Hello community, here is the log from the commit of package nginx.2264 for openSUSE:12.3:Update checked in at 2013-11-22 04:33:58 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:12.3:Update/nginx.2264 (Old) and /work/SRC/openSUSE:12.3:Update/.nginx.2264.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "nginx.2264" Changes: -------- New Changes file: --- /dev/null 2013-10-11 12:16:15.204037506 +0200 +++ /work/SRC/openSUSE:12.3:Update/.nginx.2264.new/nginx.changes 2013-11-22 04:34:00.000000000 +0100 @@ -0,0 +1,657 @@ +------------------------------------------------------------------- +Wed Nov 20 15:07:36 UTC 2013 - [email protected] + +- patch.2013.space.txt fixes CVE-2013-4547 + a character following an unescaped space in a request line + was handled incorrectly [bnc#851295] + +------------------------------------------------------------------- +Fri May 24 12:46:17 UTC 2013 - [email protected] + +- update to 1.2.9 (bnc#821184) + *) Security: contents of worker process memory might be sent to a client + if HTTP backend returned specially crafted response (CVE-2013-2070); + the bug had appeared in 1.1.4. + - changes with 1.2.8: + *) Bugfix: new sessions were not always stored if the "ssl_session_cache + shared" directive was used and there was no free space in shared + memory. + *) Bugfix: responses might hang if subrequests were used and a DNS error + happened during subrequest processing. + *) Bugfix: in the ngx_http_mp4_module. + *) Bugfix: in backend usage accounting. + - changes with nginx 1.2.7 + *) Change: now if the "include" directive with mask is used on Unix + systems, included files are sorted in alphabetical order. + *) Change: the "add_header" directive adds headers to 201 responses. + *) Feature: the "geo" directive now supports IPv6 addresses in CIDR + notation. + *) Feature: the "flush" and "gzip" parameters of the "access_log" + directive. + *) Feature: variables support in the "auth_basic" directive. + *) Feature: the $pipe, $request_length, $time_iso8601, and $time_local + variables can now be used not only in the "log_format" directive. + *) Feature: IPv6 support in the ngx_http_geoip_module. + *) Bugfix: nginx could not be built with the ngx_http_perl_module in + some cases. + *) Bugfix: a segmentation fault might occur in a worker process if the + ngx_http_xslt_module was used. + *) Bugfix: nginx could not be built on MacOSX in some cases. + *) Bugfix: the "limit_rate" directive with high rates might result in + truncated responses on 32-bit platforms. + *) Bugfix: a segmentation fault might occur in a worker process if the + "if" directive was used. + *) Bugfix: a "100 Continue" response was issued with "413 Request Entity + Too Large" responses. + *) Bugfix: the "image_filter", "image_filter_jpeg_quality" and + "image_filter_sharpen" directives might be inherited incorrectly. + *) Bugfix: "crypt_r() failed" errors might appear if the "auth_basic" + directive was used on Linux. + *) Bugfix: in backup servers handling. + *) Bugfix: proxied HEAD requests might return incorrect response if the + "gzip" directive was used. + *) Bugfix: a segmentation fault occurred on start or during + reconfiguration if the "keepalive" directive was specified more than + once in a single upstream block. + *) Bugfix: in the "proxy_method" directive. + *) Bugfix: a segmentation fault might occur in a worker process if + resolver was used with the poll method. + *) Bugfix: nginx might hog CPU during SSL handshake with a backend if + the select, poll, or /dev/poll methods were used. + *) Bugfix: the "[crit] SSL_write() failed (SSL:)" error. + *) Bugfix: in the "fastcgi_keep_conn" directive. + +------------------------------------------------------------------- +Mon Jan 7 20:24:52 UTC 2013 - [email protected] + +- Parallel building with %_smp_mflags; remove redundant %clean section + +------------------------------------------------------------------- +Mon Dec 17 10:32:12 UTC 2012 - [email protected] + +- update to 1.2.6 + *) Feature: the $request_time and $msec variables can now be used not + only in the "log_format" directive. + *) Bugfix: cache manager and cache loader processes might not be able to + start if more than 512 listen sockets were used. + *) Bugfix: in the ngx_http_dav_module. + +------------------------------------------------------------------- +Wed Dec 5 12:09:58 UTC 2012 - [email protected] + +- add Provides: httpd and http_daemon, so a "Requires: httpd" + or "Suggests: httpd" doesn't only resolve to apache2 + +------------------------------------------------------------------- +Wed Nov 21 18:07:33 UTC 2012 - [email protected] + +- revert permission for /var/log/nginx so reopen is possible (bnc#790726) + +------------------------------------------------------------------- +Wed Nov 14 14:47:52 UTC 2012 - [email protected] + +- update to 1.2.5 + *) Feature: the "optional_no_ca" parameter of the "ssl_verify_client" + directive. + *) Feature: the $bytes_sent, $connection, and $connection_requests + variables can now be used not only in the "log_format" directive. + *) Feature: resolver now randomly rotates addresses returned from cache. + *) Feature: the "auto" parameter of the "worker_processes" directive. + *) Bugfix: "cache file ... has md5 collision" alert. + *) Bugfix: OpenSSL 0.9.7 compatibility. + +------------------------------------------------------------------- +Wed Oct 24 08:14:06 UTC 2012 - [email protected] + +- reenable passenger (required by webyast, was silently disabled) +- /var/log/nginx/ should belong to root (rpmlint issue) +- Recommends: logrotate (rpmlint issue) +- no need to keep default configs +- change FSF from postal to url address (rpmlint issue) + +------------------------------------------------------------------- +Thu Oct 11 14:53:37 UTC 2012 - [email protected] + +- remove version from package name +- update to 1.2.4 + *) Bugfix: in the "limit_req" directive; the bug had appeared in 1.1.14. + Thanks to Charles Chen. + + *) Bugfix: nginx could not be built by gcc 4.7 with -O2 optimization if + the --with-ipv6 option was used. + + *) Bugfix: a segmentation fault might occur in a worker process if the + "map" directive was used with variables as values. + + *) Bugfix: a segmentation fault might occur in a worker process if the + "geo" directive was used with the "ranges" parameter but without the + "default" parameter; the bug had appeared in 0.8.43. + Thanks to Zhen Chen and Weibin Yao. + + *) Bugfix: in the -p command-line parameter handling. + + *) Bugfix: in the mail proxy server. + + *) Bugfix: of minor potential bugs. + Thanks to Coverity. + + - Changes with nginx 1.2.3 + + *) Feature: the Clang compiler support. + + *) Bugfix: extra listening sockets might be created. + Thanks to Roman Odaisky. + + *) Bugfix: the "proxy_pass_header", "fastcgi_pass_header", + "scgi_pass_header", "uwsgi_pass_header", "proxy_hide_header", + "fastcgi_hide_header", "scgi_hide_header", and "uwsgi_hide_header" + directives might be inherited incorrectly. + + *) Bugfix: trailing dot in a source value was not ignored if the "map" + directive was used with the "hostnames" parameter. + + *) Bugfix: incorrect location might be used to process a request if a + URI was changed via a "rewrite" directive before an internal redirect + to a named location. +- update patch perl_vendor_install + +------------------------------------------------------------------- +Sat Jul 21 02:41:34 UTC 2012 - [email protected] + +- Update to version 1,2,2 +- Enable only the epoll event model. + +------------------------------------------------------------------- +Fri Jun 8 17:57:35 UTC 2012 - [email protected] + +- Update to version 1.2.1; list too long to mention here + see http://nginx.org/en/CHANGES-1.2. +- Add systemd support. + +------------------------------------------------------------------- +Tue Jun 5 07:33:42 UTC 2012 - [email protected] + +- added "BuildRequires: ruby" (needed for %rb_ver macro expansion), + fixes build at Factory + +------------------------------------------------------------------- +Mon Apr 16 08:42:51 UTC 2012 - [email protected] + +- Update to version 1.0.15 + Changes with nginx 1.0.15 12 Apr 2012 + + *) Security: specially crafted mp4 file might allow to overwrite memory + locations in a worker process if the ngx_http_mp4_module was used, + potentially resulting in arbitrary code execution (CVE-2012-2089). + Thanks to Matthew Daley. + + *) Bugfix: in the ngx_http_mp4_module. + +------------------------------------------------------------------- +Fri Mar 16 14:16:44 UTC 2012 - [email protected] + +- Update to Version 1.0.14 + + Changes with nginx 1.0.14 15 Mar 2012 + + *) Security: content of previously freed memory might be sent to a ++++ 460 more lines (skipped) ++++ between /dev/null ++++ and /work/SRC/openSUSE:12.3:Update/.nginx.2264.new/nginx.changes New: ---- nginx-0.4.0-no_Werror.patch nginx-0.6.38-html.patch nginx-1.0.15_docs.patch nginx-1.0.4_default_config.patch nginx-1.2.4-perl_vendor_install.patch nginx-1.2.9.tar.gz nginx.changes nginx.init nginx.logrotate nginx.rpmlintrc nginx.service nginx.spec patch.2013.space.txt ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ nginx.spec ++++++ # # spec file for package nginx # # Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via http://bugs.opensuse.org/ # Name: nginx Version: 1.2.9 Release: 0 # %define pkg_name nginx # %define ngx_prefix %{_prefix} %define ngx_sbin_path %{_sbindir}/nginx %define ngx_conf_dir %{_sysconfdir}/nginx %define ngx_conf_path %{ngx_conf_dir}/nginx.conf %define ngx_log_dir /var/log/nginx %define ngx_error_log %{ngx_log_dir}/error.log %define ngx_access_log %{ngx_log_dir}/access.log %define ngx_pid_path /var/run/nginx.pid %define ngx_lock_path /var/run/nginx.lock %define ngx_home /var/lib/nginx %define ngx_tmp_http %{ngx_home}/tmp/ %define ngx_tmp_proxy %{ngx_home}/proxy/ %define ngx_tmp_fcgi %{ngx_home}/fastcgi/ %define ngx_tmp_scgi %{ngx_home}/scgi/ %define ngx_tmp_uwsgi %{ngx_home}/uwsgi/ %define ngx_user_group nginx %define with_cpp_test 0 %define with_google_perftools 0 %if 0%{?suse_version} >= 1110 # passenger is required by webyast %define with_passenger 1 %define with_libatomic 1 %endif # # BuildRoot: %{_tmppath}/%{name}-%{version}-build %if 0%{?with_cpp_test} BuildRequires: gcc-c++ %endif BuildRequires: GeoIP-devel BuildRequires: gd-devel %if 0%{?with_google_perftools} BuildRequires: google-perftools-devel %endif %if 0%{?with_libatomic} BuildRequires: libatomic-ops-devel %endif BuildRequires: libxslt-devel BuildRequires: openssl-devel BuildRequires: pcre-devel BuildRequires: pkgconfig BuildRequires: zlib-devel %if 0%{?with_passenger} BuildRequires: ruby BuildRequires: rubygem-passenger-devel-static # workaround for obs scheduler: BuildRequires: rubygem-rack-1_1 Recommends: packageand(rubygem-passenger:rubygem-passenger-nginx) %endif %if 0%{?suse_version} >= 1210 BuildRequires: systemd %{?systemd_requires} %define has_systemd 1 %endif Recommends: logrotate PreReq: %fillup_prereq PreReq: %insserv_prereq PreReq: pwdutils # Conflicts: nginx-0.5 nginx-0.6 nginx-0.7 nginx-0.8 nginx-0.9 nginx-1.0 nginx-1.2 nginx-1.3 %requires_eq perl # Url: http://nginx.net/ Source: http://www.nginx.org/download/nginx-%{version}.tar.gz Source1: nginx.init Source2: nginx.logrotate Source3: nginx.service # PATCH-FIX-UPSTREAM nginx-0.4.0-no_Werror.patch Patch: nginx-0.4.0-no_Werror.patch # PATCH-FIX-UPSTREAM nginx-0.6.38-html.patch Patch2: nginx-0.6.38-html.patch # PATCH-FIX-UPSTREAM nginx-1.2.4-perl_vendor_install.patch Patch3: nginx-1.2.4-perl_vendor_install.patch # PATCH-FIX-UPSTREAM nginx-1.0.4_default_config.patch Patch4: nginx-1.0.4_default_config.patch # PATCH for fixing docs/html path Patch5: nginx-1.0.15_docs.patch Patch6: http://nginx.org/download/patch.2013.space.txt Summary: A HTTP server and IMAP/POP3 proxy server License: BSD-2-Clause Group: Productivity/Networking/Web/Proxy Provides: http_daemon Provides: httpd %description nginx [engine x] is a HTTP server and IMAP/POP3 proxy server written by Igor Sysoev. It has been running on many heavily loaded Russian sites for more than two years. Author: ------- Igor Sysoev %prep %setup -n %{pkg_name}-%{version} %patch %patch2 %patch3 %patch4 %patch5 %patch6 perl -pi -e 's|\r\n|\n|g' contrib/geo2nginx.pl %build %if 0%{?with_passenger} ln -s %{_libdir}/ruby/gems/%{rb_ver}/gems/passenger-* passenger %endif ./configure \ --prefix=%{ngx_prefix}/ \ --sbin-path=%{ngx_sbin_path} \ --conf-path=%{ngx_conf_path} \ --error-log-path=%{ngx_error_log} \ --http-log-path=%{ngx_access_log} \ --pid-path=%{ngx_pid_path} \ --lock-path=%{ngx_lock_path} \ --http-client-body-temp-path=%{ngx_tmp_http} \ --http-proxy-temp-path=%{ngx_tmp_proxy} \ --http-fastcgi-temp-path=%{ngx_tmp_fcgi} \ --http-uwsgi-temp-path=%{ngx_tmp_uwsgi} \ --http-scgi-temp-path=%{ngx_tmp_scgi} \ --user=nginx --group=nginx \ --without-select_module \ --without-poll_module \ --with-ipv6 \ %if 0%{?suse_version} > 1110 --with-file-aio \ %endif --with-http_ssl_module \ --with-http_realip_module \ --with-http_addition_module \ --with-http_xslt_module \ --with-http_image_filter_module \ --with-http_geoip_module \ --with-http_sub_module \ --with-http_dav_module \ --with-http_flv_module \ --with-http_gzip_static_module \ --with-http_random_index_module \ --with-http_secure_link_module \ --with-http_degradation_module \ --with-http_stub_status_module \ --with-http_perl_module \ --with-perl=%{_bindir}/perl \ --with-mail \ --with-mail_ssl_module \ --with-pcre \ %if 0%{?with_libatomic} --with-libatomic \ %endif %if 0%{?with_passenger} --add-module=passenger/ext/nginx \ %endif %if 0%{?with_google_perftools} --with-google_perftools_module \ %endif %if 0%{?with_cpp_test} --with-cpp_test_module \ %endif --with-md5=/usr \ --with-sha1=/usr \ %if 0%{?suse_version} > 1000 || 0%{?fedora_version} > 4 || 0%{?mandriva_version} > 2006 --with-cc-opt="%{optflags} -D_GNU_SOURCE -std=gnu99 -fstack-protector" %else --with-cc-opt="%{optflags}" %endif make %{?_smp_mflags} %install make install DESTDIR="%buildroot" %perl_process_packlist # %{__install} -d -m 0750 %{buildroot}%{ngx_home}/{,tmp,proxy,fastcgi,scgi,uwsgi} # %{__install} -D -m 0755 %{S:1} %{buildroot}%{_sysconfdir}/init.d/%{pkg_name} %{__ln_s} -f %{_sysconfdir}/init.d/%{pkg_name} %{buildroot}%{_sbindir}/rc%{pkg_name} %{__install} -D -m 0644 %{S:2} %{buildroot}%{_sysconfdir}/logrotate.d/%{pkg_name} %if 0%{?has_systemd} %{__install} -D -m 0644 %{S:3} %{buildroot}%{_unitdir}/nginx.service %endif %{__rm} %{buildroot}/srv/www/htdocs/index.html %post %fillup_and_insserv %{pkg_name} %if 0%{?has_systemd} %service_add_post nginx.service %endif %preun %stop_on_removal %{pkg_name} %if 0%{?has_systemd} %service_del_preun nginx.service %endif %postun %restart_on_update %{pkg_name} %{insserv_cleanup} %if 0%{?has_systemd} %service_del_postun nginx.service %endif %pre /usr/sbin/groupadd -r %{ngx_user_group} &>/dev/null ||: /usr/sbin/useradd -g %{ngx_user_group} -s /bin/false -r -c "user for %{ngx_user_group}" -d %{ngx_home} %{ngx_user_group} &>/dev/null ||: %if 0%{?has_systemd} %service_add_pre nginx.service %endif %files %defattr(-,root,root,-) %dir %{ngx_conf_dir}/ %config(noreplace) %{ngx_conf_dir}/koi-utf %config(noreplace) %{ngx_conf_dir}/koi-win %config(noreplace) %{ngx_conf_dir}/fastcgi_params %config %{ngx_conf_dir}/fastcgi_params.default %config(noreplace) %{ngx_conf_dir}/mime.types %config %{ngx_conf_dir}/mime.types.default %config(noreplace) %{ngx_conf_dir}/nginx.conf %config %{ngx_conf_dir}/nginx.conf.default %config(noreplace) %{ngx_conf_dir}/fastcgi.conf %config %{ngx_conf_dir}/fastcgi.conf.default %config(noreplace) %{ngx_conf_dir}/win-utf %config(noreplace) %{ngx_conf_dir}/scgi_params %config %{ngx_conf_dir}/scgi_params.default %config(noreplace) %{ngx_conf_dir}/uwsgi_params %config %{ngx_conf_dir}/uwsgi_params.default %{perl_vendorarch}/auto/nginx/ %{perl_vendorarch}/nginx.pm %{ngx_sbin_path} %{_mandir}/man3/nginx.3pm* /srv/www/htdocs/50x.html %if 0%{?suse_version} && 0%{?suse_version} < 1140 %{_localstatedir}/adm/perl-modules/%{name} %endif %{_sysconfdir}/init.d/%{pkg_name} %{_sbindir}/rc%{pkg_name} %config(noreplace) %{_sysconfdir}/logrotate.d/%{pkg_name} %dir %attr(750,%{ngx_user_group},%{ngx_user_group}) /var/log/nginx/ %dir %attr(750,%{ngx_user_group},%{ngx_user_group}) %{ngx_home}/ %dir %attr(750,%{ngx_user_group},%{ngx_user_group}) %{ngx_tmp_http} %dir %attr(750,%{ngx_user_group},%{ngx_user_group}) %{ngx_tmp_proxy} %dir %attr(750,%{ngx_user_group},%{ngx_user_group}) %{ngx_tmp_fcgi} %dir %attr(750,%{ngx_user_group},%{ngx_user_group}) %{ngx_tmp_scgi} %dir %attr(750,%{ngx_user_group},%{ngx_user_group}) %{ngx_tmp_uwsgi} %doc CHANGES* %doc conf/ contrib/ %if 0%{?has_systemd} %{_unitdir}/nginx.service %endif %changelog ++++++ nginx-0.4.0-no_Werror.patch ++++++ Index: auto/cc/gcc =================================================================== --- auto/cc/gcc.orig +++ auto/cc/gcc @@ -171,7 +171,7 @@ # stop on warning -CFLAGS="$CFLAGS -Werror" +CFLAGS="$CFLAGS" # debug CFLAGS="$CFLAGS -g" ++++++ nginx-0.6.38-html.patch ++++++ --- auto/install +++ auto/install @@ -146,8 +146,7 @@ test -d '\$(DESTDIR)`dirname "$NGX_HTTP_LOG_PATH"`' || \ mkdir -p '\$(DESTDIR)`dirname "$NGX_HTTP_LOG_PATH"`' - test -d '\$(DESTDIR)$NGX_PREFIX/html' \ - || cp -R $NGX_HTML '\$(DESTDIR)$NGX_PREFIX' + test -d '\$(DESTDIR)/srv/www/htdocs' || install -d '\$(DESTDIR)/srv/www/' && cp -r docs/html '\$(DESTDIR)/srv/www/htdocs' END ++++++ nginx-1.0.15_docs.patch ++++++ --- auto/install +++ auto/install @@ -147,7 +147,7 @@ test -d '\$(DESTDIR)`dirname "$NGX_HTTP_LOG_PATH"`' || \ mkdir -p '\$(DESTDIR)`dirname "$NGX_HTTP_LOG_PATH"`' - test -d '\$(DESTDIR)/srv/www/htdocs' || install -d '\$(DESTDIR)/srv/www/' && cp -r docs/html '\$(DESTDIR)/srv/www/htdocs' + test -d '\$(DESTDIR)/srv/www/htdocs' || install -d '\$(DESTDIR)/srv/www/' && cp -r html '\$(DESTDIR)/srv/www/htdocs' END --- auto/install.orig +++ auto/install.orig @@ -147,7 +147,7 @@ test -d '\$(DESTDIR)`dirname "$NGX_HTTP_LOG_PATH"`' || \ mkdir -p '\$(DESTDIR)`dirname "$NGX_HTTP_LOG_PATH"`' - test -d '\$(DESTDIR)/srv/www/htdocs' || install -d '\$(DESTDIR)/srv/www/' && cp -r docs/html '\$(DESTDIR)/srv/www/htdocs' + test -d '\$(DESTDIR)/srv/www/htdocs' || install -d '\$(DESTDIR)/srv/www/' && cp -r html '\$(DESTDIR)/srv/www/htdocs' END ++++++ nginx-1.0.4_default_config.patch ++++++ Index: conf/nginx.conf =================================================================== --- conf/nginx.conf.orig +++ conf/nginx.conf @@ -1,16 +1,17 @@ -#user nobody; +#user nginx; worker_processes 1; -#error_log logs/error.log; -#error_log logs/error.log notice; -#error_log logs/error.log info; +#error_log /var/log/nginx/error.log; +#error_log /var/log/nginx/error.log notice; +#error_log /var/log/nginx/error.log info; -#pid logs/nginx.pid; +#pid /var/run/nginx.pid; events { worker_connections 1024; + use epoll; } @@ -22,7 +23,7 @@ http { # '$status $body_bytes_sent "$http_referer" ' # '"$http_user_agent" "$http_x_forwarded_for"'; - #access_log logs/access.log main; + #access_log /var/log/nginx/access.log main; sendfile on; #tcp_nopush on; @@ -32,16 +33,18 @@ http { #gzip on; + include conf.d/*.conf; + server { listen 80; server_name localhost; #charset koi8-r; - #access_log logs/host.access.log main; + #access_log /var/log/nginx/host.access.log main; location / { - root html; + root /srv/www/htdocs/; index index.html index.htm; } @@ -51,7 +54,7 @@ http { # error_page 500 502 503 504 /50x.html; location = /50x.html { - root html; + root /srv/www/htdocs/; } # proxy the PHP scripts to Apache listening on 127.0.0.1:80 @@ -87,7 +90,7 @@ http { # server_name somename alias another.alias; # location / { - # root html; + # root /srv/www/htdocs/; # index index.html index.htm; # } #} @@ -110,9 +113,10 @@ http { # ssl_prefer_server_ciphers on; # location / { - # root html; + # root /srv/www/htdocs/; # index index.html index.htm; # } #} + include vhosts.d/*.conf; } ++++++ nginx-1.2.4-perl_vendor_install.patch ++++++ Index: auto/install =================================================================== --- auto/install.orig +++ auto/install @@ -7,7 +7,7 @@ cat << END >> $NGX_MAKEFILE install_perl_modules: - cd $NGX_OBJS/src/http/modules/perl && \$(MAKE) install + cd $NGX_OBJS/src/http/modules/perl && \$(MAKE) install_vendor END NGX_INSTALL_PERL_MODULES=install_perl_modules ++++++ nginx.init ++++++ #!/bin/sh # # Copyright (C) 1995--2007 Marcus Rückert, SUSE / Novell Inc. # # This library is free software; you can redistribute it and/or modify it # under the terms of the GNU Lesser General Public License as published by # the Free Software Foundation; either version 2.1 of the License, or (at # your option) any later version. # # This library is distributed in the hope that it will be useful, but # WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU # Lesser General Public License for more details. # # You should have received a copy of the GNU Lesser General Public # License along with this library; if not, see <http://www.gnu.org/licenses/>. # # /etc/init.d/nginx # and its symbolic link # /(usr/)sbin/rcnginx # # Template system startup script for some example service/daemon nginx # # LSB compatible service control script; see http://www.linuxbase.org/spec/ # # Note: This template uses functions rc_XXX defined in /etc/rc.status on # UnitedLinux/SUSE/Novell based Linux distributions. If you want to base your # script on this template and ensure that it works on non UL based LSB # compliant Linux distributions, you either have to provide the rc.status # functions from UL or change the script to work without them. # See skeleton.compat for a template that works with other distros as well. # ### BEGIN INIT INFO # Provides: nginx # Required-Start: $syslog $remote_fs # Should-Start: $time ypbind sendmail # Required-Stop: $syslog $remote_fs # Should-Stop: $time ypbind sendmail # Default-Start: 3 5 # Default-Stop: 0 1 2 6 # Short-Description: nginx # Description: nginx ### END INIT INFO # # Any extensions to the keywords given above should be preceeded by # X-VendorTag- (X-UnitedLinux- X-SuSE- for us) according to LSB. # # Notes on Required-Start/Should-Start: # * There are two different issues that are solved by Required-Start # and Should-Start # (a) Hard dependencies: This is used by the runlevel editor to determine # which services absolutely need to be started to make the start of # this service make sense. Example: nfsserver should have # Required-Start: $portmap # Also, required services are started before the dependent ones. # The runlevel editor will warn about such missing hard dependencies # and suggest enabling. During system startup, you may expect an error, # if the dependency is not fulfilled. # (b) Specifying the init script ordering, not real (hard) dependencies. # This is needed by insserv to determine which service should be # started first (and at a later stage what services can be started # in parallel). The tag Should-Start: is used for this. # It tells, that if a service is available, it should be started # before. If not, never mind. # * When specifying hard dependencies or ordering requirements, you can # use names of services (contents of their Provides: section) # or pseudo names starting with a $. The following ones are available # according to LSB (1.1): # $local_fs all local file systems are mounted # (most services should need this!) # $remote_fs all remote file systems are mounted # (note that /usr may be remote, so # many services should Require this!) # $syslog system logging facility up # $network low level networking (eth card, ...) # $named hostname resolution available # $netdaemons all network daemons are running # The $netdaemons pseudo service has been removed in LSB 1.2. # For now, we still offer it for backward compatibility. # These are new (LSB 1.2): # $time the system time has been set correctly # $portmap SunRPC portmapping service available # UnitedLinux extensions: # $ALL indicates that a script should be inserted # at the end # * The services specified in the stop tags # (Required-Stop/Should-Stop) # specify which services need to be still running when this service # is shut down. Often the entries there are just copies or a subset # from the respective start tag. # * Should-Start/Stop are now part of LSB as of 2.0, # formerly SUSE/Unitedlinux used X-UnitedLinux-Should-Start/-Stop. # insserv does support both variants. # * X-UnitedLinux-Default-Enabled: yes/no is used at installation time # (%fillup_and_insserv macro in %post of many RPMs) to specify whether # a startup script should default to be enabled after installation. # It's not used by insserv. # # Note on runlevels: # 0 - halt/poweroff 6 - reboot # 1 - single user 2 - multiuser without network exported # 3 - multiuser w/ network (text mode) 5 - multiuser w/ network and X11 (xdm) # # Note on script names: # http://www.linuxbase.org/spec/refspecs/LSB_1.3.0/gLSB/gLSB/scrptnames.html # A registry has been set up to manage the init script namespace. # http://www.lanana.org/ # Please use the names already registered or register one or use a # vendor prefix. # Check for missing binaries (stale symlinks should not happen) # Note: Special treatment of stop for LSB conformance NGINX_BIN=/usr/sbin/nginx test -x $NGINX_BIN || { echo "$NGINX_BIN not installed"; if [ "$1" = "stop" ]; then exit 0; else exit 5; fi; } NGINX_PID=/var/run/nginx.pid # Check for existence of needed config file and read it #NGINX_CONFIG=/etc/sysconfig/nginx #test -r $NGINX_CONFIG || { echo "$NGINX_CONFIG not existing"; # if [ "$1" = "stop" ]; then exit 0; # else exit 6; fi; } # # Read config #. $NGINX_CONFIG # Source LSB init functions # providing start_daemon, killproc, pidofproc, # log_success_msg, log_failure_msg and log_warning_msg. # This is currently not used by UnitedLinux based distributions and # not needed for init scripts for UnitedLinux only. If it is used, # the functions from rc.status should not be sourced or used. #. /lib/lsb/init-functions # Shell functions sourced from /etc/rc.status: # rc_check check and set local and overall rc status # rc_status check and set local and overall rc status # rc_status -v be verbose in local rc status and clear it afterwards # rc_status -v -r ditto and clear both the local and overall rc status # rc_status -s display "skipped" and exit with status 3 # rc_status -u display "unused" and exit with status 3 # rc_failed set local and overall rc status to failed # rc_failed <num> set local and overall rc status to <num> # rc_reset clear both the local and overall rc status # rc_exit exit appropriate to overall rc status # rc_active checks whether a service is activated by symlinks . /etc/rc.status # Reset status of this service rc_reset # Return values acc. to LSB for all commands but status: # 0 - success # 1 - generic or unspecified error # 2 - invalid or excess argument(s) # 3 - unimplemented feature (e.g. "reload") # 4 - user had insufficient privileges # 5 - program is not installed # 6 - program is not configured # 7 - program is not running # 8--199 - reserved (8--99 LSB, 100--149 distrib, 150--199 appl) # # Note that starting an already running service, stopping # or restarting a not-running service as well as the restart # with force-reload (in case signaling is not supported) are # considered a success. case "$1" in start) echo -n "Starting nginx " ## Start daemon with startproc(8). If this fails ## the return value is set appropriately by startproc. /sbin/startproc -p $NGINX_PID $NGINX_BIN # Remember status and be verbose rc_status -v ;; stop) echo -n "Shutting down nginx " ## Stop daemon with killproc(8) and if this fails ## killproc sets the return value according to LSB. /sbin/killproc -p $NGINX_PID -TERM $NGINX_BIN # Remember status and be verbose rc_status -v ;; try-restart|condrestart) ## Do a restart only if the service was active before. ## Note: try-restart is now part of LSB (as of 1.9). ## RH has a similar command named condrestart. if test "$1" = "condrestart"; then echo "${attn} Use try-restart ${done}(LSB)${attn} rather than condrestart ${warn}(RH)${norm}" fi $0 status if test $? = 0; then $0 restart else rc_reset # Not running is not a failure. fi # Remember status and be quiet rc_status ;; restart) ## Stop the service and regardless of whether it was ## running or not, start it again. $0 stop $0 start # Remember status and be quiet rc_status ;; force-reload) ## Signal the daemon to reload its config. Most daemons ## do this on signal 1 (SIGHUP). ## If it does not support it, restart the service if it ## is running. echo -n "Reload service nginx " ## if it supports it: /sbin/killproc -p $NGINX_PID -HUP $NGINX_BIN #touch /var/run/nginx.pid rc_status -v ## Otherwise: #$0 try-restart #rc_status ;; reload) ## Like force-reload, but if daemon does not support ## signaling, do nothing (!) # If it supports signaling: echo -n "Reload service nginx " /sbin/killproc -p $NGINX_PID -HUP $NGINX_BIN #touch /var/run/nginx.pid rc_status -v ## Otherwise if it does not support reload: #rc_failed 3 #rc_status -v ;; reopen) echo -n "Reopen the logfiles " /sbin/killproc -p $NGINX_PID -USR1 $NGINX_BIN rc_status -v ;; status) echo -n "Checking for service nginx " ## Check status with checkproc(8), if process is running ## checkproc will return with exit status 0. # Return value is slightly different for the status command: # 0 - service up and running # 1 - service dead, but /var/run/ pid file exists # 2 - service dead, but /var/lock/ lock file exists # 3 - service not running (unused) # 4 - service status unknown :-( # 5--199 reserved (5--99 LSB, 100--149 distro, 150--199 appl.) # NOTE: checkproc returns LSB compliant status values. /sbin/checkproc -p $NGINX_PID $NGINX_BIN # NOTE: rc_status knows that we called this init script with # "status" option and adapts its messages accordingly. rc_status -v ;; probe) ## Optional: Probe for the necessity of a reload, print out the ## argument to this init script which is required for a reload. ## Note: probe is not (yet) part of LSB (as of 1.9) test /etc/nginx/nginx.conf -nt /var/run/nginx.pid && echo reload ;; *) echo "Usage: $0 {start|stop|status|try-restart|restart|force-reload|reload|probe}" exit 1 ;; esac rc_exit ++++++ nginx.logrotate ++++++ /var/log/nginx/*.log { compress dateext maxage 365 rotate 99 size=+4096k missingok notifempty create 644 root root postrotate /etc/init.d/nginx reopen endscript } ++++++ nginx.rpmlintrc ++++++ # user nginx needs write permissions to /var/log/nginx so nginx is able to reopen the logs addFilter("nginx.*: W: suse-logrotate-user-writable-log-dir /var/log/nginx nginx:nginx 0750") ++++++ nginx.service ++++++ [Unit] Description=The nginx HTTP and reverse proxy server After=syslog.target network.target remote-fs.target nss-lookup.target [Service] Type=forking PIDFile=/run/nginx.pid ExecStartPre=/usr/sbin/nginx -t ExecStart=/usr/sbin/nginx ExecReload=/bin/kill -s HUP $MAINPID ExecStop=/bin/kill -s QUIT $MAINPID [Install] WantedBy=multi-user.target++++++ patch.2013.space.txt ++++++ --- src/http/ngx_http_parse.c +++ src/http/ngx_http_parse.c @@ -617,6 +617,7 @@ ngx_http_parse_request_line(ngx_http_req default: r->space_in_uri = 1; state = sw_check_uri; + p--; break; } break; @@ -670,6 +671,7 @@ ngx_http_parse_request_line(ngx_http_req default: r->space_in_uri = 1; state = sw_uri; + p--; break; } break; -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
