILE__, __LINE__, "s", "server started");
+ 	
+ #ifdef HAVE_VALGRIND_VALGRIND_H
+@@ -99,7 +160,7 @@
+  */
+ 
+ int log_error_cycle(server *srv) {
+-	/* only cycle if we are not in syslog-mode */
++	/* only cycle if the error log is a file */
+ 	
+ 	if (srv->errorlog_mode == ERRORLOG_FILE) {
+ 		const char *logfile = srv->srvconf.errorlog_file->ptr;
+@@ -135,6 +196,7 @@
+ 	log_error_write(srv, __FILE__, __LINE__, "s", "server stopped");
+ 	
+ 	switch(srv->errorlog_mode) {
++	case ERRORLOG_PIPE: /* fall through */
+ 	case ERRORLOG_FILE:
+ 		close(srv->errorlog_fd);
+ 		break;
+@@ -154,6 +216,7 @@
+ 	va_list ap;
+ 	
+ 	switch(srv->errorlog_mode) {
++	case ERRORLOG_PIPE:
+ 	case ERRORLOG_FILE:
+ 	case ERRORLOG_STDERR:
+ 		/* cache the generated timestamp */
+@@ -238,6 +301,7 @@
+ 	va_end(ap);
+ 	
+ 	switch(srv->errorlog_mode) {
++	case ERRORLOG_PIPE: /* fall through */
+ 	case ERRORLOG_FILE:
+ 		BUFFER_APPEND_STRING_CONST(srv->errorlog_buf, "\n");
+ 		write(srv->errorlog_fd, srv->errorlog_buf->ptr, srv->errorlog_buf->used - 1);
+diff -ur lighttpd-1.4.11.orig/src/mod_cgi.c lighttpd-1.4.11/src/mod_cgi.c
+--- lighttpd-1.4.11.orig/src/mod_cgi.c	2006-02-22 05:15:10.000000000 -0800
++++ lighttpd-1.4.11/src/mod_cgi.c	2006-12-17 18:01:39.000000000 -0800
+@@ -750,7 +750,7 @@
+ 		 *
+ 		 * we feed the stderr of the CGI to our errorlog, if possible
+ 		 */
+-		if (srv->errorlog_mode == ERRORLOG_FILE) {
++		if ((srv->errorlog_mode == ERRORLOG_FILE) || (srv->errorlog_mode == ERRORLOG_PIPE)) {
+ 			close(STDERR_FILENO);
+ 			dup2(srv->errorlog_fd, STDERR_FILENO);
+ 		}
+diff -ur lighttpd-1.4.11.orig/src/mod_rrdtool.c lighttpd-1.4.11/src/mod_rrdtool.c
+--- lighttpd-1.4.11.orig/src/mod_rrdtool.c	2005-08-21 15:52:24.000000000 -0700
++++ lighttpd-1.4.11/src/mod_rrdtool.c	2006-12-17 18:01:39.000000000 -0800
+@@ -134,7 +134,7 @@
+ 		
+ 		close(STDERR_FILENO);
+ 		
+-		if (srv->errorlog_mode == ERRORLOG_FILE) {
++		if ((srv->errorlog_mode == ERRORLOG_FILE) || (srv->errorlog_mode == ERRORLOG_PIPE)) {
+ 			dup2(srv->errorlog_fd, STDERR_FILENO);
+ 			close(srv->errorlog_fd);
+ 		}
diff --git a/www-servers/lighttpd/files/1.4.18-r3/04_all_lighttpd-1.4.13-deprecated-ldap-api.diff b/www-servers/lighttpd/files/1.4.18-r3/04_all_lighttpd-1.4.13-deprecated-ldap-api.diff
new file mode 100644
index 000000000000..259ad4b279a5
--- /dev/null
+++ b/www-servers/lighttpd/files/1.4.18-r3/04_all_lighttpd-1.4.13-deprecated-ldap-api.diff
@@ -0,0 +1,10 @@
+--- lighttpd-1.4.13.old/src/Makefile.am	2006-10-09 12:19:34.000000000 -0400
++++ lighttpd-1.4.13/src/Makefile.am	2007-03-26 10:10:26.000000000 -0400
+@@ -213,6 +213,7 @@
+ mod_auth_la_SOURCES = mod_auth.c http_auth_digest.c http_auth.c
+ mod_auth_la_LDFLAGS = -module -export-dynamic -avoid-version -no-undefined
+ mod_auth_la_LIBADD = $(CRYPT_LIB) $(LDAP_LIB) $(LBER_LIB) $(common_libadd)
++mod_auth_la_CFLAGS = -DLDAP_DEPRECATED
+ 
+ lib_LTLIBRARIES += mod_rewrite.la
+ mod_rewrite_la_SOURCES = mod_rewrite.c
diff --git a/www-servers/lighttpd/files/1.4.18-r3/05_all_lighttpd-fix-DoS.diff b/www-servers/lighttpd/files/1.4.18-r3/05_all_lighttpd-fix-DoS.diff
new file mode 100644
index 000000000000..4f63be3bc04c
--- /dev/null
+++ b/www-servers/lighttpd/files/1.4.18-r3/05_all_lighttpd-fix-DoS.diff
@@ -0,0 +1,25 @@
+diff -ur lighttpd-1.4.18.orig/src/fdevent_solaris_devpoll.c lighttpd-1.4.18/src/fdevent_solaris_devpoll.c
+--- lighttpd-1.4.18.orig/src/fdevent_solaris_devpoll.c	2006-10-04 14:26:23.000000000 +0100
++++ lighttpd-1.4.18/src/fdevent_solaris_devpoll.c	2008-02-24 15:41:13.000000000 +0000
+@@ -67,7 +67,7 @@
+ 	int ret;
+ 
+ 	dopoll.dp_timeout = timeout_ms;
+-	dopoll.dp_nfds = ev->maxfds;
++	dopoll.dp_nfds = ev->maxfds - 1;
+ 	dopoll.dp_fds = ev->devpollfds;
+ 
+ 	ret = ioctl(ev->devpoll_fd, DP_POLL, &dopoll);
+diff -ur lighttpd-1.4.18.orig/src/server.c lighttpd-1.4.18/src/server.c
+--- lighttpd-1.4.18.orig/src/server.c	2007-09-05 11:39:56.000000000 +0100
++++ lighttpd-1.4.18/src/server.c	2008-02-24 15:40:38.000000000 +0000
+@@ -697,9 +697,6 @@
+ 			}
+ 		}
+ 
+-		/* #372: solaris need some fds extra for devpoll */
+-		if (rlim.rlim_cur > 10) rlim.rlim_cur -= 10;
+-
+ 		if (srv->event_handler == FDEVENT_HANDLER_SELECT) {
+ 			srv->max_fds = rlim.rlim_cur < FD_SETSIZE - 200 ? rlim.rlim_cur : FD_SETSIZE - 200;
+ 		} else {
diff --git a/www-servers/lighttpd/files/1.4.18-r3/06_all_lighttpd-1.4.18-mod_cgi_source_disclosure-changeset-211956.diff b/www-servers/lighttpd/files/1.4.18-r3/06_all_lighttpd-1.4.18-mod_cgi_source_disclosure-changeset-211956.diff
new file mode 100644
index 000000000000..45a66e179222
--- /dev/null
+++ b/www-servers/lighttpd/files/1.4.18-r3/06_all_lighttpd-1.4.18-mod_cgi_source_disclosure-changeset-211956.diff
@@ -0,0 +1,20 @@
+Index: /branches/lighttpd-1.4.x/src/mod_cgi.c
+===================================================================
+--- /branches/lighttpd-1.4.x/src/mod_cgi.c (revision 2065)
++++ /branches/lighttpd-1.4.x/src/mod_cgi.c (revision 2107)
+@@ -1005,4 +1005,5 @@
+ 		/* error */
+ 		log_error_write(srv, __FILE__, __LINE__, "ss", "fork failed:", strerror(errno));
++		return -1;
+ 		break;
+ 	default: {
+Index: /branches/lighttpd-1.4.x/NEWS
+===================================================================
+--- /branches/lighttpd-1.4.x/NEWS (revision 2106)
++++ /branches/lighttpd-1.4.x/NEWS (revision 2107)
+@@ -46,4 +46,5 @@
+   * fixed body handling of status 300 requests 
+   * spawn-fcgi: only try to connect to unix socket (not tcp) before spawning (#1575)
++  * fix sending source of cgi script instead of 500 error if fork fails
+ 
+ - 1.4.18 - 2007-09-09
diff --git a/www-servers/lighttpd/files/1.4.18-r3/07_all_lighttpd-1.4.18-mod_userdir-information_disclosure.diff b/www-servers/lighttpd/files/1.4.18-r3/07_all_lighttpd-1.4.18-mod_userdir-information_disclosure.diff
new file mode 100644
index 000000000000..df20d3f4ad48
--- /dev/null
+++ b/www-servers/lighttpd/files/1.4.18-r3/07_all_lighttpd-1.4.18-mod_userdir-information_disclosure.diff
@@ -0,0 +1,24 @@
+Index: /branches/lighttpd-1.4.x/src/mod_userdir.c
+===================================================================
+--- /branches/lighttpd-1.4.x/src/mod_userdir.c (revision 2058)
++++ /branches/lighttpd-1.4.x/src/mod_userdir.c (revision 2120)
+@@ -178,4 +178,9 @@
+ 	mod_userdir_patch_connection(srv, con, p);
+ 
++	/* enforce the userdir.path to be set in the config, ugly fix for #1587;
++	 * should be replaced with a clean .enabled option in 1.5
++	 */
++	if (p->conf.path->used == 0) return HANDLER_GO_ON;
++
+ 	uri_len = con->uri.path->used - 1;
+ 
+Index: /branches/lighttpd-1.4.x/NEWS
+===================================================================
+--- /branches/lighttpd-1.4.x/NEWS (revision 2111)
++++ /branches/lighttpd-1.4.x/NEWS (revision 2120)
+@@ -49,4 +49,5 @@
+   * fix min-procs handling in mod_scgi.c, just set to max-procs (patch from #623)
+   * fix sending "408 - Timeout" instead of "410 - Gone" for timedout urls in mod_secdownload (#1440)
++  * workaround #1587: require userdir.path to be set to enable mod_userdir (empty string allowed)
+ 
+ - 1.4.18 - 2007-09-09
diff --git a/www-servers/lighttpd/lighttpd-1.4.18-r3.ebuild b/www-servers/lighttpd/lighttpd-1.4.18-r3.ebuild
new file mode 100644
index 000000000000..09e6bacf6d8e
--- /dev/null
+++ b/www-servers/lighttpd/lighttpd-1.4.18-r3.ebuild
@@ -0,0 +1,210 @@
+# Copyright 1999-2008 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/www-servers/lighttpd/lighttpd-1.4.18-r3.ebuild,v 1.1 2008/03/10 22:12:20 bangert Exp $
+
+WANT_AUTOCONF=latest
+WANT_AUTOMAKE=latest
+inherit eutils autotools depend.php
+
+DESCRIPTION="Lightweight high-performance web server"
+HOMEPAGE="http://www.lighttpd.net/"
+SRC_URI="http://www.lighttpd.net/download/${P}.tar.bz2"
+
+LICENSE="BSD"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~sh ~sparc ~sparc-fbsd ~x86 ~x86-fbsd"
+IUSE="bzip2 doc fam fastcgi gdbm ipv6 ldap lua minimal memcache mysql pcre php rrdtool ssl test webdav xattr"
+
+RDEPEND=">=sys-libs/zlib-1.1
+	bzip2?    ( app-arch/bzip2 )
+	fam?      ( virtual/fam )
+	gdbm?     ( sys-libs/gdbm )
+	ldap?     ( >=net-nds/openldap-2.1.26 )
+	lua?      ( >=dev-lang/lua-5.1 )
+	memcache? ( dev-libs/libmemcache )
+	mysql?    ( >=virtual/mysql-4.0 )
+	pcre?     ( >=dev-libs/libpcre-3.1 )
+	php?      ( virtual/httpd-php )
+	rrdtool? ( net-analyzer/rrdtool )
+	ssl?    ( >=dev-libs/openssl-0.9.7 )
+	webdav? (
+		dev-libs/libxml2
+		>=dev-db/sqlite-3
+		sys-fs/e2fsprogs
+	)
+	xattr? ( kernel_linux? ( sys-apps/attr ) )"
+
+DEPEND="${RDEPEND}
+	doc?  ( dev-python/docutils )
+	test? (
+		virtual/perl-Test-Harness
+		dev-libs/fcgi
+	)"
+
+# update certain parts of lighttpd.conf based on conditionals
+update_config() {
+	local config="/etc/lighttpd/lighttpd.conf"
+
+	# enable php/mod_fastcgi settings
+	use php && \
+		dosed 's|#.*\(include.*fastcgi.*$\)|\1|' ${config}
+
+	# enable stat() caching
+	use fam && \
+		dosed 's|#\(.*stat-cache.*$\)|\1|' ${config}
+}
+
+# remove non-essential stuff (for USE=minimal)
+remove_non_essential() {
+	local libdir="${D}/usr/$(get_libdir)/${PN}"
+
+	# text docs
+	use doc || rm -fr "${D}"/usr/share/doc/${PF}/txt
+
+	# non-essential modules
+	rm -f \
+		${libdir}/mod_{compress,evhost,expire,proxy,scgi,secdownload,simple_vhost,status,setenv,trigger*,usertrack}.*
+
+	# allow users to keep some based on USE flags
+	use pcre    || rm -f ${libdir}/mod_{ssi,re{direct,write}}.*
+	use webdav  || rm -f ${libdir}/mod_webdav.*
+	use mysql   || rm -f ${libdir}/mod_mysql_vhost.*
+	use lua     || rm -f ${libdir}/mod_{cml,magnet}.*
+	use rrdtool || rm -f ${libdir}/mod_rrdtool.*
+
+	if ! use fastcgi ; then
+		rm -f ${libdir}/mod_fastcgi.* "${D}"/usr/bin/spawn-fcgi \
+			"${D}"/usr/share/man/man1/spawn-fcgi.*
+	fi
+}
+
+pkg_setup() {
+	if ! use pcre ; then
+		ewarn "It is highly recommended that you build ${PN}"
+		ewarn "with perl regular expressions support via USE=pcre."
+		ewarn "Otherwise you lose support for some core options such"
+		ewarn "as conditionals and modules such as mod_re{write,direct}"
+		ewarn "and mod_ssi."
+		ebeep 5
+	fi
+
+	use php && require_php_with_use cgi
+
+	enewgroup lighttpd
+	enewuser lighttpd -1 -1 /var/www/localhost/htdocs lighttpd
+}
+
+src_unpack() {
+	unpack ${A}
+	cd "${S}"
+
+	EPATCH_SUFFIX="diff" EPATCH_OPTS="-l" epatch "${FILESDIR}"/"${PVR}" || die "Patching failed!"
+
+	eautoreconf || die
+
+	# dev-python/docutils installs rst2html.py not rst2html
+	sed -i -e 's|\(rst2html\)|\1.py|g' doc/Makefile.in || \
+		die "sed doc/Makefile.in failed"
+
+	# fix typo
+	sed -i -e 's|\(output_content\)_\(type\)|\1\2|' doc/cml.txt || \
+		die "sed doc/cml.txt failed"
+}
+
+src_compile() {
+	econf --libdir=/usr/$(get_libdir)/${PN} \
+		--enable-lfs \
+		$(use_enable ipv6) \
+		$(use_with bzip2) \
+		$(use_with fam) \
+		$(use_with gdbm) \
+		$(use_with lua) \
+		$(use_with ldap) \
+		$(use_with memcache) \
+		$(use_with mysql) \
+		$(use_with pcre) \
+		$(use_with ssl openssl) \
+		$(use_with webdav webdav-props) \
+		$(use_with webdav webdav-locks) \
+		$(use_with xattr attr) \
+		|| die "econf failed"
+
+	emake || die "emake failed"
+
+	if use doc ; then
+		einfo "Building HTML documentation"
+		cd doc
+		emake html || die "failed to build HTML documentation"
+	fi
+}
+
+src_install() {
+	make DESTDIR="${D}" install || die "make install failed"
+
+	# init script stuff
+	newinitd "${FILESDIR}"/lighttpd.initd-1.4.13-r3 lighttpd || die
+	newconfd "${FILESDIR}"/lighttpd.confd lighttpd || die
+	use fam && has_version app-admin/fam && \
+		sed -i 's/after famd/need famd/g' "${D}"/etc/init.d/lighttpd
+
+	if use php || use fastcgi ; then
+		newinitd "${FILESDIR}"/spawn-fcgi.initd spawn-fcgi || die
+		newconfd "${FILESDIR}"/spawn-fcgi.confd spawn-fcgi || die
+	fi
+
+	# configs
+	insinto /etc/lighttpd
+	doins "${FILESDIR}"/conf/lighttpd.conf
+	doins "${FILESDIR}"/conf/mime-types.conf
+	doins "${FILESDIR}"/conf/mod_cgi.conf
+	newins "${FILESDIR}"/conf/mod_fastcgi.conf-1.4.13-r2 mod_fastcgi.conf
+	# Secure directory for fastcgi sockets
+	keepdir /var/run/lighttpd/
+	fperms 0750 /var/run/lighttpd/
+	fowners lighttpd:lighttpd /var/run/lighttpd/
+
+	# update lighttpd.conf directives based on conditionals
+	update_config
+
+	# docs
+	dodoc AUTHORS README NEWS ChangeLog doc/*.sh
+	newdoc doc/lighttpd.conf lighttpd.conf.distrib
+
+	use doc && dohtml -r doc/*
+
+	docinto txt
+	dodoc doc/*.txt
+
+	# logrotate
+	insinto /etc/logrotate.d
+	newins "${FILESDIR}"/lighttpd.logrotate lighttpd || die
+
+	keepdir /var/l{ib,og}/lighttpd /var/www/localhost/htdocs
+	fowners lighttpd:lighttpd /var/l{ib,og}/lighttpd
+	fperms 0750 /var/l{ib,og}/lighttpd
+
+	use minimal && remove_non_essential
+}
+
+pkg_postinst () {
+	echo
+	if [[ -f ${ROOT}etc/conf.d/spawn-fcgi.conf ]] ; then
+		einfo "spawn-fcgi is now included with lighttpd"
+		einfo "spawn-fcgi's init script configuration is now located"
+		einfo "at /etc/conf.d/spawn-fcgi."
+		echo
+	fi
+
+	if [[ -f ${ROOT}etc/lighttpd.conf ]] ; then
+		ewarn "As of lighttpd-1.4.1, Gentoo has a customized configuration,"
+		ewarn "which is now located in /etc/lighttpd.  Please migrate your"
+		ewarn "existing configuration."
+		ebeep 5
+	fi
+
+	if use fam ; then
+		einfo "Remember to re-emerge lighttpd should you switch from"
+		einfo "app-admin/famd to app-admin/gamin or vice versa."
+	fi
+	echo
+}
author	Thilo Bangert <bangert@gentoo.org>	2008-03-10 22:12:21 +0000
committer	Thilo Bangert <bangert@gentoo.org>	2008-03-10 22:12:21 +0000
commit	5f8a8996e339899e09b650e30dcd10a895f43fc4 (patch)
tree	6361b9f1f3bb2e4f2f1d144b04fefd4c7115219f /www-servers
parent	Remove old (diff)
download	gentoo-2-5f8a8996e339899e09b650e30dcd10a895f43fc4.tar.gz gentoo-2-5f8a8996e339899e09b650e30dcd10a895f43fc4.tar.bz2 gentoo-2-5f8a8996e339899e09b650e30dcd10a895f43fc4.zip