rpm/apache2
SHA256
1
0
Fork 0
forked from pool/apache2
Code Pull Requests Activity

Accepting request 316598 from Apache

Browse Source 
1

OBS-URL: https://build.opensuse.org/request/show/316598
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/apache2?expand=0&rev=108
This commit is contained in:
Stephan Kulow 2015-07-14 15:20:52 +00:00 committed by Git OBS Bridge
commit b341ded83e
29 changed files with 652 additions and 949 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
a2enflag
View File

@ -8,20 +8,26 @@
# (at your option) any later version.
sysconf=/etc/sysconfig/apache2
var=APACHE_SERVER_FLAGS
PATH="$PATH:/usr/bin:/usr/sbin:/usr/share/apache2"
debug=true
function usage() {
echo "$(basename $0): enable/disable a flag in $var in $sysconf"
echo
echo "usage: $(basename $0) [-d] flag"
#echo " $(basename $0) -h runtests"
echo
echo "HTTPD_INSTANCE=<instance_name> environment variable can be used to specify"
echo "apache instance (see README-instances.txt); sysconfig file is expected"
echo "at /etc/sysconfig/apache2@<instance_name> ."
exit 1
}
unset instance_suffix
if [ -n "$HTTPD_INSTANCE" ]; then
instance_suffix="@$HTTPD_INSTANCE"
fi
sysconf=/etc/sysconfig/apache2$instance_suffix
var=APACHE_SERVER_FLAGS
PATH="$PATH:/usr/bin:/usr/sbin:/usr/share/apache2"
if [ $# -lt 1 ]; then
usage
fi

20
a2enmod
View File

@ -8,22 +8,28 @@
# (at your option) any later version.
sysconf=/etc/sysconfig/apache2
var=APACHE_MODULES
PATH="$PATH:/usr/bin:/usr/sbin:/usr/share/apache2"
debug=true
function usage() {
echo "$(basename $0): enable/disable an apache module in $var in $sysconf"
echo
echo "usage: $(basename $0) [-d] module"
echo " $(basename $0) -l list modules"
echo " $(basename $0) -q module query if module is installed"
#echo " $(basename $0) -h runtests"
echo
echo "HTTPD_INSTANCE=<instance_name> environment variable can be used to specify"
echo "apache instance (see README-instances.txt); sysconfig file is expected"
echo "at /etc/sysconfig/apache2@<instance_name> ."
exit 1
}
unset instance_suffix
if [ -n "$HTTPD_INSTANCE" ]; then
instance_suffix="@$HTTPD_INSTANCE"
fi
sysconf=/etc/sysconfig/apache2$instance_suffix
var=APACHE_MODULES
PATH="$PATH:/usr/bin:/usr/sbin:/usr/share/apache2"
if [ $# -lt 1 ]; then
usage
fi

41
apache2-README-instances.txt Normal file
View File

@ -0,0 +1,41 @@
Dear System Administrator,
SUSE Apache package comes with the possibility to run more instances
of Apache process on one system.
As always,
sytemctl start apache2
activates default instance of the server, which expects sysconfig setting
in /etc/sysconfig/apache2. If this file is not present, or APACHE_HTTPD_CONF
in there is not set, then it requires /etc/apache2/httpd.conf.
Any other instance can be activated via
systemctl start apache2@<instancename>
for example
systemctl start apache2@myweb.org
This call tries to read /etc/sysconfig/apache2@<instancename> and if this
file is not present or APACHE_HTTPD_CONF is not set there, it requires
/etc/apache2@<instancename>/httpd.conf.
NOTES:
* /etc/sysconfig/apache2@<instancename> can hold any sysconfig variable
/etc/sysconfig/apache2 can, including module loading and MPM setting,
* default instance do not have to run when running other instances
* a2enmod, a2dismod and apachectl operates over default instance if
not specified otherwise via HTTPD_INSTANCE. For example,
export HTTPD_INSTANCE=myweb.org
a2enmod access_compat
a2enmod status
apachectl start
will add access_compat and status modules to APACHE_MODULES
variable of /etc/sysconfig/apache2@myweb.org and then starts
myweb.org instance.

27
apache2-README.default-vhost
View File

@ -1,27 +0,0 @@
# provided by ChrisWi aka chris@computersalat.de
This is a short introduction about how to use the delivered
- default-vhost.conf
- default-vhost-ssl.conf
configuration files.
When using virtual hosts (vhosts) with apache, you want to have a
"default" config which points to your default hostname (FQDN).
And when apache is reading its configs, then our "default" configs
should be read "at first".
To achieve this, you should adapt the/those config files and then
add them to the /etc/sysconfig/apache2 config like the
following example:
# /etc/sysconfig/apache2
---- snip ----
# This allows you to add e.g. VirtualHost statements without touching
# /etc/apache2/httpd.conf itself, which makes upgrading easier.
#
APACHE_CONF_INCLUDE_FILES="default-vhost.conf default-vhost-ssl.conf"
---- snip ----
This way our "default" config are read in before conf.d/* and vhosts.d/*
Have fun :)

266
apache2-default-vhost-ssl.conf
View File

@ -1,266 +0,0 @@
#
# This is the Apache server configuration file providing SSL support.
# It contains the configuration directives to instruct the server how to
# serve pages over an https connection. For detailing information about these
# directives see <URL:http://httpd.apache.org/docs/2.4/mod/mod_ssl.html>
#
# Do NOT simply read the instructions in here without understanding
# what they do. They're here only as hints or reminders. If you are unsure
# consult the online docs. You have been warned.
#
<IfDefine SSL>
<IfDefine !NOSSL>
##
## SSL Virtual Host Context
##
<VirtualHost _default_:443>
# General setup for the virtual host
ServerName dummy-host.example.com
ServerAdmin webmaster@dummy-host.example.com
ServerAlias example.com www.example.com
# DocumentRoot: The directory out of which you will serve your
# documents. By default, all requests are taken from this directory, but
# symbolic links and aliases may be used to point to other locations.
DocumentRoot "/srv/www/htdocs"
#ServerName www.example.com:443
#ServerAdmin webmaster@example.com
ErrorLog /var/log/apache2/error_log
TransferLog /var/log/apache2/access_log
# SSL Engine Switch:
# Enable/Disable SSL for this virtual host.
SSLEngine on
# SSL Protocol support:
# 4 possible values: All, SSLv2, SSLv3, TLSv1. Allow TLS and SSLv3:
# List the protocol versions which clients are allowed to
# connect with. Disable SSLv2 by default (cf. RFC 6176).
SSLProtocol all -SSLv2
# SSL Cipher Suite:
# List the ciphers that the client is permitted to negotiate.
# See the mod_ssl documentation for a complete list.
#
# Weak ciphers are disabled by default.
# Please see the documentation via the links above, and
# "openssl ciphers -v" for a complete list of ciphers that are
# available.
#
# The following default should work with openssl running in FIPS
# mode.
# OPENSSL_FORCE_FIPS_MODE=1 rcapache2 restart
# will start the web server with FIPS mode in openssl.
# For more information, please have a look at
# /usr/share/doc/packages/openssl/README-FIPS.txt from the openssl
# package.
SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5
# Speed-optimized SSL Cipher configuration:
# If speed is your main concern (on busy HTTPS servers e.g.),
# you might want to force clients to specific, performance
# optimized ciphers. In this case, prepend those ciphers
# to the SSLCipherSuite list, and enable SSLHonorCipherOrder.
# Caveat: by giving precedence to RC4-SHA and AES128-SHA
# (as in the example below), most connections will no longer
# have perfect forward secrecy - if the server's key is
# compromised, captures of past or future traffic must be
# considered compromised, too.
#SSLCipherSuite RC4-SHA:AES128-SHA:HIGH:MEDIUM:!aNULL:!MD5
#SSLHonorCipherOrder on
# Server Certificate:
# Point SSLCertificateFile at a PEM encoded certificate. If
# the certificate is encrypted, then you will be prompted for a
# pass phrase. Note that a kill -HUP will prompt again. Keep
# in mind that if you have both an RSA and a DSA certificate you
# can configure both in parallel (to also allow the use of DSA
# ciphers, etc.)
SSLCertificateFile /etc/apache2/ssl.crt/server.crt
#SSLCertificateFile /etc/apache2/ssl.crt/server-dsa.crt
# Server Private Key:
# If the key is not combined with the certificate, use this
# directive to point at the key file. Keep in mind that if
# you've both a RSA and a DSA private key you can configure
# both in parallel (to also allow the use of DSA ciphers, etc.)
SSLCertificateKeyFile /etc/apache2/ssl.key/server.key
#SSLCertificateKeyFile /etc/apache2/ssl.key/server-dsa.key
# Server Certificate Chain:
# Point SSLCertificateChainFile at a file containing the
# concatenation of PEM encoded CA certificates which form the
# certificate chain for the server certificate. Alternatively
# the referenced file can be the same as SSLCertificateFile
# when the CA certificates are directly appended to the server
# certificate for convinience.
#SSLCertificateChainFile /etc/apache2/ssl.crt/ca.crt
# Certificate Authority (CA):
# Set the CA certificate verification path where to find CA
# certificates for client authentication or alternatively one
# huge file containing all of them (file must be PEM encoded)
# Note: Inside SSLCACertificatePath you need hash symlinks
# to point to the certificate files. Use the provided
# Makefile to update the hash symlinks after changes.
#SSLCACertificatePath /etc/apache2/ssl.crt
#SSLCACertificateFile /etc/apache2/ssl.crt/ca-bundle.crt
# Certificate Revocation Lists (CRL):
# Set the CA revocation path where to find CA CRLs for client
# authentication or alternatively one huge file containing all
# of them (file must be PEM encoded)
# Note: Inside SSLCARevocationPath you need hash symlinks
# to point to the certificate files. Use the provided
# Makefile to update the hash symlinks after changes.
#SSLCARevocationPath /etc/apache2/ssl.crl
#SSLCARevocationFile /etc/apache2/ssl.crl/ca-bundle.crl
# Client Authentication (Type):
# Client certificate verification type and depth. Types are
# none, optional, require and optional_no_ca. Depth is a
# number which specifies how deeply to verify the certificate
# issuer chain before deciding the certificate is not valid.
#SSLVerifyClient require
#SSLVerifyDepth 10
# Access Control:
# With SSLRequire you can do per-directory access control based
# on arbitrary complex boolean expressions containing server
# variable checks and other lookup directives. The syntax is a
# mixture between C and Perl. See the mod_ssl documentation
# for more details.
#<Location />
#SSLRequire ( %{SSL_CIPHER} !~ m/^(EXP|NULL)/ \
# and %{SSL_CLIENT_S_DN_O} eq "Snake Oil, Ltd." \
# and %{SSL_CLIENT_S_DN_OU} in {"Staff", "CA", "Dev"} \
# and %{TIME_WDAY} >= 1 and %{TIME_WDAY} <= 5 \
# and %{TIME_HOUR} >= 8 and %{TIME_HOUR} <= 20 ) \
# or %{REMOTE_ADDR} =~ m/^192\.76\.162\.[0-9]+$/
#</Location>
# SSL Engine Options:
# Set various options for the SSL engine.
# o FakeBasicAuth:
# Translate the client X.509 into a Basic Authorisation. This means that
# the standard Auth/DBMAuth methods can be used for access control. The
# user name is the `one line' version of the client's X.509 certificate.
# Note that no password is obtained from the user. Every entry in the user
# file needs this password: `xxj31ZMTZzkVA'.
# o ExportCertData:
# This exports two additional environment variables: SSL_CLIENT_CERT and
# SSL_SERVER_CERT. These contain the PEM-encoded certificates of the
# server (always existing) and the client (only existing when client
# authentication is used). This can be used to import the certificates
# into CGI scripts.
# o StdEnvVars:
# This exports the standard SSL/TLS related `SSL_*' environment variables.
# Per default this exportation is switched off for performance reasons,
# because the extraction step is an expensive operation and is usually
# useless for serving static content. So one usually enables the
# exportation for CGI and SSI requests only.
# o StrictRequire:
# This denies access when "SSLRequireSSL" or "SSLRequire" applied even
# under a "Satisfy any" situation, i.e. when it applies access is denied
# and no other module can change it.
# o OptRenegotiate:
# This enables optimized SSL connection renegotiation handling when SSL
# directives are used in per-directory context.
#SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory "/srv/www/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
<Directory "/srv/www/htdocs">
AllowOverride None
#Options +Indexes +MultiViews +FollowSymLinks
Options -Indexes -MultiViews +FollowSymLinks
#IndexOptions FancyIndexing
#AuthName "Top Secret on dummy-host.example.com"
#AuthType Basic
#AuthUserFile /srv/www/passwd/default
#
# Controls who can get stuff from this server. The example gives access to:
# either a valid user, a user on the same system as the server, a system
# which name ends with .example.com and of which the reverse lookup of the
# IP address matches with the IP address that has been received by looking
# up that name in the DNS irrespective of any setting of HostnameLookups.
#
#<limit GET POST>
# <IfModule !mod_access_compat.c>
# <RequireAny>
# Require valid-user
# Require local
# Require host .example.com
# </RequireAny>
# </IfModule>
# <IfModule mod_access_compat.c>
# Require valid-user
# Order Deny,Allow
# Deny from All
# Allow from 127.0.0.1
# Allow from .example.com
# Satisfy any
# </IfModule>
#</limit>
</Directory>
# SSL Protocol Adjustments:
# The safe and default but still SSL/TLS standard compliant shutdown
# approach is that mod_ssl sends the close notify alert but doesn't wait for
# the close notify alert from client. When you need a different shutdown
# approach you can use one of the following variables:
# o ssl-unclean-shutdown:
# This forces an unclean shutdown when the connection is closed, i.e. no
# SSL close notify alert is send or allowed to received. This violates
# the SSL/TLS standard but is needed for some brain-dead browsers. Use
# this when you receive I/O errors because of the standard approach where
# mod_ssl sends the close notify alert.
# o ssl-accurate-shutdown:
# This forces an accurate shutdown when the connection is closed, i.e. a
# SSL close notify alert is send and mod_ssl waits for the close notify
# alert of the client. This is 100% SSL/TLS standard compliant, but in
# practice often causes hanging connections with brain-dead browsers. Use
# this only for browsers where you know that their SSL implementation
# works correctly.
# Notice: Most problems of broken clients are also related to the HTTP
# keep-alive facility, so you usually additionally want to disable
# keep-alive for those clients, too. Use variable "nokeepalive" for this.
# Similarly, one has to force some clients to use HTTP/1.0 to workaround
# their broken HTTP/1.1 implementation. Use variables "downgrade-1.0" and
# "force-response-1.0" for this.
BrowserMatch "MSIE [2-5]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
# Per-Server Logging:
# The home of a custom SSL log file. Use this when you want a
# compact non-error SSL logfile on a virtual host basis.
CustomLog /var/log/apache2/ssl_request_log ssl_combined
#
# some Rewrite stuff for sharedssl
#
#RewriteEngine on
##RewriteLog "/var/log/apache2/dummy-host.example.com-rewrite-ssl_log"
##RewriteLogLevel 3
#RewriteCond %{HTTP_HOST} ^webmail\..* [NC]
#RewriteRule ^/$ https://sharedssl.example.com/roundcube/ [L,R]
#RewriteRule ^/$ /roundcube [R]
</VirtualHost>
</IfDefine>
</IfDefine>

137
apache2-default-vhost.conf
View File

@ -1,137 +0,0 @@
#
# Almost any Apache directive may go into a VirtualHost container.
# The first VirtualHost section is used for requests without a known
# server name.
#
<VirtualHost _default_:80>
ServerName dummy-host.example.com
ServerAdmin webmaster@dummy-host.example.com
ServerAlias example.com www.example.com
# DocumentRoot: The directory out of which you will serve your
# documents. By default, all requests are taken from this directory, but
# symbolic links and aliases may be used to point to other locations.
DocumentRoot "/srv/www/htdocs"
# if not specified, the global error log is used
ErrorLog /var/log/apache2/dummy-host.example.com-error_log
CustomLog /var/log/apache2/dummy-host.example.com-access_log combined
# don't loose time with IP address lookups
HostnameLookups Off
# needed for named virtual hosts
UseCanonicalName Off
# configures the footer on server-generated documents
ServerSignature On
# Optionally, include *.conf files from /etc/apache2/conf.d/
#
# For example, to allow execution of PHP scripts:
#
# Include /etc/apache2/conf.d/mod_php4.conf
#
# or, to include all configuration snippets added by packages:
# Include /etc/apache2/conf.d/*.conf
# ScriptAlias: This controls which directories contain server scripts.
# ScriptAliases are essentially the same as Aliases, except that
# documents in the realname directory are treated as applications and
# run by the server when requested rather than as documents sent to the client.
# The same rules about trailing "/" apply to ScriptAlias directives as to
# Alias.
#
ScriptAlias /cgi-bin/ "/srv/www/cgi-bin/"
# "/srv/www/cgi-bin" should be changed to whatever your ScriptAliased
# CGI directory exists, if you have one, and where ScriptAlias points to.
#
<Directory "/srv/www/cgi-bin">
AllowOverride None
Options +ExecCGI -Includes
<IfModule !mod_access_compat.c>
Require all granted
</IfModule>
<IfModule mod_access_compat.c>
Order allow,deny
Allow from all
</IfModule>
</Directory>
# UserDir: The name of the directory that is appended onto a user's home
# directory if a ~user request is received.
#
# To disable it, simply remove userdir from the list of modules in APACHE_MODULES
# in /etc/sysconfig/apache2.
#
<IfModule mod_userdir.c>
# Note that the name of the user directory ("public_html") cannot simply be
# changed here, since it is a compile time setting. The apache package
# would have to be rebuilt. You could work around by deleting
# /usr/sbin/suexec, but then all scripts from the directories would be
# executed with the UID of the webserver.
UserDir public_html
# The actual configuration of the directory is in
# /etc/apache2/mod_userdir.conf.
Include /etc/apache2/mod_userdir.conf
# You can, however, change the ~ if you find it awkward, by mapping e.g.
# http://www.example.com/users/karl-heinz/ --> /home/karl-heinz/public_html/
#AliasMatch ^/users/([a-zA-Z0-9-_.]*)/?(.*) /home/$1/public_html/$2
</IfModule>
#
# This should be changed to whatever you set DocumentRoot to.
#
<Directory "/srv/www/htdocs">
#
# Possible values for the Options directive are "None", "All",
# or any combination of:
# Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
#
# Note that "MultiViews" must be named *explicitly* --- "Options All"
# doesn't give it to you.
#
# The Options directive is both complicated and important. Please see
# http://httpd.apache.org/docs/2.4/mod/core.html#options
# for more information.
#
Options +Indexes +MultiViews +FollowSymLinks
IndexOptions FancyIndexing
#
# AllowOverride controls what directives may be placed in .htaccess files.
# It can be "All", "None", or any combination of the keywords:
# Options FileInfo AuthConfig Limit
#
AllowOverride None
#
# Controls who can get stuff from this server.
#
<IfModule !mod_access_compat.c>
Require all granted
</IfModule>
<IfModule mod_access_compat.c>
Order allow,deny
Allow from all
</IfModule>
</Directory>
#
# some Rewrite stuff for sharedssl
#
#RewriteEngine on
##RewriteLog "/var/log/apache2/dummy-host.example.com-rewrite_log"
##RewriteLogLevel 3
#RewriteCond %{HTTP_HOST} ^sharedssl\.* [OR]
#RewriteRule ^/$ https://sharedssl.example.com/$1 [L,R]
</VirtualHost>

0
apache-find-directives → apache2-find-directives
View File

6
apache2-global.conf Normal file
View File

@ -0,0 +1,6 @@
ServerSignature off
UseCanonicalName off
ServerTokens ProductOnly
LogLevel warn
CustomLog /var/log/apache2/access_log combined

55
apache2-httpd.conf
View File

@ -24,12 +24,14 @@
# |
# |-- uid.conf . . . . . . . . . . . . . . UserID/GroupID to run under
# |-- server-tuning.conf . . . . . . . . . sizing of the server (how many processes to start, ...)
# |-- sysconfig.d/loadmodule.conf . . . . . [*] load these modules
# |-- loadmodule.conf . . . . . . . . . . . [*] load these modules
# |-- listen.conf . . . . . . . . . . . . . IP adresses / ports to listen on
# |-- mod_log_config.conf . . . . . . . . . define logging formats
# |-- sysconfig.d/global.conf . . . . . . . [*] server-wide general settings
# |-- global.conf . . . . . . . . . . . . . [*] server-wide general settings
# |-- mod_status.conf . . . . . . . . . . . restrict access to mod_status (server monitoring)
# |-- mod_info.conf . . . . . . . . . . . . restrict access to mod_info
# |-- mod_reqtimeout.conf . . . . . . . . . set timeout and minimum data rate for receiving requests
# |-- mod_cgid-timeout.conf . . . . . . . . set CGIDScriptTimeout if mod_cgid is loaded/active
# |-- mod_usertrack.conf . . . . . . . . . defaults for cookie-based user tracking
# |-- mod_autoindex-defaults.conf . . . . . defaults for displaying of server-generated directory listings
# |-- mod_mime-defaults.conf . . . . . . . defaults for mod_mime configuration
@ -40,16 +42,13 @@
# | |--mod_userdir.conf . . . . . . . . enable UserDir (if mod_userdir is loaded)
# | `--conf.d/apache2-manual?conf . . . add the docs ('?' = if installed)
# |
# |-- sysconfig.d/include.conf . . . . . . [*] your include files
# | (for each file to be included here, put its name
# | into APACHE_INCLUDE_* in /etc/sysconfig/apache2)
# |
# `-- vhosts.d/ . . . . . . . . . . . . . . for each virtual host, place one file here
# `-- *.conf . . . . . . . . . . . . . (*.conf is automatically included)
#
#
# Files marked [*] are created from sysconfig upon server restart: instead of
# these files, you edit /etc/sysconfig/apache2
# Files marked [*] are NOT read when server is started via systemd service. When server
# is started via service, defaults from /etc/sysconfig/apache2 are taken into account.
#
@ -82,10 +81,8 @@
# |-- ssl.csr/ . . . . . . . . . . . . . . PEM-encoded X.509 Certificate Signing Requests
# |-- ssl.key/ . . . . . . . . . . . . . . PEM-encoded RSA Private Keys
# |-- ssl.prm/ . . . . . . . . . . . . . . public DSA Parameter Files
# |-- sysconfig.d/ . . . . . . . . . . . . files that are created from /etc/sysconfig/apache2
# | |-- global.conf
# | |-- include.conf
# | `-- loadmodule.conf
# |-- global.conf
# |-- loadmodule.conf
# |-- uid.conf
# `-- vhosts.d/ . . . . . . . . . . . . . . put your virtual host configuration (*.conf) here
# |-- vhost-ssl.template
@ -112,8 +109,10 @@ Include /etc/apache2/server-tuning.conf
# container, that host's errors will be logged there and not here.
ErrorLog /var/log/apache2/error_log
# generated from APACHE_MODULES in /etc/sysconfig/apache2
Include /etc/apache2/sysconfig.d/loadmodule.conf
# generated from default value of APACHE_MODULES in /etc/sysconfig/apache2
<IfDefine !SYSCONFIG>
Include /etc/apache2/loadmodule.conf
</IfDefine>
# IP addresses / ports to listen on
Include /etc/apache2/listen.conf
@ -121,13 +120,29 @@ Include /etc/apache2/listen.conf
# predefined logging formats
Include /etc/apache2/mod_log_config.conf
# generated from global settings in /etc/sysconfig/apache2
Include /etc/apache2/sysconfig.d/global.conf
# generated from default values of global settings in /etc/sysconfig/apache2
<IfDefine !SYSCONFIG>
Include /etc/apache2/global.conf
</IfDefine>
# optional mod_status, mod_info
Include /etc/apache2/mod_status.conf
Include /etc/apache2/mod_info.conf
# mod_reqtimeout protects the server from the so-called "slowloris"
# attack: The server is not swamped with requests in fast succession,
# but with slowly transmitted request headers and body, thereby filling up
# the request slots until the server runs out of them.
# mod_reqtimeout is lightweight and should deliver good results
# with the configured default values. You shouldn't notice it at all.
Include /etc/apache2/mod_reqtimeout.conf
# Fix for CVE-2014-0231 introduces new configuration parameter
# CGIDScriptTimeout. This directive and its effect prevent request
# workers to be eaten until starvation if cgi programs do not send
# output back to the server within the timout set by CGIDScriptTimeout.
Include /etc/apache2/mod_cgid-timeout.conf
# optional cookie-based user tracking
# read the documentation before using it!!
Include /etc/apache2/mod_usertrack.conf
@ -189,14 +204,6 @@ DirectoryIndex index.html index.html.var
Include /etc/apache2/default-server.conf
# Another way to include your own files
#
# The file below is generated from /etc/sysconfig/apache2,
# include arbitrary files as named in APACHE_CONF_INCLUDE_FILES and
# APACHE_CONF_INCLUDE_DIRS
Include /etc/apache2/sysconfig.d/include.conf
### Virtual server configuration ############################################
#
# VirtualHost: If you want to maintain multiple domains/hostnames on your

24
apache2-loadmodule.conf Normal file
View File

@ -0,0 +1,24 @@
LoadModule actions_module /usr/lib64/apache2-prefork/mod_actions.so
LoadModule alias_module /usr/lib64/apache2-prefork/mod_alias.so
LoadModule auth_basic_module /usr/lib64/apache2-prefork/mod_auth_basic.so
LoadModule authn_file_module /usr/lib64/apache2-prefork/mod_authn_file.so
LoadModule authz_host_module /usr/lib64/apache2-prefork/mod_authz_host.so
LoadModule authz_groupfile_module /usr/lib64/apache2-prefork/mod_authz_groupfile.so
LoadModule authz_user_module /usr/lib64/apache2-prefork/mod_authz_user.so
LoadModule autoindex_module /usr/lib64/apache2-prefork/mod_autoindex.so
LoadModule cgi_module /usr/lib64/apache2-prefork/mod_cgi.so
LoadModule dir_module /usr/lib64/apache2-prefork/mod_dir.so
LoadModule env_module /usr/lib64/apache2-prefork/mod_env.so
LoadModule expires_module /usr/lib64/apache2-prefork/mod_expires.so
LoadModule include_module /usr/lib64/apache2-prefork/mod_include.so
LoadModule log_config_module /usr/lib64/apache2-prefork/mod_log_config.so
LoadModule mime_module /usr/lib64/apache2-prefork/mod_mime.so
LoadModule negotiation_module /usr/lib64/apache2-prefork/mod_negotiation.so
LoadModule setenvif_module /usr/lib64/apache2-prefork/mod_setenvif.so
LoadModule ssl_module /usr/lib64/apache2-prefork/mod_ssl.so
LoadModule socache_shmcb_module /usr/lib64/apache2-prefork/mod_socache_shmcb.so
LoadModule userdir_module /usr/lib64/apache2-prefork/mod_userdir.so
LoadModule reqtimeout_module /usr/lib64/apache2-prefork/mod_reqtimeout.so
LoadModule authn_core_module /usr/lib64/apache2-prefork/mod_authn_core.so
LoadModule authz_core_module /usr/lib64/apache2-prefork/mod_authz_core.so

15
apache2-mod_cgid-timeout.conf Normal file
View File

@ -0,0 +1,15 @@
#
# The length of time in seconds to wait for more output
# from a CGI program.
#
# This will prevent a DoS if too many CGI's don't send their output quickly
# enough.
# The value for CGIDScriptTimeout defaults to the value of Timeout.
# CGIDScriptTimeout is used by mod_cgid only!
#
<IfModule mod_cgid.c>
CGIDScriptTimeout 60
</IfModule>

115
apache2-script-helpers Normal file
View File

@ -0,0 +1,115 @@
#!/bin/bash
HTTPD_SBIN_BASE="/usr/sbin/httpd"
#
# loads sysconfig variables into environment
#
# return value in: APACHE_*
#
function load_sysconfig
{
[ -n "$sysconfig_loaded" ] && return
[ ! -f "$SYSCONFIG_FILE" ] && return
. $SYSCONFIG_FILE
export ${!APACHE_*} sysconfig_loaded=true
}
#
# finds prefered multiprocessing module
#
# return value in: HTTPD_MPM
#
function find_mpm
{
[ -n "$mpm_found" ] && return
# load sysconfig variables if they weren't yet
load_sysconfig
# try to read from sysconfig's APACHE_MPM
HTTPD_MPM=$APACHE_MPM
# if empty, then choose one from installed
if [ -z "$HTTPD_MPM" ]; then
# guess
for i in $HTTPD_SBIN_BASE-*; do
test -f $i || continue
i=$(basename $i)
i=${i#*-}
installed_mpms=(${installed_mpms[*]} $i)
done
if [ -z "${installed_mpms[*]}" ]; then
HTTPD_MPM=""
return
elif [ ${#installed_mpms[*]} = 1 ]; then
HTTPD_MPM=${installed_mpms[*]}
else
case ${installed_mpms[*]} in
*prefork*) HTTPD_MPM=prefork;;
*worker*) HTTPD_MPM=worker;;
*event*) HTTPD_MPM=event;;
esac
fi
fi
export HTTPD_MPM mpm_found=true
}
#
# search for paths for wanted modules (declared in
# APACHE_MODULES)
#
# return value in: HTTPD_MODULE_IDS
# HTTPD_MODULE_PATHS
#
function get_module_list
{
load_sysconfig
find_mpm
for module in $APACHE_MODULES; do
# special case
# remove or add 'd' on in cgi module name
case $module in mod_cgid|cgid)
case $HTTPD_MPM in prefork) module=${module%d};; esac;;
esac
case $module in mod_cgi|cgi)
case $HTTPD_MPM in event|worker) module=${module}d;; esac;;
esac
module_id=${module#mod_}_module
# special case
case $module_id in auth_mysql_module) module_id=mysql_auth_module;; esac
unset module_path
for libdir in /usr/lib64 /usr/lib; do
for filepath in $libdir/apache2-$HTTPD_MPM/mod_$module.so \
$libdir/apache2-$HTTPD_MPM/$module.so \
$libdir/apache2/mod_$module.so \
$libdir/apache2/$module.so; do
if [ -f $filepath ]; then
module_path=$filepath
break
fi
done
if [ -n "$module_path" ]; then
break
fi
done
if [ -n "$module_path" ]; then
HTTPD_MODULE_IDS="$HTTPD_MODULE_IDS $module_id"
HTTPD_MODULE_PATHS="$HTTPD_MODULE_PATHS $module_path"
fi
done
export HTTPD_MODULE_IDS
export HTTPD_MODULE_PATHS
}

10
apache2-ssl-global.conf
View File

@ -77,7 +77,15 @@
# SSL Cipher Suite:
# List the ciphers that the client is permitted to negotiate.
# See the mod_ssl documentation for a complete list.
SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5
# https://community.qualys.com/blogs/securitylabs/2013/08/05/configuring-apache-nginx-and-openssl-for-forward-secrecy
SSLCipherSuite EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH+aRSA+RC4:EECDH:EDH+aRSA:RC4:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS
# SSLHonorCipherOrder
# If SSLHonorCipherOrder is disabled, then the client's preferences
# for chosing the cipher during the TLS handshake are used.
# If set to on, then the above SSLCipherSuite is used, in the order
# given, with the first supported match on both ends.
SSLHonorCipherOrder on
# Server Certificate:
# Point SSLCertificateFile at a PEM encoded certificate. If

119
apache2.changes
View File

@ -1,3 +1,122 @@
-------------------------------------------------------------------
Tue Jul 14 07:32:00 UTC 2015 - pgajdos@suse.com
- access_compat shared also for 11sp3
-------------------------------------------------------------------
Mon Jul 13 15:14:20 UTC 2015 - pgajdos@suse.com
- apache2-implicit-pointer-decl.patch renamed to
httpd-implicit-pointer-decl.patch to align with other
patches names
-------------------------------------------------------------------
Mon Jul 13 15:12:29 UTC 2015 - pgajdos@suse.com
- apachectl is now wrapper to start_apache2; therefore, it honors
HTTPD_INSTANCE variable, see README-instances.txt for details
+ httpd-apachectl.patch
- httpd-2.4.10-apachectl.patch
-------------------------------------------------------------------
Mon Jul 13 13:37:53 UTC 2015 - pgajdos@suse.com
- a2enmod/a2dismod and a2enflag/a2disflag now respect
HTTPD_INSTANCE=<instance_name> environment variable, which can be
used to specify apache instance name; sysconfig file is expected
at /etc/sysconfig/apache2@<instance_name>
(see README-instances.txt for details)
-------------------------------------------------------------------
Mon Jul 13 11:21:43 UTC 2015 - pgajdos@suse.com
- provides suse_maintenance_mmn symbol [bnc#915666] (internal)
-------------------------------------------------------------------
Mon Jul 13 10:05:17 UTC 2015 - pgajdos@suse.com
- credits to Roman Drahtmueller:
* add reference to /etc/permissions.local to output of %post if
setting the permissions of suexec2 fails
* do not enable mod_php5 by default any longer
* httpd-2.0.49-log_server_status.dif obsoleted
* apache2-mod_ssl_npn.patch removed because not used
* include mod_reqtimeout.conf in httpd.conf
* added cgid-timeout.conf, include
it in httpd.conf
- fix default value APACHE_MODULES in sysconfig file
- %service_* macros for apache2@.service
-------------------------------------------------------------------
Mon Jul 13 09:52:21 UTC 2015 - pgajdos@suse.com
- reenable 690734.patch, it should be upstreamed by the author
(Adrian Schroeter) though
+ httpd-2.4.9-bnc690734.patch
- httpd-2.2.x-bnc690734.patch
-------------------------------------------------------------------
Mon Jul 13 09:51:34 UTC 2015 - pgajdos@suse.com
- drop startssl from start_apache2
-------------------------------------------------------------------
Wed Jul 1 09:41:31 UTC 2015 - pgajdos@suse.com
- allow to run multiple instances of Apache on one system
[fate#317786] (internal)
* distributed httpd.conf no longer includes sysconfig.d, nor this
directory is shipped. httpd.conf includes loadmodule.conf and
global.conf which are former sysconfig.d/loadmodule.conf and
sysconfig.d/global.conf for default /etc/sysconfig/apache2
global.conf and loadmodule.conf are not included when
sysconfig variables could have been read by start_apache2
startup script (run with systemd services). Therefore, when
starting server via /usr/sbin/httpd, sysconfig variables
are not taken into account.
* some not-maintained scripts are moved from
/usr/share/apache2 to /usr/share/apache2/deprecated-scripts
* all modules comment in sysconfig file is not generated
anymore
* added README-instances.txt
* removed Sources:
load_configuration
find_mpm
get_module_list
get_includes
find_httpd_includes
apache-find-directives
* added Sources:
deprecated-scripts.tar.xz
apache2-README-instances.txt
apache2-loadmodule.conf
apache2-global.conf
apache2-find-directives
apache2@.service
apache2-script-helpers
-------------------------------------------------------------------
Thu Jun 25 15:52:14 UTC 2015 - kstreitova@suse.com
- add SSLHonorCipherOrder directive to apache2-ssl-global.conf
- adopt SSLCipherSuite directive value from SLE12
- remove default-vhost-ssl.conf and default-vhost.conf from
/etc/apache2. These two files are not (!) read by the
configuration framework, but are named *.conf, which is
misleading. The files are almost identical with the vhost
templates in /etc/apache2/vhosts.d/. The two templates there do
it right because they are not named *.conf and are not sourced
either. apache's response with no explicit (eg. default, vanilla)
configuration is contained in /etc/apache2/default-server.conf.
* remove apache2-README.default-vhost as there are no
default-vhost* files anymore.
-------------------------------------------------------------------
Thu Jun 25 03:52:01 UTC 2015 - crrodriguez@opensuse.org
- apache2.service: We have to use KillMode=mixed for the
graceful stop, restart to work properly.
-------------------------------------------------------------------
Thu Jun 11 09:09:05 UTC 2015 - pgajdos@suse.com

3
apache2.service
View File

@ -6,11 +6,12 @@ Before=getty@tty1.service plymouth-quit.service xdm.service
[Service]
Type=notify
PrivateTmp=true
EnvironmentFile=/etc/sysconfig/apache2
ExecStart=/usr/sbin/start_apache2 -DSYSTEMD -DFOREGROUND -k start
ExecReload=/usr/sbin/start_apache2 -DSYSTEMD -DFOREGROUND -k graceful
ExecStop=/usr/sbin/start_apache2 -DSYSTEMD -DFOREGROUND -k graceful-stop
KillMode=mixed
[Install]
WantedBy=multi-user.target
Alias=httpd.service apache.service

140
apache2.spec
View File

@ -17,6 +17,7 @@
%define apache_mmn %(test -s %{SOURCE0} && { echo -n apache_mmn_; bzcat %{SOURCE0} | awk '/^#define MODULE_MAGIC_NUMBER_MAJOR/ {printf "%d", $3}'; })
%define suse_maintenance_mmn 0
%define default_mpm prefork
%{!?prefork:%define prefork 1}
%{!?worker:%define worker 1}
@ -46,7 +47,7 @@
%define mods_static unixd systemd
%else
%define runtimedir %{_localstatedir}/run
%define mods_static access_compat unixd
%define mods_static unixd
%endif
Name: apache2
Version: 2.4.12
@ -66,17 +67,13 @@ Source18: robots.txt
Source20: favicon.ico
Source22: apache2-README
Source23: apache2-README.QUICKSTART
Source24: apache2-README.default-vhost
Source25: gensslcert
Source26: apache2-README-access_compat.txt
Source27: %{name}.logrotate
Source28: permissions.%{name}
Source29: apache-ssl-stuff.tar.bz2
Source40: load_configuration
Source41: find_mpm
Source42: get_module_list
Source43: get_includes
Source44: find_httpd_includes
Source30: deprecated-scripts.tar.xz
Source31: apache2-README-instances.txt
# sysconf_addword is part of aaa_base.rpm starting with openSUSE 11.0
# we bring our own copy for the cases where it is not available
Source45: sysconf_addword
@ -100,27 +97,26 @@ Source111: apache2-server-tuning.conf
Source113: apache2-ssl-global.conf
Source114: apache2-mod_usertrack.conf
Source115: apache2-mod_reqtimeout.conf
Source116: apache2-loadmodule.conf
Source117: apache2-global.conf
Source118: apache2-mod_cgid-timeout.conf
Source130: apache2-vhost.template
Source131: apache2-vhost-ssl.template
Source132: apache2-default-vhost.conf
Source133: apache2-default-vhost-ssl.conf
Source140: apache2-check_forensic
Source141: apache-22-24-upgrade
Source142: start_apache2
Source143: apache2-systemd-ask-pass
Source144: apache2.service
Source145: apache-find-directives
Source145: apache2-find-directives
Source146: apache2@.service
Source147: apache2-script-helpers
Patch2: httpd-2.1.3alpha-layout.dif
Patch23: httpd-2.4.10-apachectl.patch
#Patch65: httpd-2.0.49-log_server_status.dif
Patch23: httpd-apachectl.patch
Patch66: httpd-2.0.54-envvars.dif
Patch67: httpd-2.2.0-apxs-a2enmod.dif
Patch68: httpd-2.x.x-logresolve.patch
Patch69: httpd-2.2.x-bnc690734.patch
Patch70: apache2-implicit-pointer-decl.patch
# PATCH-FEATURE-UPSTREAM apache2-mod_ssl_npn.patch dimstar@opensuse.org -- Add npn support to mod_ssl (needed for spdy)
#Patch108: apache2-mod_ssl_npn.patch
#Provides: apache2(mod_ssl+npn)
Patch69: httpd-2.4.9-bnc690734.patch
Patch70: httpd-implicit-pointer-decl.patch
# PATCH-FEATURE-UPSTREAM httpd-2.4.3-mod_systemd.patch crrodriguez@opensuse.org simple module provides systemd integration.
Patch109: httpd-2.4.3-mod_systemd.patch
Patch111: httpd-visibility.patch
@ -153,6 +149,7 @@ Requires(post): sed
Requires(post): textutils
Recommends: apache2-%{default_mpm}
Provides: %{apache_mmn}
Provides: suse_maintenance_mmn = %{suse_maintenance_mmn}
Provides: http_daemon
Provides: httpd
Provides: suse_help_viewer
@ -189,7 +186,7 @@ Summary: Apache 2 worker MPM (Multi-Processing Module)
Group: Productivity/Networking/Web/Servers
Requires: %{name} = %{version}
Provides: %{name}-MPM
# the post scriptlet executes /usr/share/apache2/get_module_list
# the post scriptlet sources /usr/share/apache2/script-helpers
Requires(post): %{name} = %{version}
%endif
@ -200,7 +197,7 @@ Group: Productivity/Networking/Web/Servers
Requires: %{name} = %{version}
Provides: %{name}-MPM
Provides: apache:%{_sbindir}/httpd
# the post scriptlet executes /usr/share/apache2/get_module_list
# the post scriptlet sources /usr/share/apache2/script-helpers
Requires(post): %{name} = %{version}
%endif
@ -210,7 +207,7 @@ Summary: Apache 2 event MPM (Multi-Processing Module)
Group: Productivity/Networking/Web/Servers
Requires: %{name} = %{version}
Provides: %{name}-MPM
# the post scriptlet executes /usr/share/apache2/get_module_list
# the post scriptlet sources /usr/share/apache2/script-helpers
Requires(post): %{name} = %{version}
%endif
@ -294,16 +291,14 @@ Utilities provided by the Apache 2 Web Server project which are useful
to administrators of web servers in general.
%prep
%setup -q -n httpd-%{version}
%setup -q -n httpd-%{version} -a30
%patch2 -p1
%patch23 -p1
#%patch65 -p1
%patch23
%patch66 -p1
%patch67 -p1
%patch68 -p1
#%patch69
%patch69
%patch70 -p1
#%patch108 -p1
# Systemd module enabling patch
%if 0%{?suse_version} >= 1210
%patch109 -p1
@ -317,8 +312,8 @@ a=$(basename %{SOURCE22})
cp %{SOURCE22} ./${a##%{name}-}
b=$(basename %{SOURCE23})
cp %{SOURCE23} ./${b##%{name}-}
c=$(basename %{SOURCE24})
cp %{SOURCE24} ./${c##%{name}-}
c=$(basename %{SOURCE31})
cp %{SOURCE31} ./${c##%{name}-}
d=$(basename %{SOURCE26})
cp %{SOURCE26} ./${d##%{name}-}
@ -518,7 +513,7 @@ install -m 755 support/logresolve.pl %{buildroot}/%{_sbindir}/
mkdir -p %{buildroot}%{_sysconfdir}/logrotate.d
install -m 644 $RPM_SOURCE_DIR/%{name}.logrotate %{buildroot}%{_sysconfdir}/logrotate.d/%{name}
install -m 755 $RPM_SOURCE_DIR/apache2-check_forensic %{buildroot}/%{_bindir}/check_forensic
install -m 755 $RPM_SOURCE_DIR/apache-find-directives %{buildroot}/%{_bindir}/
install -m 755 $RPM_SOURCE_DIR/apache2-find-directives %{buildroot}/%{_bindir}/
#
# xml stuff
install -d %{buildroot}%{_datadir}/omc/svcinfo.d/
@ -529,25 +524,21 @@ install -m 755 %{SOURCE25} %{buildroot}/%{_bindir}/
tar xjf %{SOURCE29} -C %{buildroot}/%{sysconfdir}
#
# init script and friends
install -m 700 $RPM_SOURCE_DIR/start_apache2 %{buildroot}%{_sbindir}/
install -m 644 $RPM_SOURCE_DIR/apache2-script-helpers %{buildroot}/%{_datadir}/%{name}/script-helpers
install -m 744 $RPM_SOURCE_DIR/start_apache2 %{buildroot}%{_sbindir}/
%if 0%{?suse_version} >= 1210
mkdir -p %{buildroot}%{_unitdir}/
install -m 700 $RPM_SOURCE_DIR/apache2-systemd-ask-pass %{buildroot}%{_sbindir}/
install -m 644 $RPM_SOURCE_DIR/apache2.service %{buildroot}%{_unitdir}/
install -m 644 $RPM_SOURCE_DIR/apache2@.service %{buildroot}%{_unitdir}/
ln -sf service %{buildroot}/%{_sbindir}/rcapache2
%else
mkdir -p %{buildroot}%{_sysconfdir}/init.d
install -m 744 $RPM_SOURCE_DIR/rc.%{name} %{buildroot}%{_initddir}/%{name}
ln -sf ../..%{_initddir}/%{name} %{buildroot}/%{_sbindir}/rcapache2
%endif
install -m 755 $RPM_SOURCE_DIR/load_configuration %{buildroot}/%{_datadir}/%{name}/
install -m 755 $RPM_SOURCE_DIR/find_mpm %{buildroot}/%{_datadir}/%{name}/
install -m 755 $RPM_SOURCE_DIR/get_includes %{buildroot}/%{_datadir}/%{name}/
install -m 755 $RPM_SOURCE_DIR/find_httpd_includes %{buildroot}/%{_datadir}/%{name}/
cp -r deprecated-scripts %{buildroot}/%{_datadir}/%{name}/
install -m 755 $RPM_SOURCE_DIR/apache-22-24-upgrade %{buildroot}/%{_datadir}/%{name}/
sed 's+%{_prefix}/lib+%{_libdir}+' $RPM_SOURCE_DIR/get_module_list \
> %{buildroot}/%{_datadir}/%{name}/get_module_list
chmod 755 %{buildroot}/%{_datadir}/%{name}/get_module_list
install -m 755 $RPM_SOURCE_DIR/sysconf_addword %{buildroot}/%{_datadir}/%{name}/
install -m 755 $RPM_SOURCE_DIR/a2enflag %{buildroot}/%{_sbindir}
ln -s a2enflag %{buildroot}/%{_sbindir}/a2disflag
@ -555,28 +546,21 @@ install -m 755 $RPM_SOURCE_DIR/a2enmod %{buildroot}/%{_sbindir}
ln -s a2enmod %{buildroot}/%{_sbindir}/a2dismod
#
# directories for files from other packages and other configuration
for i in vhosts.d sysconfig.d; do
mkdir -p %{buildroot}/%{sysconfdir}/$i
done
mkdir -p %{buildroot}/%{sysconfdir}/vhosts.d
#
# make list of all modules, and install sysconfig template
for i in $(find %{buildroot}/%{libexecdir}-%{default_mpm} -name "*.so" | sort); do
modname=${i#*mod_}; modname=${modname%.so}
modname=${modname##*lib}
all_modules="$all_modules $modname"
done
all_modules=$(echo $all_modules | fmt | sed 's/\(.*\)/# \1\\/')
sed "s+@@all_modules@@+$all_modules +" $RPM_SOURCE_DIR/sysconfig.%{name} \
> %{buildroot}/%{_var}/adm/fillup-templates/sysconfig.%{name}
# install sysconfig template
install -m 644 $RPM_SOURCE_DIR/sysconfig.%{name} \
%{buildroot}/%{_var}/adm/fillup-templates/sysconfig.%{name}
#
# install configuration files:
mkdir -p %{buildroot}/%{runtimedir}
touch %{buildroot}/%{sysconfdir}/sysconfig.d/include.conf
mkdir -p %{buildroot}/%{sysconfdir}/conf.d
for i in default-server.conf \
errors.conf \
global.conf \
httpd.conf \
listen.conf \
loadmodule.conf \
mod_autoindex-defaults.conf \
mod_info.conf \
mod_log_config.conf \
@ -585,6 +569,8 @@ for i in default-server.conf \
mod_userdir.conf \
mod_usertrack.conf \
server-tuning.conf \
mod_reqtimeout.conf \
mod_cgid-timeout.conf \
ssl-global.conf
do
install -m 644 $RPM_SOURCE_DIR/apache2-$i %{buildroot}/%{sysconfdir}/$i
@ -608,11 +594,6 @@ done
install -m 644 %{SOURCE130} %{buildroot}/%{sysconfdir}/vhosts.d/vhost.template
install -m 644 %{SOURCE131} %{buildroot}/%{sysconfdir}/vhosts.d/vhost-ssl.template
install -m 644 %{SOURCE104} %{buildroot}/%{sysconfdir}/conf.d/manual.conf
# install default vhost
dvh=$(basename %{SOURCE132})
install -m 644 %{SOURCE132} %{buildroot}/%{sysconfdir}/${dvh##%{name}-}
dvhs=$(basename %{SOURCE133})
install -m 644 %{SOURCE133} %{buildroot}/%{sysconfdir}/${dvhs##%{name}-}
# for mod_auth_ldap
install -m 644 docs/conf/charset.conv %{buildroot}/%{sysconfdir}/
@ -727,7 +708,11 @@ rm -r %{buildroot}/%{sysconfdir}/extra # it is already in the documentation di
# and validate httpd.conf file
#
pushd %{buildroot}/%{sysconfdir}
for i in *.conf; do cp $i $i.test; done
for i in *.conf; do
# loadmodule.conf.test will be created later
[ "$i" == loadmodule.conf ] && continue
cp $i $i.test;
done
sed -e 's+%{_libdir}+'%{buildroot}'%{_libdir}+' \
-e 's+%{_localstatedir}/run+'%{buildroot}'%{_localstatedir}/run+' \
-e 's+%{sysconfdir}+'%{buildroot}'%{sysconfdir}+' \
@ -737,24 +722,24 @@ sed -e 's+%{_libdir}+'%{buildroot}'%{_libdir}+' \
httpd.conf > httpd.conf.test
sed -e 's+%{sysconfdir}+'%{buildroot}'%{sysconfdir}+' \
default-server.conf > default-server.conf.test
touch sysconfig.d/global.conf.test
touch sysconfig.d/include.conf.test
sed -i 's+%{_localstatedir}/log+'%{buildroot}'%{_localstatedir}/log+' \
global.conf.test
popd
pushd %{buildroot}
for i in $(export LC_ALL=C; find .%{libexecdir}-%{default_mpm} -name "*.so" | sort); do
mod_id=${i#*mod_}; mod_id=${mod_id%.so}_module
mod_path=
echo LoadModule $mod_id %{buildroot}/${i#.} >> .%{sysconfdir}/sysconfig.d/loadmodule.conf.test
echo LoadModule $mod_id %{buildroot}/${i#.} >> .%{sysconfdir}/loadmodule.conf.test
done
# auth_ldap_module needs to be loaded after ldap_module
echo -e "/authnz_ldap\n+\n-m/ldap\nwq" | ed -s ./%{sysconfdir}/sysconfig.d/loadmodule.conf.test
echo -e "/authnz_ldap\n+\n-m/ldap\nwq" | ed -s ./%{sysconfdir}/loadmodule.conf.test
popd
LD_LIBRARY_PATH=%{buildroot}%{_libdir} \
%{buildroot}/%{_sbindir}/httpd-%{default_mpm} \
-e debug -t -f %{buildroot}/%{sysconfdir}/httpd.conf.test || exit 1
rm %{buildroot}/%{sysconfdir}/*.test
rm %{buildroot}/%{sysconfdir}/sysconfig.d/*
mv %{buildroot}/%{sysconfdir}/original .
%files -f filelist
@ -771,8 +756,6 @@ mv %{buildroot}/%{sysconfdir}/original .
%doc robots.txt
%doc printenv
%doc test-cgi
#%doc httpd-std.conf-*
#%doc ssl-std.conf
%doc httpd.conf.default
%doc original
%attr(750,root,root) %dir %{logfiledir}
@ -792,11 +775,11 @@ mv %{buildroot}/%{sysconfdir}/original .
%{sysconfdir}/ssl.*/README*
%dir %{sysconfdir}/conf.d
%dir %{sysconfdir}/vhosts.d
%dir %{sysconfdir}/sysconfig.d
%config(noreplace) %{_sysconfdir}/logrotate.d/%{name}
%{_datadir}/omc/svcinfo.d/apache2.xml
%if 0%{?suse_version} >= 1210
%{_unitdir}/apache2.service
%{_unitdir}/apache2@.service
%{_sbindir}/apache2-systemd-ask-pass
%else
%{_initddir}/%{name}
@ -823,11 +806,8 @@ mv %{buildroot}/%{sysconfdir}/original .
%dir %{installbuilddir}
%dir %{_datadir}/%{name}
%{_datadir}/%{name}/apache-22-24-upgrade
%{_datadir}/%{name}/get_module_list
%{_datadir}/%{name}/get_includes
%{_datadir}/%{name}/find_httpd_includes
%{_datadir}/%{name}/find_mpm
%{_datadir}/%{name}/load_configuration
%{_datadir}/%{name}/deprecated-scripts
%{_datadir}/%{name}/script-helpers
%{_datadir}/%{name}/sysconf_addword
%config %{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/%{name}
%config %{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/%{name}-ssl
@ -1240,7 +1220,7 @@ mv %{buildroot}/%{sysconfdir}/original .
%{_bindir}/check_forensic2
%{_bindir}/dbmmanage
%{_bindir}/dbmmanage2
%{_bindir}/apache-find-directives
%{_bindir}/apache2-find-directives
%{_bindir}/gensslcert
%{_bindir}/htdbm
%{_bindir}/htdbm2
@ -1264,30 +1244,41 @@ mv %{buildroot}/%{sysconfdir}/original .
%if %{prefork}
%post prefork
%{_datadir}/%{name}/get_module_list >/dev/null 2>&1
# install /usr/sbin/httpd
. /usr/share/apache2/script-helpers
find_mpm
ln -sf $HTTPD_SBIN_BASE-$HTTPD_MPM $HTTPD_SBIN_BASE
exit 0
%endif
%if %{worker}
%post worker
%{_datadir}/%{name}/get_module_list >/dev/null 2>&1
# install /usr/sbin/httpd
. /usr/share/apache2/script-helpers
find_mpm
ln -sf $HTTPD_SBIN_BASE-$HTTPD_MPM $HTTPD_SBIN_BASE
exit 0
%endif
%if %{event}
%post event
%{_datadir}/%{name}/get_module_list >/dev/null 2>&1
# install /usr/sbin/httpd
. /usr/share/apache2/script-helpers
find_mpm
ln -sf $HTTPD_SBIN_BASE-$HTTPD_MPM $HTTPD_SBIN_BASE
exit 0
%endif
%pre
%if 0%{?suse_version} >= 1210
%service_add_pre apache2.service
%service_add_pre apache2@.service
%endif
%preun
%if 0%{?suse_version} >= 1210
%service_del_preun apache2.service
%service_del_preun apache2@.service
%endif
for i in %{_sbindir}/httpd \
%{installbuilddir}/config_vars.mk
@ -1299,6 +1290,7 @@ exit 0
%postun
%if 0%{?suse_version} >= 1210
%service_del_postun apache2.service
%service_del_postun apache2@.service
%else
%insserv_cleanup
%endif
@ -1307,7 +1299,7 @@ exit 0
%if 0%{?suse_version} <= 1130
%run_permissions
%else
%set_permissions %{_sbindir}/suexec
%set_permissions %{_sbindir}/suexec || echo "Please check /etc/permissions.local for settings of /usr/sbin/suexec2 ."
%endif
# wwwadmin group existed in past remove after openSUSE-13.2 out of support scope
if grep -q "^wwwadmin:" %{_sysconfdir}/group; then
@ -1324,6 +1316,7 @@ fi
%{fillup_only apache2}
%if 0%{?suse_version} >= 1210
%service_add_post apache2.service
%service_add_post apache2@.service
%else
%{fillup_and_insserv apache2}
%endif
@ -1354,7 +1347,6 @@ if [ $1 -gt 1 ] ; then
fi
rm -rf $tmpdir
%{_datadir}/%{name}/get_module_list >/dev/null 2>&1
exit 0
%posttrans

18
apache2@.service Normal file
View File

@ -0,0 +1,18 @@
[Unit]
Description=The Apache Webserver %I
After=network.target nss-lookup.target time-sync.target
Before=getty@tty1.service plymouth-quit.service xdm.service
[Service]
Type=notify
PrivateTmp=true
Environment="HTTPD_INSTANCE=%i"
ExecStart=/usr/sbin/start_apache2 -DSYSTEMD -DFOREGROUND -k start
ExecReload=/usr/sbin/start_apache2 -DSYSTEMD -DFOREGROUND -k graceful
ExecStop=/usr/sbin/start_apache2 -DSYSTEMD -DFOREGROUND -k graceful-stop
KillMode=mixed
[Install]
WantedBy=multi-user.target
Alias=httpd@.service apache@.service

3
deprecated-scripts.tar.xz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:0089226f95d2caac8a06128aaa45170aaf84c79101c2ea7a64f9422b4176766a
size 3252

31
find_httpd_includes
View File

@ -1,31 +0,0 @@
#!/bin/bash
# Read the configuration (recursing through all include files)
. /usr/share/apache2/load_configuration
: ${sysconfdir:=/etc/apache2}
httpd_conf=${APACHE_HTTPD_CONF:-$sysconfdir/httpd.conf}
find_include_files () {
local found i
found=$(awk '/^[[:space:]]*Include/ { print $2 }' $1 2>/dev/null)
for i in $found; do
case $i in
*\**)
# filter filenames that are unexpanded, in the lack of a match,
# like /etc/apache2/conf.d/*.conf
;;
*)
conffiles="$conffiles $i"
find_include_files $i
;;
esac
done
}
find_include_files $httpd_conf
#echo $httpd_conf $conffiles
echo $conffiles
exit 0

48
find_mpm
View File

@ -1,48 +0,0 @@
#!/bin/bash
: ${apache_link:=/usr/sbin/httpd}
. /usr/share/apache2/load_configuration
if ! ${mpm_set:=false}; then
if [ -z "$APACHE_MPM" ]; then
# guess
for i in $r/$apache_link-*; do
test -f $i || continue
i=$(basename $i)
i=${i#*-}
installed_mpms=(${installed_mpms[*]} $i)
done
if [ -z "${installed_mpms[*]}" ]; then
echo >&2 ${warn}Apache binary ${apache_link#*-} not found. No MPM package installed? $norm
echo >&2 Hint: install the apache2-prefork package, and try again.
fi
if [ ${#installed_mpms[*]} = 1 ]; then
APACHE_MPM=${installed_mpms[*]}
else
case ${installed_mpms[*]} in
*prefork*) APACHE_MPM=prefork;;
*worker*) APACHE_MPM=worker;;
*event*) APACHE_MPM=event;;
*leader*) APACHE_MPM=leader;;
*metuxmpm*) APACHE_MPM=metuxmpm;;
*threadpool*) APACHE_MPM=threadpool;;
*itk*) APACHE_MPM=itk;;
esac
fi
fi
if [ -x $apache_link-$APACHE_MPM ]; then
ln -sf $apache_link-$APACHE_MPM $apache_link
ln -sf $apache_link-$APACHE_MPM ${apache_link}2
echo $apache_link-$APACHE_MPM
else
echo >&2 ${warn}$apache_link-$APACHE_MPM is not a valid httpd binary.
echo >&2 Check your APACHE_MPM setting.$norm
exit 1
fi
export APACHE_MPM mpm_set=true
fi

45
get_includes
View File

@ -1,45 +0,0 @@
#!/bin/bash
pname=apache2
: ${sysconfdir:=/etc/$pname}
: ${sysconfig_apache:=/etc/sysconfig/$pname}
test -z "$APACHE_MODULES" && . /usr/share/$pname/load_configuration
apache_bin=$(/usr/share/$pname/find_mpm 2>/dev/null)
APACHE_MPM=${apache_bin##*-}
if [ -z "$APACHE_MPM" ]; then
echo >&2 Warning: no MPM found. Some modules are dependant on the type of MPM.
fi
#echo -n writing sysconfig.d/include.conf
exec 3>$sysconfdir/sysconfig.d/include.conf
echo >&3 "#
# This file is created at apache start time by /usr/sbin/rc$pname. Do not edit it!
#
# as listed in APACHE_INCLUDE_* ($sysconfig_apache)
"
for file in $APACHE_CONF_INCLUDE_FILES; do
test ${file:0:1} = / || file=$sysconfdir/$file
if [ -e $file ]; then
echo >&3 Include $file
else
echo >&2 File $file from APACHE_CONF_INCLUDE_FILES not found. Ignored.
fi
done
# here, we do not want to use globbing. apache will do it
set -o noglob
for dir in $APACHE_CONF_INCLUDE_DIRS; do
test ${dir:0:1} = / || dir=$sysconfdir/$dir
if [ -d $dir -o -d /$(dirname $dir) ]; then
echo >&3 Include $dir
else
echo >&2 Directory $dir from APACHE_CONF_INCLUDE_DIRS not found. Ignored.
fi
done
set +o noglob
echo >&3 -e "#\n"
exec 3<&-
#echo -n ". "

163
get_module_list
View File

@ -1,163 +0,0 @@
#!/bin/bash
pname=apache2
: ${sysconfdir:=/etc/$pname}
: ${sysconfig_apache:=/etc/sysconfig/$pname}
default_APACHE_DOCUMENT_ROOT=/srv/www/htdocs
test -z "$APACHE_MODULES" && . /usr/share/$pname/load_configuration
apache_bin=$(/usr/share/$pname/find_mpm 2>/dev/null)
APACHE_MPM=${apache_bin##*-}
if [ -z "$APACHE_MPM" ]; then
echo >&2 Warning: no MPM found. Some modules are dependant on the type of MPM.
fi
if [ "$1" = -q ]; then
quiet=true
else
quiet=false
fi
#echo -n writing sysconfig.d/loadmodule.conf
TMPFILE=`/bin/mktemp /tmp/$pname.XXXXXXXXXXXX`
if [ -z "$TMPFILE" ]; then
echo >&2 Error: could not create temporary file for writing loadmodules.conf.
exit 1
fi
exec 3>$TMPFILE
echo >&3 "#
# Files in this directory are created at apache start time by /usr/sbin/rc$pname
# Do not edit them!
#
# as listed in APACHE_MODULES ($sysconfig_apache)
"
test -z "$APACHE_MODULES" && APACHE_MODULES=$LOADMODULES
# see whether APACHE_MODULES is declared as array (it was so, in the past)
# if it is not an array, we convert it to one.
if [[ -z ${APACHE_MODULES[1]} ]]; then
# strip leading and trailing parens... since it might erroneously be written as
# APACHE_MODULES="(asdf 1234)"
APACHE_MODULES=${APACHE_MODULES/(}; APACHE_MODULES=${APACHE_MODULES/)}
APACHE_MODULES=($APACHE_MODULES)
fi
for i in ${APACHE_MODULES[*]}; do
unset module_path module_id
case $i in mod_cgid|cgid) case $APACHE_MPM in prefork|leader|itk) i=${i%d};; esac;; esac
case $i in mod_cgi|cgi) case $APACHE_MPM in event|worker) i=${i}d;; esac;; esac
module_id=${i##*/}
module_id=${module_id#mod_}
module_id=${module_id#lib}
module_id=${module_id%.so}_module
# special case
case $module_id in auth_mysql_module) module_id=mysql_auth_module;; esac
case $i in
/*)
module_path=$i
;;
*)
for j in /usr/lib/$pname-$APACHE_MPM/mod_$i.so \
/usr/lib/$pname-$APACHE_MPM/$i.so \
/usr/lib/$pname-$APACHE_MPM/mod_$i \
/usr/lib/$pname-$APACHE_MPM/$i \
/usr/lib/$pname-$APACHE_MPM/${i/mod_}.so \
/usr/lib/$pname-$APACHE_MPM/${i/mod_} \
/usr/lib/$pname-$APACHE_MPM/lib${i/mod_}.so \
/usr/lib/$pname-$APACHE_MPM/lib${i/mod_} \
/usr/lib/$pname-$APACHE_MPM/lib$i.so \
/usr/lib/$pname-$APACHE_MPM/lib$i \
/usr/lib/$pname/mod_$i.so \
/usr/lib/$pname/$i.so \
/usr/lib/$pname/mod_$i \
/usr/lib/$pname/$i \
/usr/lib/$pname/${i/mod_}.so \
/usr/lib/$pname/${i/mod_} \
/usr/lib/$pname/lib${i/mod_}.so \
/usr/lib/$pname/lib${i/mod_} \
/usr/lib/$pname/lib$i.so \
/usr/lib/$pname/lib$i
do
if [ -f $j ]; then
module_path=$j
break
fi
done
;;
esac
if [[ -f $module_path ]]; then
printf "LoadModule %-30s %s\n" $module_id $module_path >&3
else
# print a warning?
# php modules are in the list by default, so we don't warn about it [#66729]
if ! $quiet && [ $i != "php4" -a $i != "php5" ]; then
echo >&2 "Module \"$i\" is not installed, ignoring."
echo >&2 "Check the APACHE_MODULES setting in /etc/sysconfig/$pname."
fi
fi
done
echo >&3 -e "#\n"
exec 3<&-
chmod 644 $TMPFILE
if ! mv -Z $TMPFILE $sysconfdir/sysconfig.d/loadmodule.conf 2>/dev/null; then
mv $TMPFILE $sysconfdir/sysconfig.d/loadmodule.conf
if selinuxenabled; then
restorecon $sysconfdir/sysconfig.d/loadmodule.conf
fi
fi
#echo -n ". "
#echo -n writing sysconfig.d/global.conf
exec 3>$sysconfdir/sysconfig.d/global.conf
echo >&3 "#
# Files in this directory are created at apache start time by /usr/sbin/rc$pname
# Do not edit them!
#
# see $sysconfig_apache
"
if [[ -n $APACHE_DOCUMENT_ROOT ]]; then
echo >&3 "DocumentRoot $APACHE_DOCUMENT_ROOT"
# else
# if ! grep -q "^DocumentRoot" $sysconfdir/httpd.conf 2>/dev/null; then
# echo >&3 "DocumentRoot $default_APACHE_DOCUMENT_ROOT"
# fi
fi
[[ -n $APACHE_TIMEOUT ]] && echo >&3 "Timeout $APACHE_TIMEOUT"
if [[ -n $APACHE_SERVERSIGNATURE ]]; then
case $APACHE_SERVERSIGNATURE in
no) APACHE_SERVERSIGNATURE=off;;
yes) APACHE_SERVERSIGNATURE=on;;
esac
echo >&3 "ServerSignature $APACHE_SERVERSIGNATURE"
fi
[[ -n $APACHE_SERVERADMIN ]] && echo >&3 "ServerAdmin $APACHE_SERVERADMIN"
[[ -n $APACHE_SERVERNAME ]] && echo >&3 "ServerName $APACHE_SERVERNAME"
[[ -n $APACHE_USE_CANONICAL_NAME ]] && echo >&3 "UseCanonicalName $APACHE_USE_CANONICAL_NAME"
[[ -n $APACHE_SERVERTOKENS ]] && echo >&3 "ServerTokens $APACHE_SERVERTOKENS"
[[ $APACHE_EXTENDED_STATUS = on ]] && echo -e >&3 "<IfModule mod_status.c>\n ExtendedStatus on\n</IfModule>"
[[ $APACHE_BUFFERED_LOGS = on ]] && echo >&3 "BufferedLogs on"
[[ -n $APACHE_LOGLEVEL ]] && echo >&3 "LogLevel $APACHE_LOGLEVEL"
if [[ -n $APACHE_ACCESS_LOG ]]; then
# split multiple entries
APACHE_ACCESS_LOG=($APACHE_ACCESS_LOG)
for ((i=0; $i<${#APACHE_ACCESS_LOG[*]}; i=i+2)); do
filename=${APACHE_ACCESS_LOG[$i]}
format=${APACHE_ACCESS_LOG[$i+1]}
echo >&3 "CustomLog $filename ${format/%,}"
done
fi
exec 3<&-
#echo -n ". "

56
httpd-2.4.10-apachectl.patch
View File

@ -1,56 +0,0 @@
diff -Ndurp httpd-2.4.10/support/apachectl.in httpd-2.4.10-apachectl/support/apachectl.in
--- httpd-2.4.10/support/apachectl.in 2012-02-01 05:47:28.000000000 +0200
+++ httpd-2.4.10-apachectl/support/apachectl.in 2014-10-18 19:18:51.203692588 +0300
@@ -42,17 +42,32 @@ ARGV="$@"
# -------------------- --------------------
#
# the path to your httpd binary, including options if necessary
-HTTPD='@exp_sbindir@/@progname@'
+HTTPD='@exp_sbindir@/httpd'
#
# pick up any necessary environment variables
if test -f @exp_sbindir@/envvars; then
. @exp_sbindir@/envvars
fi
+
+pname=apache2
+sysconfig_apache=/etc/sysconfig/$pname
+sysconfdir=/etc/$pname
+
+test -s $sysconfig_apache && . $sysconfig_apache
+httpd_conf=${APACHE_HTTPD_CONF:-$sysconfdir/httpd.conf}
+
#
# a command that outputs a formatted text version of the HTML at the
# url given on the command line. Designed for lynx, however other
# programs may work.
-LYNX="@LYNX_PATH@ -dump"
+
+if [ -x "`which w3m`" ]; then
+ LYNX="w3m -dump -cols ${COLUMNS:-80}"
+elif [ -x "`which lynx`" ]; then
+ LYNX="lynx -dump -width=${COLUMNS:-80}"
+fi
+
+
#
# the URL to your server's mod_status status page. If you do not
# have one, then status and fullstatus will not work.
@@ -78,7 +93,7 @@ fi
case $ACMD in
start|stop|restart|graceful|graceful-stop)
- $HTTPD -k $ARGV
+ $HTTPD ${httpd_conf+-f $httpd_conf} -k $ARGV
ERROR=$?
;;
startssl|sslstart|start-SSL)
@@ -88,7 +103,7 @@ startssl|sslstart|start-SSL)
ERROR=2
;;
configtest)
- $HTTPD -t
+ $HTTPD ${httpd_conf+-f $httpd_conf} -t
ERROR=$?
;;
status)

30
httpd-2.2.x-bnc690734.patch → httpd-2.4.9-bnc690734.patch
View File

@ -1,14 +1,13 @@
--- server/util_script.c.orig
+++ server/util_script.c
@@ -415,6 +415,7 @@ AP_DECLARE(int) ap_scan_script_header_er
{
char x[MAX_STRING_LEN];
char *w, *l;
Index: server/util_script.c
===================================================================
--- server/util_script.c.orig 2015-06-25 09:15:54.539638460 +0200
+++ server/util_script.c 2015-06-25 09:20:48.554424220 +0200
@@ -422,11 +422,20 @@
apr_table_t *cookie_table;
int trace_log = APLOG_R_MODULE_IS_LEVEL(r, module_index, APLOG_TRACE1);
int first_header = 1;
+ int wlen;
int p;
int cgi_status = HTTP_UNSET;
apr_table_t *merge;
@@ -425,7 +426,14 @@ AP_DECLARE(int) ap_scan_script_header_er
if (buffer) {
*buffer = '\0';
}
@ -21,10 +20,11 @@
+ w = buffer ? buffer : x;
+ wlen = MAX_STRING_LEN;
+ }
+
/* temporary place to hold headers to merge in later */
merge = apr_table_make(r->pool, 10);
@@ -441,7 +449,7 @@ AP_DECLARE(int) ap_scan_script_header_er
@@ -442,7 +451,7 @@
while (1) {
@ -33,17 +33,19 @@
if (rv == 0) {
const char *msg = "Premature end of script headers";
if (first_header)
@@ -553,9 +561,12 @@ AP_DECLARE(int) ap_scan_script_header_er
@@ -555,10 +564,13 @@
if (!(l = strchr(w, ':'))) {
if (!buffer) {
/* Soak up all the script output - may save an outright kill */
- while ((*getsfunc) (w, MAX_STRING_LEN - 1, getsfunc_data)) {
- while ((*getsfunc)(w, MAX_STRING_LEN - 1, getsfunc_data) > 0) {
+ while ((*getsfunc) (w, wlen - 1, getsfunc_data)) {
continue;
}
- }
+ } else if (w != buffer) {
+ strncpy(buffer, w, MAX_STRING_LEN - 1);
+ buffer[MAX_STRING_LEN - 1] = 0;
}
+ }
ap_log_rerror(SCRIPT_LOG_MARK, APLOG_ERR|APLOG_TOCLIENT, 0, r,
"malformed header from script '%s': Bad header: %.30s",

27
httpd-apachectl.patch Normal file
View File

@ -0,0 +1,27 @@
Index: support/apachectl.in
===================================================================
--- support/apachectl.in.orig 2012-02-01 04:47:28.000000000 +0100
+++ support/apachectl.in 2015-07-13 17:09:06.651280087 +0200
@@ -42,7 +42,7 @@
# -------------------- --------------------
#
# the path to your httpd binary, including options if necessary
-HTTPD='@exp_sbindir@/@progname@'
+HTTPD='@exp_sbindir@/start_apache2'
#
# pick up any necessary environment variables
if test -f @exp_sbindir@/envvars; then
@@ -52,7 +52,11 @@
# a command that outputs a formatted text version of the HTML at the
# url given on the command line. Designed for lynx, however other
# programs may work.
-LYNX="@LYNX_PATH@ -dump"
+if [ -x "`which w3m`" ]; then
+ LYNX="w3m -dump -cols ${COLUMNS:-80}"
+elif [ -x "`which lynx`" ]; then
+ LYNX="lynx -dump -width=${COLUMNS:-80}"
+fi
#
# the URL to your server's mod_status status page. If you do not
# have one, then status and fullstatus will not work.

0
apache2-implicit-pointer-decl.patch → httpd-implicit-pointer-decl.patch
View File

10
load_configuration
View File

@ -1,10 +0,0 @@
#!/bin/bash
: ${sysconfig_apache:=/etc/sysconfig/apache2}
#
# load the configuration, but only if it hasn't been done already
#
if [ -z "$APACHE_MODULES" ]; then
. $sysconfig_apache
fi

148
start_apache2
View File

@ -1,4 +1,4 @@
#!/bin/bash
#!/bin/sh
#
# Copyright (c) 1996, 1997, 1998 S.u.S.E. GmbH
# Copyright (c) 1998, 1999, 2000, 2001 SuSE GmbH
@ -10,33 +10,52 @@
# 2008, 2009, 2010
#
#
pname=apache2
. /usr/share/$pname/load_configuration
export ${!APACHE_*}
. /usr/share/apache2/script-helpers
apache_link=/usr/sbin/httpd
apache_bin=$(/usr/share/$pname/find_mpm 2>/dev/null)
httpd_conf=${APACHE_HTTPD_CONF:-/etc/apache2/httpd.conf}
#
# which instance should we will run
#
test -L $apache_link && apache_bin=$(readlink $apache_link)
if [ -z "$APACHE_MPM" ]; then
APACHE_MPM=${apache_bin##*-}
unset instance_suffix
if [ -n "$HTTPD_INSTANCE" ]; then
instance_suffix="@$HTTPD_INSTANCE"
fi
if ! [ -x $apache_bin ]; then
echo >&2 $apache_bin-$APACHE_MPM is not a valid httpd binary.
echo >&2 Check your APACHE_MPM setting in /etc/sysconfig/$pname.
exit 5
fi
# a proper home should be set, otherwise the server might end up
# with HOME=/root and some script might try to use that
HOME=/var/lib/apache2
#
# load sysconfig variables APACHE_* from instance sysconfig
# file
#
export SYSCONFIG_FILE=/etc/sysconfig/apache2${instance_suffix}
load_sysconfig
unset server_flags
case "$action" in startssl) server_flags="-DSSL";; esac
#
# server_flags: -DSYSCONFIG
#
if [ -f "$SYSCONFIG_FILE" ]; then
server_flags="$server_flags -DSYSCONFIG"
fi
#
# figure out correct apache2 binary (/usr/sbin/httpd-prefork,
# /usr/sbin/httpd-worker, etc.) and serverflags
#
find_mpm
if [ -n "$HTTPD_MPM" ]; then
apache_bin="$HTTPD_SBIN_BASE-$HTTPD_MPM"
if ! [ -x $apache_bin ]; then
echo >&2 "$apache_bin-$APACHE_MPM is not a valid httpd binary."
echo >&2 "Check your APACHE_MPM setting in /etc/sysconfig/apache2."
exit 1
fi
else
echo >&2 "${warn}No Apache binary found. No MPM package installed? $norm"
echo >&2 "Hint: install the apache2-prefork package, and try again."
exit 1
fi
# server flags from APACHE_SERVER_FLAGS
for i in $APACHE_SERVER_FLAGS; do
case $i in
-D) ;;
@ -44,8 +63,87 @@ for i in $APACHE_SERVER_FLAGS; do
*) server_flags="$server_flags -D$i";;
esac
done
${get_module_list_done:=false} || /usr/share/$pname/get_module_list && export get_module_list_done=true
${get_includes:=false} || /usr/share/$pname/get_includes && export get_includes_done=true
export -n ${!APACHE_*}
exec $apache_bin -f $httpd_conf $server_flags $@
#
# head configuration file
#
httpd_conf=${APACHE_HTTPD_CONF:-/etc/apache2${instance_suffix}/httpd.conf}
#
# set PidFile to this file name; PidFile should not
# be used in the configuration to change this, otherwise
# stopping will not work
#
pid_file=/var/run/httpd${instance_suffix}.pid
unset sysconfig_setting
#
# involve the sysconfig variables
#
# APACHE_ACCESS_LOG
if [ -n "$APACHE_ACCESS_LOG" ]; then
sysconfig_setting=("${sysconfig_setting[@]}" "-C" "CustomLog $APACHE_ACCESS_LOG")
fi
# APACHE_CONF_INCLUDE_FILES
for file in $APACHE_CONF_INCLUDE_FILES; do
sysconfig_setting=("${sysconfig_setting[@]}" "-C" "Include $file")
done
# APACHE_CONF_INCLUDE_DIRS
for dir in $APACHE_CONF_INCLUDE_DIRS; do
sysconfig_setting=("${sysconfig_setting[@]}" "-C" "Include $dir")
done
# APACHE_SERVERADMIN
if [ -n "$APACHE_SERVERADMIN" ]; then
sysconfig_setting=("${sysconfig_setting[@]}" "-C" "ServerAdmin $APACHE_SERVERADMIN")
fi
# APACHE_SERVERNAME
if [ -n "$APACHE_SERVERNAME" ]; then
sysconfig_setting=("${sysconfig_setting[@]}" "-C" "ServerName $APACHE_SERVERNAME")
fi
# APACHE_START_TIMEOUT
# not used nowadays
# APACHE_SERVERSIGNATURE
if [ -n "$APACHE_SERVERSIGNATURE" ]; then
sysconfig_setting=("${sysconfig_setting[@]}" "-C" "ServerSignature $APACHE_SERVERSIGNATURE")
fi
# APACHE_LOGLEVEL
if [ -n "$APACHE_LOGLEVEL" ]; then
sysconfig_setting=("${sysconfig_setting[@]}" "-C" "LogLevel $APACHE_LOGLEVEL")
fi
# APACHE_USE_CANONICAL_NAME
if [ -n "$APACHE_USE_CANONICAL_NAME" ]; then
sysconfig_setting=("${sysconfig_setting[@]}" "-C" "UseCanonicalName $APACHE_USE_CANONICAL_NAME")
fi
# APACHE_SERVERTOKENS
if [ -n "$APACHE_SERVERTOKENS" ]; then
sysconfig_setting=("${sysconfig_setting[@]}" "-C" "ServerTokens $APACHE_SERVERTOKENS")
fi
# APACHE_EXTENDED_STATUS
if [ -n "$APACHE_EXTENDED_STATUS" ]; then
sysconfig_setting=("${sysconfig_setting[@]}" "-C" "ExtendedStatus $APACHE_EXTENDED_STATUS")
fi
# APACHE_MODULES
get_module_list
module_ids=($HTTPD_MODULE_IDS)
module_paths=($HTTPD_MODULE_PATHS)
for i in "${!module_ids[@]}"; do
sysconfig_setting=("${sysconfig_setting[@]}" "-C" "LoadModule ${module_ids[$i]} ${module_paths[$i]}")
done
#
# a proper home should be set, otherwise the server might end up
# with HOME=/root and some script might try to use that
#
HOME=/var/lib/apache2${instance_suffix}
#
# run Apache
#
exec $apache_bin -f $httpd_conf $server_flags \
-C "PidFile $pid_file" \
"${sysconfig_setting[@]}" \
$@
exit 0

8
sysconfig.apache2
View File

@ -30,7 +30,7 @@ APACHE_CONF_INCLUDE_FILES=""
APACHE_CONF_INCLUDE_DIRS=""
## Type: string
## Default: "actions alias auth_basic authz_host authn_file authz_groupfile authz_default authz_user autoindex cgi dir env expires include log_config mime negotiation setenvif ssl suexec userdir php5"
## Default: "actions alias auth_basic authn_file authz_host authz_groupfile authz_core authz_user autoindex cgi dir env expires include log_config mime negotiation setenvif ssl socache_shmcb userdir reqtimeout"
## ServiceRestart: apache2
#
# [It might look silly to not simply edit httpd.conf for the LoadModule statements.
@ -38,9 +38,7 @@ APACHE_CONF_INCLUDE_DIRS=""
# switching between MPMs can be quite a hassle. It's easier to just give the names here.]
#
# * list of all modules shipped with the base distribution:
#
@@all_modules@@
#
# see /usr/lib64/apache2-$MPM
# see http://httpd.apache.org/docs/2.4/mod/ !
#
# * It pays to use IfDefine statements... like
@ -79,7 +77,7 @@ APACHE_CONF_INCLUDE_DIRS=""
# apache's default installation
# APACHE_MODULES="authz_host actions alias asis auth autoindex cgi dir imap include log_config mime negotiation setenvif status userdir"
# your settings
APACHE_MODULES="actions alias auth_basic authn_file authz_host authz_groupfile authz_core authz_user autoindex cgi dir env expires include log_config mime negotiation setenvif ssl socache_shmcb userdir php5 reqtimeout"
APACHE_MODULES="actions alias auth_basic authn_file authz_host authz_groupfile authz_core authz_user autoindex cgi dir env expires include log_config mime negotiation setenvif ssl socache_shmcb userdir reqtimeout"
## Type: string