# - subpackages for MPMs
# - check if all modules (*.so) are exactly the same for different MPMs
# - install stage fails with distcc (make -jN)
+# - /var/run/apache is also owned by apache1.spec, so rename it to /var/run/httpd spec here (NOTE: if you fix this also adjust apache-mod_fastcgi.spec)
+# - does main package really need apxs dep?
+# - review: http://securitytracker.com/alerts/2005/Aug/1014826.html
+# - http://www.gentoo.org/security/en/glsa/glsa-200509-12.xml (ssl and pcre)
#
# Conditional build:
%bcond_without ssl # build without SSL support
Summary(tr): Lider WWW tarayýcý
Name: apache
Version: 2.0.54
-Release: 2
+Release: 6
License: Apache Group License
Group: Networking/Daemons
Source0: http://www.apache.org/dist/httpd/httpd-%{version}.tar.gz
Patch19: %{name}-conffile-path.patch
Patch20: %{name}-apxs.patch
# http://www.telana.com/peruser.php
-Patch21: httpd-2.0.50-peruser-r3.patch
+Patch21: httpd-2.0.52-peruser-0.1.6.patch
Patch22: %{name}-apr1.patch
Patch23: %{name}-normalize-path.patch
# http://issues.apache.org/bugzilla/attachment.cgi?id=13377 external pcre
Patch24: %{name}2-pcre-patch.diff
+# http://issues.apache.org/bugzilla/attachment.cgi?id=16102 DoS
+Patch25: %{name}2-byterange.patch
URL: http://httpd.apache.org/
BuildRequires: automake
BuildRequires: apr-devel >= 1:1.0.0
%{?with_ssl:BuildRequires: openssl-tools >= 0.9.7d}
%{?with_external_pcre:BuildRequires: pcre-devel}
BuildRequires: perl-devel >= 1:5.6
+BuildRequires: rpm-build >= 4.4.0
BuildRequires: rpm-perlprov >= 4.1-13
-BuildRequires: rpmbuild(macros) >= 1.159
+BuildRequires: rpmbuild(macros) >= 1.228
BuildRequires: zlib-devel
PreReq: perl-base
-PreReq: rc-scripts
+PreReq: rc-scripts >= 0.4.0.15
Requires(pre): /bin/id
Requires(pre): /usr/bin/getgid
Requires(pre): /usr/sbin/groupadd
Requires: /etc/mime.types
Requires: apr >= 1:1.0.0-2
Requires: %{name}-apxs = %{version}-%{release}
+Requires: FHS >= 2.3-12
Requires: mailcap
Requires: psmisc >= 20.1
Provides: apache(modules-api) = %{_apache_modules_api}
Provides: webserver = apache
Obsoletes: apache-extra
Obsoletes: apache6
+# for the posttrans scriptlet, conflicts because in vserver environment rpm package is not installed.
+Conflicts: rpm < 4.4.2-0.2
BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
%define _sysconfdir /etc/httpd
%define _includedir %{_prefix}/include/apache
%define _datadir /home/services/httpd
%define _libexecdir %{_libdir}/apache
+%define _cgibindir %{_prefix}/lib/cgi-bin/%{name}
%description
Apache is a powerful, full-featured, efficient and freely-available
Summary(ru): íÏÄÕÌØ SSL/TLS ÄÌÑ ×ÅÂ-ÓÅÒ×ÅÒÁ Apache
Group: Networking/Daemons
Epoch: 1
-Provides: apache(mod_ssl) = %{version}-%{release}
+Provides: apache(mod_ssl) = 1:%{version}-%{release}
Requires: %{name} = %{version}-%{release}
%description mod_ssl
Apache'a 2; ta wersja obs³uguje has³a zapisane czystym tekstem oraz
zakodowane algorytmami CRYPT (domy¶lnym), MD5 i SHA1.
+%package cgi_test
+Summary: cgi test/demo programs
+Summary(pl): Programy testowe/przyk³adowe cgi
+Group: Networking/Utilities
+Requires: %{name} = %{version}-%{release}
+
+%description cgi_test
+Two cgi test/demo programs: test-cgi and print-env.
+
+%description cgi_test -l pl
+Dwa programy testowe/przyk³adowe cgi: test-cgi and print-env.
+
%prep
%setup -q -n httpd-%{version}
%patch0 -p1
%patch22 -p1
%patch23 -p1
%{?with_external_pcre:%patch24 -p2}
+%patch25 -p0
%{__perl} -pi -e "s@/usr/local/bin/perl@%{__perl}@" $(grep -rl "/usr/local/bin/perl" *)
%{__perl} -pi -e "s@BUILD_SUBDIRS.*@BUILD_SUBDIRS =@g" srclib/Makefile.in
%install
rm -rf $RPM_BUILD_ROOT
install -d $RPM_BUILD_ROOT/etc/{logrotate.d,rc.d/init.d,sysconfig,monit} \
- $RPM_BUILD_ROOT%{_var}/{log/{httpd,archiv/httpd},{run,cache}/apache,lock/mod_dav}
+ $RPM_BUILD_ROOT%{_var}/{log/{httpd,archiv/httpd},{run,cache}/apache,lock/mod_dav} \
+ $RPM_BUILD_ROOT%{_datadir}/cgi-bin
# prefork is default one
%{__make} -C buildmpm-prefork install \
errordir=%{_datadir}/error \
htdocsdir=%{_datadir}/html \
manualdir=%{_datadir}/manual \
- cgidir=%{_datadir}/cgi-bin \
+ cgidir=%{_cgibindir} \
runtimedir=%{_var}/run \
logdir=%{_var}/log/httpd \
proxycachedir=%{_var}/cache/httpd
install %{SOURCE1} $RPM_BUILD_ROOT/etc/rc.d/init.d/httpd
install %{SOURCE2} $RPM_BUILD_ROOT/etc/logrotate.d/apache
-install %{SOURCE4} $RPM_BUILD_ROOT/etc/sysconfig/apache
+install %{SOURCE4} $RPM_BUILD_ROOT/etc/sysconfig/httpd
install %{SOURCE5} $RPM_BUILD_ROOT/etc/monit
touch $RPM_BUILD_ROOT/var/log/httpd/{access,error,agent,referer,suexec}_log
mv $RPM_BUILD_ROOT%{_sbindir}/htpasswd $RPM_BUILD_ROOT%{_bindir}/
ln -sf %{_bindir}/htpasswd $RPM_BUILD_ROOT%{_sbindir}/
+# cgi_test: create config file with ScriptAlias
+cat << EOF > $CFG/09_cgi_test.conf
+ScriptAlias /cgi-bin/printenv %{_cgibindir}/printenv
+ScriptAlias /cgi-bin/test-cgi %{_cgibindir}/test-cgi
+EOF
+
%clean
rm -rf $RPM_BUILD_ROOT
%pre
-if [ -n "`/usr/bin/getgid http`" ]; then
- if [ "`/usr/bin/getgid http`" != "51" ]; then
- echo "Error: group http doesn't have gid=51. Correct this before installing apache." 1>&2
- exit 1
- fi
-else
- /usr/sbin/groupadd -g 51 http
-fi
-if [ -n "`/bin/id -u http 2>/dev/null`" ]; then
- if [ "`/bin/id -u http`" != "51" ]; then
- echo "Error: user http doesn't have uid=51. Correct this before installing apache." 1>&2
- exit 1
- fi
-else
- /usr/sbin/useradd -u 51 -r -d /home/services/httpd -s /bin/false -c "HTTP User" -g http http 1>&2
-fi
+%groupadd -g 51 http
+%useradd -u 51 -r -d /home/services/httpd -s /bin/false -c "HTTP User" -g http http
%post
/sbin/chkconfig --add httpd
umask 137
touch /var/log/httpd/{access,error,agent,referer}_log
-if [ -f /var/lock/subsys/httpd ]; then
- /etc/rc.d/init.d/httpd restart 1>&2
-else
- echo "Run \"/etc/rc.d/init.d/httpd start\" to start apache HTTP daemon."
-fi
%preun
if [ "$1" = "0" ]; then
if [ -f /var/lock/subsys/httpd ]; then
/etc/rc.d/init.d/httpd stop 1>&2
fi
- /sbin/chkconfig --del httpd
+ # see http://thread.gmane.org/gmane.linux.pld.devel.english/712
+ [ ! -x /sbin/chkconfig ] || /sbin/chkconfig --del httpd
fi
%postun
fi
%triggerpostun -- %{name} <= 2.0.50-6
-echo "WARNING!!!"
-echo "Since that version autoindex module has been separated to package %{name}-mod_autoindex"
-echo "If you want to have the same functionality do:"
-echo "poldek --upgrade %{name}-mod_autoindex"
-echo
+%banner %{name}-2.0.50-6 << EOF
+WARNING!!!
+Since apache-2.0.50-6 autoindex module has been separated to package
+%{name}-mod_autoindex If you want to have the same functionality do:
+poldek -Uv %{name}-mod_autoindex
+EOF
+
+%triggerpostun -- %{name} < 2.0.54-4
+%banner %{name}-2.0.54-2 << EOF
+WARNING!!!
+CGI demo/test programs - printenv and test-cgi, have been released
+from package apache into separate subpackage apache-cgi_test. If you
+need printenv and/or test-cgi, please install apache-cgi_test package,
+e.g. by running poldek -Uv apache-cgi_test
+EOF
+
+# update /etc/sysconfig/apache -> httpd rename
+if [ -f /etc/sysconfig/apache.rpmsave ]; then
+ cp -f /etc/sysconfig/httpd{,.rpmnew}
+ mv -f /etc/sysconfig/{apache.rpmsave,httpd}
+fi
-%post mod_actions
-if [ -f /var/lock/subsys/httpd ]; then
- /etc/rc.d/init.d/httpd restart 1>&2
-else
- echo "Run \"/etc/rc.d/init.d/httpd start\" to start apache HTTP daemon."
+%posttrans
+# minimizing apache restarts logics. we restart webserver:
+#
+# 1. at the end of transaction. (posttrans, feature from rpm 4.4.2)
+# 2. first install of module (post: $1 = 1)
+# 2. uninstall of module (postun: $1 == 0)
+#
+# the strict internal deps between apache modules and
+# main package are very important for all this to work.
+
+# restart webserver at the end of transaction
+%service httpd restart
+
+# macro called at module post scriptlet
+%define module_post \
+if [ "$1" = "1" ]; then \
+ %service -q httpd restart \
fi
-%preun mod_actions
-if [ "$1" = "0" ]; then
- if [ -f /var/lock/subsys/httpd ]; then
- /etc/rc.d/init.d/httpd restart 1>&2
- fi
+# macro called at module postun scriptlet
+%define module_postun \
+if [ "$1" = "0" ]; then \
+ %service -q httpd restart \
fi
+%post mod_actions
+%module_post
+
+%postun mod_actions
+%module_postun
+
%post mod_auth
-if [ -f /var/lock/subsys/httpd ]; then
- /etc/rc.d/init.d/httpd restart 1>&2
-else
- echo "Run \"/etc/rc.d/init.d/httpd start\" to start apache HTTP daemon."
-fi
+%module_post
-%preun mod_auth
-if [ "$1" = "0" ]; then
- if [ -f /var/lock/subsys/httpd ]; then
- /etc/rc.d/init.d/httpd restart 1>&2
- fi
-fi
+%postun mod_auth
+%module_postun
%post mod_auth_anon
-if [ -f /var/lock/subsys/httpd ]; then
- /etc/rc.d/init.d/httpd restart 1>&2
-else
- echo "Run \"/etc/rc.d/init.d/httpd start\" to start apache HTTP daemon."
-fi
+%module_post
-%preun mod_auth_anon
-if [ "$1" = "0" ]; then
- if [ -f /var/lock/subsys/httpd ]; then
- /etc/rc.d/init.d/httpd restart 1>&2
- fi
-fi
+%postun mod_auth_anon
+%module_postun
%post mod_auth_dbm
-if [ -f /var/lock/subsys/httpd ]; then
- /etc/rc.d/init.d/httpd restart 1>&2
-else
- echo "Run \"/etc/rc.d/init.d/httpd start\" to start apache HTTP daemon."
-fi
+%module_post
-%preun mod_auth_dbm
-if [ "$1" = "0" ]; then
- if [ -f /var/lock/subsys/httpd ]; then
- /etc/rc.d/init.d/httpd restart 1>&2
- fi
-fi
+%postun mod_auth_dbm
+%module_postun
%post mod_autoindex
-if [ -f /var/lock/subsys/httpd ]; then
- /etc/rc.d/init.d/httpd restart 1>&2
-else
- echo "Run \"/etc/rc.d/init.d/httpd start\" to start apache HTTP daemon."
-fi
+%module_post
-%preun mod_autoindex
-if [ "$1" = "0" ]; then
- if [ -f /var/lock/subsys/httpd ]; then
- /etc/rc.d/init.d/httpd restart 1>&2
- fi
-fi
+%postun mod_autoindex
+%module_postun
%post mod_cache
-if [ -f /var/lock/subsys/httpd ]; then
- /etc/rc.d/init.d/httpd restart 1>&2
-else
- echo "Run \"/etc/rc.d/init.d/httpd start\" to start apache HTTP daemon."
-fi
+%module_post
-%preun mod_cache
-if [ "$1" = "0" ]; then
- if [ -f /var/lock/subsys/httpd ]; then
- /etc/rc.d/init.d/httpd restart 1>&2
- fi
-fi
+%postun mod_cache
+%module_postun
%post mod_cgid
-if [ -f /var/lock/subsys/httpd ]; then
- /etc/rc.d/init.d/httpd restart 1>&2
-else
- echo "Run \"/etc/rc.d/init.d/httpd start\" to start apache HTTP daemon."
-fi
+%module_post
-%preun mod_cgid
-if [ "$1" = "0" ]; then
- if [ -f /var/lock/subsys/httpd ]; then
- /etc/rc.d/init.d/httpd restart 1>&2
- fi
-fi
+%postun mod_cgid
+%module_postun
%post mod_charset_lite
-if [ -f /var/lock/subsys/httpd ]; then
- /etc/rc.d/init.d/httpd restart 1>&2
-else
- echo "Run \"/etc/rc.d/init.d/httpd start\" to start apache HTTP daemon."
-fi
+%module_post
-%preun mod_charset_lite
-if [ "$1" = "0" ]; then
- if [ -f /var/lock/subsys/httpd ]; then
- /etc/rc.d/init.d/httpd restart 1>&2
- fi
-fi
+%postun mod_charset_lite
+%module_postun
%post mod_dav
-if [ -f /var/lock/subsys/httpd ]; then
- /etc/rc.d/init.d/httpd restart 1>&2
-else
- echo "Run \"/etc/rc.d/init.d/httpd start\" to start apache HTTP daemon."
-fi
+%module_post
-%preun mod_dav
-if [ "$1" = "0" ]; then
- if [ -f /var/lock/subsys/httpd ]; then
- /etc/rc.d/init.d/httpd restart 1>&2
- fi
-fi
+%postun mod_dav
+%module_postun
%post mod_auth_digest
-if [ -f /var/lock/subsys/httpd ]; then
- /etc/rc.d/init.d/httpd restart 1>&2
-else
- echo "Run \"/etc/rc.d/init.d/httpd start\" to start apache HTTP daemon."
-fi
+%module_post
-%preun mod_auth_digest
-if [ "$1" = "0" ]; then
- if [ -f /var/lock/subsys/httpd ]; then
- /etc/rc.d/init.d/httpd restart 1>&2
- fi
-fi
+%postun mod_auth_digest
+%module_postun
%post mod_deflate
-if [ -f /var/lock/subsys/httpd ]; then
- /etc/rc.d/init.d/httpd restart 1>&2
-else
- echo "Run \"/etc/rc.d/init.d/httpd start\" to start apache HTTP daemon."
-fi
+%module_post
-%preun mod_deflate
-if [ "$1" = "0" ]; then
- if [ -f /var/lock/subsys/httpd ]; then
- /etc/rc.d/init.d/httpd restart 1>&2
- fi
-fi
+%postun mod_deflate
+%module_postun
%post mod_dir
-if [ -f /var/lock/subsys/httpd ]; then
- /etc/rc.d/init.d/httpd restart 1>&2
-else
- echo "Run \"/etc/rc.d/init.d/httpd start\" to start apache HTTP daemon."
-fi
+%module_post
-%preun mod_dir
-if [ "$1" = "0" ]; then
- if [ -f /var/lock/subsys/httpd ]; then
- /etc/rc.d/init.d/httpd restart 1>&2
- fi
-fi
+%postun mod_dir
+%module_postun
%post mod_expires
-if [ -f /var/lock/subsys/httpd ]; then
- /etc/rc.d/init.d/httpd restart 1>&2
-else
- echo "Run \"/etc/rc.d/init.d/httpd start\" to start apache HTTP daemon."
-fi
+%module_post
-%preun mod_expires
-if [ "$1" = "0" ]; then
- if [ -f /var/lock/subsys/httpd ]; then
- /etc/rc.d/init.d/httpd restart 1>&2
- fi
-fi
+%postun mod_expires
+%module_postun
%post mod_file_cache
-if [ -f /var/lock/subsys/httpd ]; then
- /etc/rc.d/init.d/httpd restart 1>&2
-else
- echo "Run \"/etc/rc.d/init.d/httpd start\" to start apache HTTP daemon."
-fi
+%module_post
-%preun mod_file_cache
-if [ "$1" = "0" ]; then
- if [ -f /var/lock/subsys/httpd ]; then
- /etc/rc.d/init.d/httpd restart 1>&2
- fi
-fi
+%postun mod_file_cache
+%module_postun
%post mod_headers
-if [ -f /var/lock/subsys/httpd ]; then
- /etc/rc.d/init.d/httpd restart 1>&2
-else
- echo "Run \"/etc/rc.d/init.d/httpd start\" to start apache HTTP daemon."
-fi
+%module_post
-%preun mod_headers
-if [ "$1" = "0" ]; then
- if [ -f /var/lock/subsys/httpd ]; then
- /etc/rc.d/init.d/httpd restart 1>&2
- fi
-fi
+%postun mod_headers
+%module_postun
%post mod_imap
-if [ -f /var/lock/subsys/httpd ]; then
- /etc/rc.d/init.d/httpd restart 1>&2
-else
- echo "Run \"/etc/rc.d/init.d/httpd start\" to start apache HTTP daemon."
-fi
+%module_post
-%preun mod_imap
-if [ "$1" = "0" ]; then
- if [ -f /var/lock/subsys/httpd ]; then
- /etc/rc.d/init.d/httpd restart 1>&2
- fi
-fi
+%postun mod_imap
+%module_postun
%post mod_info
-if [ -f /var/lock/subsys/httpd ]; then
- /etc/rc.d/init.d/httpd restart 1>&2
-else
- echo "Run \"/etc/rc.d/init.d/httpd start\" to start apache HTTP daemon."
-fi
+%module_post
-%preun mod_info
-if [ "$1" = "0" ]; then
- if [ -f /var/lock/subsys/httpd ]; then
- /etc/rc.d/init.d/httpd restart 1>&2
- fi
-fi
+%postun mod_info
+%module_postun
%post mod_proxy
-if [ -f /var/lock/subsys/httpd ]; then
- /etc/rc.d/init.d/httpd restart 1>&2
-else
- echo "Run \"/etc/rc.d/init.d/httpd start\" to start apache HTTP daemon."
-fi
+%module_post
-%preun mod_proxy
-if [ "$1" = "0" ]; then
- if [ -f /var/lock/subsys/httpd ]; then
- /etc/rc.d/init.d/httpd restart 1>&2
- fi
-fi
+%postun mod_proxy
+%module_postun
%post mod_rewrite
-if [ -f /var/lock/subsys/httpd ]; then
- /etc/rc.d/init.d/httpd restart 1>&2
-else
- echo "Run \"/etc/rc.d/init.d/httpd start\" to start apache HTTP daemon."
-fi
+%module_post
-%preun mod_rewrite
-if [ "$1" = "0" ]; then
- if [ -f /var/lock/subsys/httpd ]; then
- /etc/rc.d/init.d/httpd restart 1>&2
- fi
-fi
+%postun mod_rewrite
+%module_postun
%post mod_ssl
-if [ -f /var/lock/subsys/httpd ]; then
- /etc/rc.d/init.d/httpd restart 1>&2
-else
- echo "Run \"/etc/rc.d/init.d/httpd start\" to start apache HTTP daemon."
-fi
+%module_post
-%preun mod_ssl
-if [ "$1" = "0" ]; then
- if [ -f /var/lock/subsys/httpd ]; then
- /etc/rc.d/init.d/httpd restart 1>&2
- fi
-fi
+%postun mod_ssl
+%module_postun
%post mod_status
-if [ -f /var/lock/subsys/httpd ]; then
- /etc/rc.d/init.d/httpd restart 1>&2
-else
- echo "Run \"/etc/rc.d/init.d/httpd start\" to start apache HTTP daemon."
-fi
+%module_post
-%preun mod_status
-if [ "$1" = "0" ]; then
- if [ -f /var/lock/subsys/httpd ]; then
- /etc/rc.d/init.d/httpd restart 1>&2
- fi
-fi
+%postun mod_status
+%module_postun
%post mod_usertrack
-if [ -f /var/lock/subsys/httpd ]; then
- /etc/rc.d/init.d/httpd restart 1>&2
-else
- echo "Run \"/etc/rc.d/init.d/httpd start\" to start apache HTTP daemon."
-fi
+%module_post
-%preun mod_usertrack
-if [ "$1" = "0" ]; then
- if [ -f /var/lock/subsys/httpd ]; then
- /etc/rc.d/init.d/httpd restart 1>&2
- fi
-fi
+%postun mod_usertrack
+%module_postun
%post mod_unique_id
-if [ -f /var/lock/subsys/httpd ]; then
- /etc/rc.d/init.d/httpd restart 1>&2
-else
- echo "Run \"/etc/rc.d/init.d/httpd start\" to start apache HTTP daemon."
-fi
+%module_post
-%preun mod_unique_id
-if [ "$1" = "0" ]; then
- if [ -f /var/lock/subsys/httpd ]; then
- /etc/rc.d/init.d/httpd restart 1>&2
- fi
-fi
+%postun mod_unique_id
+%module_postun
%post mod_vhost_alias
-if [ -f /var/lock/subsys/httpd ]; then
- /etc/rc.d/init.d/httpd restart 1>&2
-else
- echo "Run \"/etc/rc.d/init.d/httpd start\" to start apache HTTP daemon."
+%module_post
+
+%postun mod_vhost_alias
+%module_postun
+
+%post cgi_test
+if [ "$1" = "1" ]; then
+ %service -q httpd reload
fi
-%preun mod_vhost_alias
+%postun cgi_test
if [ "$1" = "0" ]; then
- if [ -f /var/lock/subsys/httpd ]; then
- /etc/rc.d/init.d/httpd restart 1>&2
- fi
+ %service -q httpd reload
fi
%files
%attr(750,root,root) %dir %{_sysconfdir}/run
%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/httpd.conf/*_httpd.conf
%attr(640,root,root) %{_sysconfdir}/magic
-%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/sysconfig/*
+%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/sysconfig/httpd
%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/logrotate.d/*
%attr(750,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/monit/*.monitrc
%dir %{_datadir}
-%attr(755,root,root) %dir %{_datadir}/html
+%dir %{_datadir}/cgi-bin
+%dir %{_datadir}/html
%{_datadir}/icons
-%attr(755,root,root) %{_datadir}/cgi-bin
-
%{_datadir}/error
%files doc
%attr(755,root,root) %{_bindir}/htpasswd
%{_sbindir}/htpasswd
%{_mandir}/man1/htpasswd.1*
+
+%files cgi_test
+%defattr(644,root,root,755)
+%dir %{_cgibindir}
+%attr(755,root,root) %{_cgibindir}/*
+%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/httpd.conf/09_cgi_test.conf