Hello community, here is the log from the commit of package apache2 for openSUSE:Factory checked in at 2015-07-14 17:20:52 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/apache2 (Old) and /work/SRC/openSUSE:Factory/.apache2.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "apache2" Changes: -------- --- /work/SRC/openSUSE:Factory/apache2/apache2.changes 2015-06-17 16:14:59.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.apache2.new/apache2.changes 2015-07-14 17:20:54.000000000 +0200 @@ -1,0 +2,119 @@ +Tue Jul 14 07:32:00 UTC 2015 - [email protected] + +- access_compat shared also for 11sp3 + +------------------------------------------------------------------- +Mon Jul 13 15:14:20 UTC 2015 - [email protected] + +- apache2-implicit-pointer-decl.patch renamed to + httpd-implicit-pointer-decl.patch to align with other + patches names + +------------------------------------------------------------------- +Mon Jul 13 15:12:29 UTC 2015 - [email protected] + +- apachectl is now wrapper to start_apache2; therefore, it honors + HTTPD_INSTANCE variable, see README-instances.txt for details + + httpd-apachectl.patch + - httpd-2.4.10-apachectl.patch + +------------------------------------------------------------------- +Mon Jul 13 13:37:53 UTC 2015 - [email protected] + +- a2enmod/a2dismod and a2enflag/a2disflag now respect + HTTPD_INSTANCE=<instance_name> environment variable, which can be + used to specify apache instance name; sysconfig file is expected + at /etc/sysconfig/apache2@<instance_name> + (see README-instances.txt for details) + +------------------------------------------------------------------- +Mon Jul 13 11:21:43 UTC 2015 - [email protected] + +- provides suse_maintenance_mmn symbol [bnc#915666] (internal) + +------------------------------------------------------------------- +Mon Jul 13 10:05:17 UTC 2015 - [email protected] + +- credits to Roman Drahtmueller: + * add reference to /etc/permissions.local to output of %post if + setting the permissions of suexec2 fails + * do not enable mod_php5 by default any longer + * httpd-2.0.49-log_server_status.dif obsoleted + * apache2-mod_ssl_npn.patch removed because not used + * include mod_reqtimeout.conf in httpd.conf + * added cgid-timeout.conf, include + it in httpd.conf +- fix default value APACHE_MODULES in sysconfig file +- %service_* macros for [email protected] + +------------------------------------------------------------------- +Mon Jul 13 09:52:21 UTC 2015 - [email protected] + +- reenable 690734.patch, it should be upstreamed by the author + (Adrian Schroeter) though + + httpd-2.4.9-bnc690734.patch + - httpd-2.2.x-bnc690734.patch + +------------------------------------------------------------------- +Mon Jul 13 09:51:34 UTC 2015 - [email protected] + +- drop startssl from start_apache2 + +------------------------------------------------------------------- +Wed Jul 1 09:41:31 UTC 2015 - [email protected] + +- allow to run multiple instances of Apache on one system + [fate#317786] (internal) + * distributed httpd.conf no longer includes sysconfig.d, nor this + directory is shipped. httpd.conf includes loadmodule.conf and + global.conf which are former sysconfig.d/loadmodule.conf and + sysconfig.d/global.conf for default /etc/sysconfig/apache2 + global.conf and loadmodule.conf are not included when + sysconfig variables could have been read by start_apache2 + startup script (run with systemd services). Therefore, when + starting server via /usr/sbin/httpd, sysconfig variables + are not taken into account. + * some not-maintained scripts are moved from + /usr/share/apache2 to /usr/share/apache2/deprecated-scripts + * all modules comment in sysconfig file is not generated + anymore + * added README-instances.txt + * removed Sources: + load_configuration + find_mpm + get_module_list + get_includes + find_httpd_includes + apache-find-directives + * added Sources: + deprecated-scripts.tar.xz + apache2-README-instances.txt + apache2-loadmodule.conf + apache2-global.conf + apache2-find-directives + [email protected] + apache2-script-helpers + +------------------------------------------------------------------- +Thu Jun 25 15:52:14 UTC 2015 - [email protected] + +- add SSLHonorCipherOrder directive to apache2-ssl-global.conf +- adopt SSLCipherSuite directive value from SLE12 +- remove default-vhost-ssl.conf and default-vhost.conf from + /etc/apache2. These two files are not (!) read by the + configuration framework, but are named *.conf, which is + misleading. The files are almost identical with the vhost + templates in /etc/apache2/vhosts.d/. The two templates there do + it right because they are not named *.conf and are not sourced + either. apache's response with no explicit (eg. default, vanilla) + configuration is contained in /etc/apache2/default-server.conf. + * remove apache2-README.default-vhost as there are no + default-vhost* files anymore. + +------------------------------------------------------------------- +Thu Jun 25 03:52:01 UTC 2015 - [email protected] + +- apache2.service: We have to use KillMode=mixed for the + graceful stop, restart to work properly. + +------------------------------------------------------------------- Old: ---- apache-find-directives apache2-README.default-vhost apache2-default-vhost-ssl.conf apache2-default-vhost.conf apache2-implicit-pointer-decl.patch find_httpd_includes find_mpm get_includes get_module_list httpd-2.2.x-bnc690734.patch httpd-2.4.10-apachectl.patch load_configuration New: ---- apache2-README-instances.txt apache2-find-directives apache2-global.conf apache2-loadmodule.conf apache2-mod_cgid-timeout.conf apache2-script-helpers [email protected] deprecated-scripts.tar.xz httpd-2.4.9-bnc690734.patch httpd-apachectl.patch httpd-implicit-pointer-decl.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ apache2.spec ++++++ --- /var/tmp/diff_new_pack.0wUGZI/_old 2015-07-14 17:20:56.000000000 +0200 +++ /var/tmp/diff_new_pack.0wUGZI/_new 2015-07-14 17:20:56.000000000 +0200 @@ -17,6 +17,7 @@ %define apache_mmn %(test -s %{SOURCE0} && { echo -n apache_mmn_; bzcat %{SOURCE0} | awk '/^#define MODULE_MAGIC_NUMBER_MAJOR/ {printf "%d", $3}'; }) +%define suse_maintenance_mmn 0 %define default_mpm prefork %{!?prefork:%define prefork 1} %{!?worker:%define worker 1} @@ -46,7 +47,7 @@ %define mods_static unixd systemd %else %define runtimedir %{_localstatedir}/run -%define mods_static access_compat unixd +%define mods_static unixd %endif Name: apache2 Version: 2.4.12 @@ -66,17 +67,13 @@ Source20: favicon.ico Source22: apache2-README Source23: apache2-README.QUICKSTART -Source24: apache2-README.default-vhost Source25: gensslcert Source26: apache2-README-access_compat.txt Source27: %{name}.logrotate Source28: permissions.%{name} Source29: apache-ssl-stuff.tar.bz2 -Source40: load_configuration -Source41: find_mpm -Source42: get_module_list -Source43: get_includes -Source44: find_httpd_includes +Source30: deprecated-scripts.tar.xz +Source31: apache2-README-instances.txt # sysconf_addword is part of aaa_base.rpm starting with openSUSE 11.0 # we bring our own copy for the cases where it is not available Source45: sysconf_addword @@ -100,27 +97,26 @@ Source113: apache2-ssl-global.conf Source114: apache2-mod_usertrack.conf Source115: apache2-mod_reqtimeout.conf +Source116: apache2-loadmodule.conf +Source117: apache2-global.conf +Source118: apache2-mod_cgid-timeout.conf Source130: apache2-vhost.template Source131: apache2-vhost-ssl.template -Source132: apache2-default-vhost.conf -Source133: apache2-default-vhost-ssl.conf Source140: apache2-check_forensic Source141: apache-22-24-upgrade Source142: start_apache2 Source143: apache2-systemd-ask-pass Source144: apache2.service -Source145: apache-find-directives +Source145: apache2-find-directives +Source146: [email protected] +Source147: apache2-script-helpers Patch2: httpd-2.1.3alpha-layout.dif -Patch23: httpd-2.4.10-apachectl.patch -#Patch65: httpd-2.0.49-log_server_status.dif +Patch23: httpd-apachectl.patch Patch66: httpd-2.0.54-envvars.dif Patch67: httpd-2.2.0-apxs-a2enmod.dif Patch68: httpd-2.x.x-logresolve.patch -Patch69: httpd-2.2.x-bnc690734.patch -Patch70: apache2-implicit-pointer-decl.patch -# PATCH-FEATURE-UPSTREAM apache2-mod_ssl_npn.patch [email protected] -- Add npn support to mod_ssl (needed for spdy) -#Patch108: apache2-mod_ssl_npn.patch -#Provides: apache2(mod_ssl+npn) +Patch69: httpd-2.4.9-bnc690734.patch +Patch70: httpd-implicit-pointer-decl.patch # PATCH-FEATURE-UPSTREAM httpd-2.4.3-mod_systemd.patch [email protected] simple module provides systemd integration. Patch109: httpd-2.4.3-mod_systemd.patch Patch111: httpd-visibility.patch @@ -153,6 +149,7 @@ Requires(post): textutils Recommends: apache2-%{default_mpm} Provides: %{apache_mmn} +Provides: suse_maintenance_mmn = %{suse_maintenance_mmn} Provides: http_daemon Provides: httpd Provides: suse_help_viewer @@ -189,7 +186,7 @@ Group: Productivity/Networking/Web/Servers Requires: %{name} = %{version} Provides: %{name}-MPM -# the post scriptlet executes /usr/share/apache2/get_module_list +# the post scriptlet sources /usr/share/apache2/script-helpers Requires(post): %{name} = %{version} %endif @@ -200,7 +197,7 @@ Requires: %{name} = %{version} Provides: %{name}-MPM Provides: apache:%{_sbindir}/httpd -# the post scriptlet executes /usr/share/apache2/get_module_list +# the post scriptlet sources /usr/share/apache2/script-helpers Requires(post): %{name} = %{version} %endif @@ -210,7 +207,7 @@ Group: Productivity/Networking/Web/Servers Requires: %{name} = %{version} Provides: %{name}-MPM -# the post scriptlet executes /usr/share/apache2/get_module_list +# the post scriptlet sources /usr/share/apache2/script-helpers Requires(post): %{name} = %{version} %endif @@ -294,16 +291,14 @@ to administrators of web servers in general. %prep -%setup -q -n httpd-%{version} +%setup -q -n httpd-%{version} -a30 %patch2 -p1 -%patch23 -p1 -#%patch65 -p1 +%patch23 %patch66 -p1 %patch67 -p1 %patch68 -p1 -#%patch69 +%patch69 %patch70 -p1 -#%patch108 -p1 # Systemd module enabling patch %if 0%{?suse_version} >= 1210 %patch109 -p1 @@ -317,8 +312,8 @@ cp %{SOURCE22} ./${a##%{name}-} b=$(basename %{SOURCE23}) cp %{SOURCE23} ./${b##%{name}-} -c=$(basename %{SOURCE24}) -cp %{SOURCE24} ./${c##%{name}-} +c=$(basename %{SOURCE31}) +cp %{SOURCE31} ./${c##%{name}-} d=$(basename %{SOURCE26}) cp %{SOURCE26} ./${d##%{name}-} @@ -518,7 +513,7 @@ mkdir -p %{buildroot}%{_sysconfdir}/logrotate.d install -m 644 $RPM_SOURCE_DIR/%{name}.logrotate %{buildroot}%{_sysconfdir}/logrotate.d/%{name} install -m 755 $RPM_SOURCE_DIR/apache2-check_forensic %{buildroot}/%{_bindir}/check_forensic -install -m 755 $RPM_SOURCE_DIR/apache-find-directives %{buildroot}/%{_bindir}/ +install -m 755 $RPM_SOURCE_DIR/apache2-find-directives %{buildroot}/%{_bindir}/ # # xml stuff install -d %{buildroot}%{_datadir}/omc/svcinfo.d/ @@ -529,25 +524,21 @@ tar xjf %{SOURCE29} -C %{buildroot}/%{sysconfdir} # # init script and friends -install -m 700 $RPM_SOURCE_DIR/start_apache2 %{buildroot}%{_sbindir}/ +install -m 644 $RPM_SOURCE_DIR/apache2-script-helpers %{buildroot}/%{_datadir}/%{name}/script-helpers +install -m 744 $RPM_SOURCE_DIR/start_apache2 %{buildroot}%{_sbindir}/ %if 0%{?suse_version} >= 1210 mkdir -p %{buildroot}%{_unitdir}/ install -m 700 $RPM_SOURCE_DIR/apache2-systemd-ask-pass %{buildroot}%{_sbindir}/ install -m 644 $RPM_SOURCE_DIR/apache2.service %{buildroot}%{_unitdir}/ +install -m 644 $RPM_SOURCE_DIR/[email protected] %{buildroot}%{_unitdir}/ ln -sf service %{buildroot}/%{_sbindir}/rcapache2 %else mkdir -p %{buildroot}%{_sysconfdir}/init.d install -m 744 $RPM_SOURCE_DIR/rc.%{name} %{buildroot}%{_initddir}/%{name} ln -sf ../..%{_initddir}/%{name} %{buildroot}/%{_sbindir}/rcapache2 %endif -install -m 755 $RPM_SOURCE_DIR/load_configuration %{buildroot}/%{_datadir}/%{name}/ -install -m 755 $RPM_SOURCE_DIR/find_mpm %{buildroot}/%{_datadir}/%{name}/ -install -m 755 $RPM_SOURCE_DIR/get_includes %{buildroot}/%{_datadir}/%{name}/ -install -m 755 $RPM_SOURCE_DIR/find_httpd_includes %{buildroot}/%{_datadir}/%{name}/ +cp -r deprecated-scripts %{buildroot}/%{_datadir}/%{name}/ install -m 755 $RPM_SOURCE_DIR/apache-22-24-upgrade %{buildroot}/%{_datadir}/%{name}/ -sed 's+%{_prefix}/lib+%{_libdir}+' $RPM_SOURCE_DIR/get_module_list \ - > %{buildroot}/%{_datadir}/%{name}/get_module_list -chmod 755 %{buildroot}/%{_datadir}/%{name}/get_module_list install -m 755 $RPM_SOURCE_DIR/sysconf_addword %{buildroot}/%{_datadir}/%{name}/ install -m 755 $RPM_SOURCE_DIR/a2enflag %{buildroot}/%{_sbindir} ln -s a2enflag %{buildroot}/%{_sbindir}/a2disflag @@ -555,28 +546,21 @@ ln -s a2enmod %{buildroot}/%{_sbindir}/a2dismod # # directories for files from other packages and other configuration -for i in vhosts.d sysconfig.d; do - mkdir -p %{buildroot}/%{sysconfdir}/$i -done +mkdir -p %{buildroot}/%{sysconfdir}/vhosts.d # -# make list of all modules, and install sysconfig template -for i in $(find %{buildroot}/%{libexecdir}-%{default_mpm} -name "*.so" | sort); do - modname=${i#*mod_}; modname=${modname%.so} - modname=${modname##*lib} - all_modules="$all_modules $modname" -done -all_modules=$(echo $all_modules | fmt | sed 's/\(.*\)/# \1\\/') -sed "s+@@all_modules@@+$all_modules +" $RPM_SOURCE_DIR/sysconfig.%{name} \ - > %{buildroot}/%{_var}/adm/fillup-templates/sysconfig.%{name} +# install sysconfig template +install -m 644 $RPM_SOURCE_DIR/sysconfig.%{name} \ + %{buildroot}/%{_var}/adm/fillup-templates/sysconfig.%{name} # # install configuration files: mkdir -p %{buildroot}/%{runtimedir} -touch %{buildroot}/%{sysconfdir}/sysconfig.d/include.conf mkdir -p %{buildroot}/%{sysconfdir}/conf.d for i in default-server.conf \ errors.conf \ + global.conf \ httpd.conf \ listen.conf \ + loadmodule.conf \ mod_autoindex-defaults.conf \ mod_info.conf \ mod_log_config.conf \ @@ -585,6 +569,8 @@ mod_userdir.conf \ mod_usertrack.conf \ server-tuning.conf \ + mod_reqtimeout.conf \ + mod_cgid-timeout.conf \ ssl-global.conf do install -m 644 $RPM_SOURCE_DIR/apache2-$i %{buildroot}/%{sysconfdir}/$i @@ -608,11 +594,6 @@ install -m 644 %{SOURCE130} %{buildroot}/%{sysconfdir}/vhosts.d/vhost.template install -m 644 %{SOURCE131} %{buildroot}/%{sysconfdir}/vhosts.d/vhost-ssl.template install -m 644 %{SOURCE104} %{buildroot}/%{sysconfdir}/conf.d/manual.conf -# install default vhost -dvh=$(basename %{SOURCE132}) -install -m 644 %{SOURCE132} %{buildroot}/%{sysconfdir}/${dvh##%{name}-} -dvhs=$(basename %{SOURCE133}) -install -m 644 %{SOURCE133} %{buildroot}/%{sysconfdir}/${dvhs##%{name}-} # for mod_auth_ldap install -m 644 docs/conf/charset.conv %{buildroot}/%{sysconfdir}/ @@ -727,7 +708,11 @@ # and validate httpd.conf file # pushd %{buildroot}/%{sysconfdir} -for i in *.conf; do cp $i $i.test; done +for i in *.conf; do + # loadmodule.conf.test will be created later + [ "$i" == loadmodule.conf ] && continue + cp $i $i.test; +done sed -e 's+%{_libdir}+'%{buildroot}'%{_libdir}+' \ -e 's+%{_localstatedir}/run+'%{buildroot}'%{_localstatedir}/run+' \ -e 's+%{sysconfdir}+'%{buildroot}'%{sysconfdir}+' \ @@ -737,24 +722,24 @@ httpd.conf > httpd.conf.test sed -e 's+%{sysconfdir}+'%{buildroot}'%{sysconfdir}+' \ default-server.conf > default-server.conf.test -touch sysconfig.d/global.conf.test -touch sysconfig.d/include.conf.test +sed -i 's+%{_localstatedir}/log+'%{buildroot}'%{_localstatedir}/log+' \ + global.conf.test + popd pushd %{buildroot} for i in $(export LC_ALL=C; find .%{libexecdir}-%{default_mpm} -name "*.so" | sort); do mod_id=${i#*mod_}; mod_id=${mod_id%.so}_module mod_path= - echo LoadModule $mod_id %{buildroot}/${i#.} >> .%{sysconfdir}/sysconfig.d/loadmodule.conf.test + echo LoadModule $mod_id %{buildroot}/${i#.} >> .%{sysconfdir}/loadmodule.conf.test done # auth_ldap_module needs to be loaded after ldap_module -echo -e "/authnz_ldap\n+\n-m/ldap\nwq" | ed -s ./%{sysconfdir}/sysconfig.d/loadmodule.conf.test +echo -e "/authnz_ldap\n+\n-m/ldap\nwq" | ed -s ./%{sysconfdir}/loadmodule.conf.test popd LD_LIBRARY_PATH=%{buildroot}%{_libdir} \ %{buildroot}/%{_sbindir}/httpd-%{default_mpm} \ -e debug -t -f %{buildroot}/%{sysconfdir}/httpd.conf.test || exit 1 rm %{buildroot}/%{sysconfdir}/*.test -rm %{buildroot}/%{sysconfdir}/sysconfig.d/* mv %{buildroot}/%{sysconfdir}/original . %files -f filelist @@ -771,8 +756,6 @@ %doc robots.txt %doc printenv %doc test-cgi -#%doc httpd-std.conf-* -#%doc ssl-std.conf %doc httpd.conf.default %doc original %attr(750,root,root) %dir %{logfiledir} @@ -792,11 +775,11 @@ %{sysconfdir}/ssl.*/README* %dir %{sysconfdir}/conf.d %dir %{sysconfdir}/vhosts.d -%dir %{sysconfdir}/sysconfig.d %config(noreplace) %{_sysconfdir}/logrotate.d/%{name} %{_datadir}/omc/svcinfo.d/apache2.xml %if 0%{?suse_version} >= 1210 %{_unitdir}/apache2.service +%{_unitdir}/[email protected] %{_sbindir}/apache2-systemd-ask-pass %else %{_initddir}/%{name} @@ -823,11 +806,8 @@ %dir %{installbuilddir} %dir %{_datadir}/%{name} %{_datadir}/%{name}/apache-22-24-upgrade -%{_datadir}/%{name}/get_module_list -%{_datadir}/%{name}/get_includes -%{_datadir}/%{name}/find_httpd_includes -%{_datadir}/%{name}/find_mpm -%{_datadir}/%{name}/load_configuration +%{_datadir}/%{name}/deprecated-scripts +%{_datadir}/%{name}/script-helpers %{_datadir}/%{name}/sysconf_addword %config %{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/%{name} %config %{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/%{name}-ssl @@ -1240,7 +1220,7 @@ %{_bindir}/check_forensic2 %{_bindir}/dbmmanage %{_bindir}/dbmmanage2 -%{_bindir}/apache-find-directives +%{_bindir}/apache2-find-directives %{_bindir}/gensslcert %{_bindir}/htdbm %{_bindir}/htdbm2 @@ -1264,30 +1244,41 @@ %if %{prefork} %post prefork -%{_datadir}/%{name}/get_module_list >/dev/null 2>&1 +# install /usr/sbin/httpd +. /usr/share/apache2/script-helpers +find_mpm +ln -sf $HTTPD_SBIN_BASE-$HTTPD_MPM $HTTPD_SBIN_BASE exit 0 %endif %if %{worker} %post worker -%{_datadir}/%{name}/get_module_list >/dev/null 2>&1 +# install /usr/sbin/httpd +. /usr/share/apache2/script-helpers +find_mpm +ln -sf $HTTPD_SBIN_BASE-$HTTPD_MPM $HTTPD_SBIN_BASE exit 0 %endif %if %{event} %post event -%{_datadir}/%{name}/get_module_list >/dev/null 2>&1 +# install /usr/sbin/httpd +. /usr/share/apache2/script-helpers +find_mpm +ln -sf $HTTPD_SBIN_BASE-$HTTPD_MPM $HTTPD_SBIN_BASE exit 0 %endif %pre %if 0%{?suse_version} >= 1210 %service_add_pre apache2.service +%service_add_pre [email protected] %endif %preun %if 0%{?suse_version} >= 1210 %service_del_preun apache2.service +%service_del_preun [email protected] %endif for i in %{_sbindir}/httpd \ %{installbuilddir}/config_vars.mk @@ -1299,6 +1290,7 @@ %postun %if 0%{?suse_version} >= 1210 %service_del_postun apache2.service +%service_del_postun [email protected] %else %insserv_cleanup %endif @@ -1307,7 +1299,7 @@ %if 0%{?suse_version} <= 1130 %run_permissions %else -%set_permissions %{_sbindir}/suexec +%set_permissions %{_sbindir}/suexec || echo "Please check /etc/permissions.local for settings of /usr/sbin/suexec2 ." %endif # wwwadmin group existed in past remove after openSUSE-13.2 out of support scope if grep -q "^wwwadmin:" %{_sysconfdir}/group; then @@ -1324,6 +1316,7 @@ %{fillup_only apache2} %if 0%{?suse_version} >= 1210 %service_add_post apache2.service +%service_add_post [email protected] %else %{fillup_and_insserv apache2} %endif @@ -1354,7 +1347,6 @@ fi rm -rf $tmpdir -%{_datadir}/%{name}/get_module_list >/dev/null 2>&1 exit 0 %posttrans ++++++ a2enflag ++++++ --- /var/tmp/diff_new_pack.0wUGZI/_old 2015-07-14 17:20:56.000000000 +0200 +++ /var/tmp/diff_new_pack.0wUGZI/_new 2015-07-14 17:20:56.000000000 +0200 @@ -8,20 +8,26 @@ # (at your option) any later version. -sysconf=/etc/sysconfig/apache2 -var=APACHE_SERVER_FLAGS -PATH="$PATH:/usr/bin:/usr/sbin:/usr/share/apache2" - -debug=true - function usage() { - echo "$(basename $0): enable/disable a flag in $var in $sysconf" - echo + echo "$(basename $0): enable/disable a flag in $var in $sysconf" + echo echo "usage: $(basename $0) [-d] flag" - #echo " $(basename $0) -h runtests" + echo + echo "HTTPD_INSTANCE=<instance_name> environment variable can be used to specify" + echo "apache instance (see README-instances.txt); sysconfig file is expected" + echo "at /etc/sysconfig/apache2@<instance_name> ." exit 1 } +unset instance_suffix +if [ -n "$HTTPD_INSTANCE" ]; then + instance_suffix="@$HTTPD_INSTANCE" +fi + +sysconf=/etc/sysconfig/apache2$instance_suffix +var=APACHE_SERVER_FLAGS +PATH="$PATH:/usr/bin:/usr/sbin:/usr/share/apache2" + if [ $# -lt 1 ]; then usage fi ++++++ a2enmod ++++++ --- /var/tmp/diff_new_pack.0wUGZI/_old 2015-07-14 17:20:56.000000000 +0200 +++ /var/tmp/diff_new_pack.0wUGZI/_new 2015-07-14 17:20:56.000000000 +0200 @@ -8,22 +8,28 @@ # (at your option) any later version. -sysconf=/etc/sysconfig/apache2 -var=APACHE_MODULES -PATH="$PATH:/usr/bin:/usr/sbin:/usr/share/apache2" - -debug=true - function usage() { - echo "$(basename $0): enable/disable an apache module in $var in $sysconf" - echo + echo "$(basename $0): enable/disable an apache module in $var in $sysconf" + echo echo "usage: $(basename $0) [-d] module" echo " $(basename $0) -l list modules" echo " $(basename $0) -q module query if module is installed" - #echo " $(basename $0) -h runtests" + echo + echo "HTTPD_INSTANCE=<instance_name> environment variable can be used to specify" + echo "apache instance (see README-instances.txt); sysconfig file is expected" + echo "at /etc/sysconfig/apache2@<instance_name> ." exit 1 } +unset instance_suffix +if [ -n "$HTTPD_INSTANCE" ]; then + instance_suffix="@$HTTPD_INSTANCE" +fi + +sysconf=/etc/sysconfig/apache2$instance_suffix +var=APACHE_MODULES +PATH="$PATH:/usr/bin:/usr/sbin:/usr/share/apache2" + if [ $# -lt 1 ]; then usage fi ++++++ apache2-README-instances.txt ++++++ Dear System Administrator, SUSE Apache package comes with the possibility to run more instances of Apache process on one system. As always, sytemctl start apache2 activates default instance of the server, which expects sysconfig setting in /etc/sysconfig/apache2. If this file is not present, or APACHE_HTTPD_CONF in there is not set, then it requires /etc/apache2/httpd.conf. Any other instance can be activated via systemctl start apache2@<instancename> for example systemctl start [email protected] This call tries to read /etc/sysconfig/apache2@<instancename> and if this file is not present or APACHE_HTTPD_CONF is not set there, it requires /etc/apache2@<instancename>/httpd.conf. NOTES: * /etc/sysconfig/apache2@<instancename> can hold any sysconfig variable /etc/sysconfig/apache2 can, including module loading and MPM setting, * default instance do not have to run when running other instances * a2enmod, a2dismod and apachectl operates over default instance if not specified otherwise via HTTPD_INSTANCE. For example, export HTTPD_INSTANCE=myweb.org a2enmod access_compat a2enmod status apachectl start will add access_compat and status modules to APACHE_MODULES variable of /etc/sysconfig/[email protected] and then starts myweb.org instance. ++++++ apache-find-directives -> apache2-find-directives ++++++ ++++++ apache2-global.conf ++++++ ServerSignature off UseCanonicalName off ServerTokens ProductOnly LogLevel warn CustomLog /var/log/apache2/access_log combined ++++++ apache2-httpd.conf ++++++ --- /var/tmp/diff_new_pack.0wUGZI/_old 2015-07-14 17:20:56.000000000 +0200 +++ /var/tmp/diff_new_pack.0wUGZI/_new 2015-07-14 17:20:56.000000000 +0200 @@ -24,12 +24,14 @@ # | # |-- uid.conf . . . . . . . . . . . . . . UserID/GroupID to run under # |-- server-tuning.conf . . . . . . . . . sizing of the server (how many processes to start, ...) -# |-- sysconfig.d/loadmodule.conf . . . . . [*] load these modules +# |-- loadmodule.conf . . . . . . . . . . . [*] load these modules # |-- listen.conf . . . . . . . . . . . . . IP adresses / ports to listen on # |-- mod_log_config.conf . . . . . . . . . define logging formats -# |-- sysconfig.d/global.conf . . . . . . . [*] server-wide general settings +# |-- global.conf . . . . . . . . . . . . . [*] server-wide general settings # |-- mod_status.conf . . . . . . . . . . . restrict access to mod_status (server monitoring) # |-- mod_info.conf . . . . . . . . . . . . restrict access to mod_info +# |-- mod_reqtimeout.conf . . . . . . . . . set timeout and minimum data rate for receiving requests +# |-- mod_cgid-timeout.conf . . . . . . . . set CGIDScriptTimeout if mod_cgid is loaded/active # |-- mod_usertrack.conf . . . . . . . . . defaults for cookie-based user tracking # |-- mod_autoindex-defaults.conf . . . . . defaults for displaying of server-generated directory listings # |-- mod_mime-defaults.conf . . . . . . . defaults for mod_mime configuration @@ -40,16 +42,13 @@ # | |--mod_userdir.conf . . . . . . . . enable UserDir (if mod_userdir is loaded) # | `--conf.d/apache2-manual?conf . . . add the docs ('?' = if installed) # | -# |-- sysconfig.d/include.conf . . . . . . [*] your include files -# | (for each file to be included here, put its name -# | into APACHE_INCLUDE_* in /etc/sysconfig/apache2) -# | # `-- vhosts.d/ . . . . . . . . . . . . . . for each virtual host, place one file here # `-- *.conf . . . . . . . . . . . . . (*.conf is automatically included) # # -# Files marked [*] are created from sysconfig upon server restart: instead of -# these files, you edit /etc/sysconfig/apache2 +# Files marked [*] are NOT read when server is started via systemd service. When server +# is started via service, defaults from /etc/sysconfig/apache2 are taken into account. +# @@ -82,10 +81,8 @@ # |-- ssl.csr/ . . . . . . . . . . . . . . PEM-encoded X.509 Certificate Signing Requests # |-- ssl.key/ . . . . . . . . . . . . . . PEM-encoded RSA Private Keys # |-- ssl.prm/ . . . . . . . . . . . . . . public DSA Parameter Files -# |-- sysconfig.d/ . . . . . . . . . . . . files that are created from /etc/sysconfig/apache2 -# | |-- global.conf -# | |-- include.conf -# | `-- loadmodule.conf +# |-- global.conf +# |-- loadmodule.conf # |-- uid.conf # `-- vhosts.d/ . . . . . . . . . . . . . . put your virtual host configuration (*.conf) here # |-- vhost-ssl.template @@ -112,8 +109,10 @@ # container, that host's errors will be logged there and not here. ErrorLog /var/log/apache2/error_log -# generated from APACHE_MODULES in /etc/sysconfig/apache2 -Include /etc/apache2/sysconfig.d/loadmodule.conf +# generated from default value of APACHE_MODULES in /etc/sysconfig/apache2 +<IfDefine !SYSCONFIG> + Include /etc/apache2/loadmodule.conf +</IfDefine> # IP addresses / ports to listen on Include /etc/apache2/listen.conf @@ -121,13 +120,29 @@ # predefined logging formats Include /etc/apache2/mod_log_config.conf -# generated from global settings in /etc/sysconfig/apache2 -Include /etc/apache2/sysconfig.d/global.conf +# generated from default values of global settings in /etc/sysconfig/apache2 +<IfDefine !SYSCONFIG> + Include /etc/apache2/global.conf +</IfDefine> # optional mod_status, mod_info Include /etc/apache2/mod_status.conf Include /etc/apache2/mod_info.conf +# mod_reqtimeout protects the server from the so-called "slowloris" +# attack: The server is not swamped with requests in fast succession, +# but with slowly transmitted request headers and body, thereby filling up +# the request slots until the server runs out of them. +# mod_reqtimeout is lightweight and should deliver good results +# with the configured default values. You shouldn't notice it at all. +Include /etc/apache2/mod_reqtimeout.conf + +# Fix for CVE-2014-0231 introduces new configuration parameter +# CGIDScriptTimeout. This directive and its effect prevent request +# workers to be eaten until starvation if cgi programs do not send +# output back to the server within the timout set by CGIDScriptTimeout. +Include /etc/apache2/mod_cgid-timeout.conf + # optional cookie-based user tracking # read the documentation before using it!! Include /etc/apache2/mod_usertrack.conf @@ -189,14 +204,6 @@ Include /etc/apache2/default-server.conf -# Another way to include your own files -# -# The file below is generated from /etc/sysconfig/apache2, -# include arbitrary files as named in APACHE_CONF_INCLUDE_FILES and -# APACHE_CONF_INCLUDE_DIRS -Include /etc/apache2/sysconfig.d/include.conf - - ### Virtual server configuration ############################################ # # VirtualHost: If you want to maintain multiple domains/hostnames on your ++++++ apache2-loadmodule.conf ++++++ LoadModule actions_module /usr/lib64/apache2-prefork/mod_actions.so LoadModule alias_module /usr/lib64/apache2-prefork/mod_alias.so LoadModule auth_basic_module /usr/lib64/apache2-prefork/mod_auth_basic.so LoadModule authn_file_module /usr/lib64/apache2-prefork/mod_authn_file.so LoadModule authz_host_module /usr/lib64/apache2-prefork/mod_authz_host.so LoadModule authz_groupfile_module /usr/lib64/apache2-prefork/mod_authz_groupfile.so LoadModule authz_user_module /usr/lib64/apache2-prefork/mod_authz_user.so LoadModule autoindex_module /usr/lib64/apache2-prefork/mod_autoindex.so LoadModule cgi_module /usr/lib64/apache2-prefork/mod_cgi.so LoadModule dir_module /usr/lib64/apache2-prefork/mod_dir.so LoadModule env_module /usr/lib64/apache2-prefork/mod_env.so LoadModule expires_module /usr/lib64/apache2-prefork/mod_expires.so LoadModule include_module /usr/lib64/apache2-prefork/mod_include.so LoadModule log_config_module /usr/lib64/apache2-prefork/mod_log_config.so LoadModule mime_module /usr/lib64/apache2-prefork/mod_mime.so LoadModule negotiation_module /usr/lib64/apache2-prefork/mod_negotiation.so LoadModule setenvif_module /usr/lib64/apache2-prefork/mod_setenvif.so LoadModule ssl_module /usr/lib64/apache2-prefork/mod_ssl.so LoadModule socache_shmcb_module /usr/lib64/apache2-prefork/mod_socache_shmcb.so LoadModule userdir_module /usr/lib64/apache2-prefork/mod_userdir.so LoadModule reqtimeout_module /usr/lib64/apache2-prefork/mod_reqtimeout.so LoadModule authn_core_module /usr/lib64/apache2-prefork/mod_authn_core.so LoadModule authz_core_module /usr/lib64/apache2-prefork/mod_authz_core.so ++++++ apache2-mod_cgid-timeout.conf ++++++ # # The length of time in seconds to wait for more output # from a CGI program. # # This will prevent a DoS if too many CGI's don't send their output quickly # enough. # The value for CGIDScriptTimeout defaults to the value of Timeout. # CGIDScriptTimeout is used by mod_cgid only! # <IfModule mod_cgid.c> CGIDScriptTimeout 60 </IfModule> ++++++ apache2-script-helpers ++++++ #!/bin/bash HTTPD_SBIN_BASE="/usr/sbin/httpd" # # loads sysconfig variables into environment # # return value in: APACHE_* # function load_sysconfig { [ -n "$sysconfig_loaded" ] && return [ ! -f "$SYSCONFIG_FILE" ] && return . $SYSCONFIG_FILE export ${!APACHE_*} sysconfig_loaded=true } # # finds prefered multiprocessing module # # return value in: HTTPD_MPM # function find_mpm { [ -n "$mpm_found" ] && return # load sysconfig variables if they weren't yet load_sysconfig # try to read from sysconfig's APACHE_MPM HTTPD_MPM=$APACHE_MPM # if empty, then choose one from installed if [ -z "$HTTPD_MPM" ]; then # guess for i in $HTTPD_SBIN_BASE-*; do test -f $i || continue i=$(basename $i) i=${i#*-} installed_mpms=(${installed_mpms[*]} $i) done if [ -z "${installed_mpms[*]}" ]; then HTTPD_MPM="" return elif [ ${#installed_mpms[*]} = 1 ]; then HTTPD_MPM=${installed_mpms[*]} else case ${installed_mpms[*]} in *prefork*) HTTPD_MPM=prefork;; *worker*) HTTPD_MPM=worker;; *event*) HTTPD_MPM=event;; esac fi fi export HTTPD_MPM mpm_found=true } # # search for paths for wanted modules (declared in # APACHE_MODULES) # # return value in: HTTPD_MODULE_IDS # HTTPD_MODULE_PATHS # function get_module_list { load_sysconfig find_mpm for module in $APACHE_MODULES; do # special case # remove or add 'd' on in cgi module name case $module in mod_cgid|cgid) case $HTTPD_MPM in prefork) module=${module%d};; esac;; esac case $module in mod_cgi|cgi) case $HTTPD_MPM in event|worker) module=${module}d;; esac;; esac module_id=${module#mod_}_module # special case case $module_id in auth_mysql_module) module_id=mysql_auth_module;; esac unset module_path for libdir in /usr/lib64 /usr/lib; do for filepath in $libdir/apache2-$HTTPD_MPM/mod_$module.so \ $libdir/apache2-$HTTPD_MPM/$module.so \ $libdir/apache2/mod_$module.so \ $libdir/apache2/$module.so; do if [ -f $filepath ]; then module_path=$filepath break fi done if [ -n "$module_path" ]; then break fi done if [ -n "$module_path" ]; then HTTPD_MODULE_IDS="$HTTPD_MODULE_IDS $module_id" HTTPD_MODULE_PATHS="$HTTPD_MODULE_PATHS $module_path" fi done export HTTPD_MODULE_IDS export HTTPD_MODULE_PATHS } ++++++ apache2-ssl-global.conf ++++++ --- /var/tmp/diff_new_pack.0wUGZI/_old 2015-07-14 17:20:56.000000000 +0200 +++ /var/tmp/diff_new_pack.0wUGZI/_new 2015-07-14 17:20:56.000000000 +0200 @@ -77,7 +77,15 @@ # SSL Cipher Suite: # List the ciphers that the client is permitted to negotiate. # See the mod_ssl documentation for a complete list. - SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5 + # https://community.qualys.com/blogs/securitylabs/2013/08/05/configuring-apache-nginx-and-openssl-for-forward-secrecy + SSLCipherSuite EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH+aRSA+RC4:EECDH:EDH+aRSA:RC4:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS + + # SSLHonorCipherOrder + # If SSLHonorCipherOrder is disabled, then the client's preferences + # for chosing the cipher during the TLS handshake are used. + # If set to on, then the above SSLCipherSuite is used, in the order + # given, with the first supported match on both ends. + SSLHonorCipherOrder on # Server Certificate: # Point SSLCertificateFile at a PEM encoded certificate. If ++++++ apache2.service ++++++ --- /var/tmp/diff_new_pack.0wUGZI/_old 2015-07-14 17:20:56.000000000 +0200 +++ /var/tmp/diff_new_pack.0wUGZI/_new 2015-07-14 17:20:56.000000000 +0200 @@ -6,11 +6,12 @@ [Service] Type=notify PrivateTmp=true -EnvironmentFile=/etc/sysconfig/apache2 -ExecStart=/usr/sbin/start_apache2 -D SYSTEMD -DFOREGROUND -k start -ExecReload=/usr/sbin/start_apache2 -D SYSTEMD -DFOREGROUND -k graceful -ExecStop=/usr/sbin/start_apache2 -D SYSTEMD -DFOREGROUND -k graceful-stop +ExecStart=/usr/sbin/start_apache2 -DSYSTEMD -DFOREGROUND -k start +ExecReload=/usr/sbin/start_apache2 -DSYSTEMD -DFOREGROUND -k graceful +ExecStop=/usr/sbin/start_apache2 -DSYSTEMD -DFOREGROUND -k graceful-stop +KillMode=mixed [Install] WantedBy=multi-user.target Alias=httpd.service apache.service + ++++++ [email protected] ++++++ [Unit] Description=The Apache Webserver %I After=network.target nss-lookup.target time-sync.target [email protected] plymouth-quit.service xdm.service [Service] Type=notify PrivateTmp=true Environment="HTTPD_INSTANCE=%i" ExecStart=/usr/sbin/start_apache2 -DSYSTEMD -DFOREGROUND -k start ExecReload=/usr/sbin/start_apache2 -DSYSTEMD -DFOREGROUND -k graceful ExecStop=/usr/sbin/start_apache2 -DSYSTEMD -DFOREGROUND -k graceful-stop KillMode=mixed [Install] WantedBy=multi-user.target [email protected] [email protected] ++++++ httpd-2.2.x-bnc690734.patch -> httpd-2.4.9-bnc690734.patch ++++++ --- /work/SRC/openSUSE:Factory/apache2/httpd-2.2.x-bnc690734.patch 2013-03-08 09:50:02.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.apache2.new/httpd-2.4.9-bnc690734.patch 2015-07-14 17:20:54.000000000 +0200 @@ -1,14 +1,13 @@ ---- server/util_script.c.orig -+++ server/util_script.c -@@ -415,6 +415,7 @@ AP_DECLARE(int) ap_scan_script_header_er - { - char x[MAX_STRING_LEN]; - char *w, *l; +Index: server/util_script.c +=================================================================== +--- server/util_script.c.orig 2015-06-25 09:15:54.539638460 +0200 ++++ server/util_script.c 2015-06-25 09:20:48.554424220 +0200 +@@ -422,11 +422,20 @@ + apr_table_t *cookie_table; + int trace_log = APLOG_R_MODULE_IS_LEVEL(r, module_index, APLOG_TRACE1); + int first_header = 1; + int wlen; - int p; - int cgi_status = HTTP_UNSET; - apr_table_t *merge; -@@ -425,7 +426,14 @@ AP_DECLARE(int) ap_scan_script_header_er + if (buffer) { *buffer = '\0'; } @@ -21,10 +20,11 @@ + w = buffer ? buffer : x; + wlen = MAX_STRING_LEN; + } ++ /* temporary place to hold headers to merge in later */ merge = apr_table_make(r->pool, 10); -@@ -441,7 +449,7 @@ AP_DECLARE(int) ap_scan_script_header_er +@@ -442,7 +451,7 @@ while (1) { @@ -33,17 +33,19 @@ if (rv == 0) { const char *msg = "Premature end of script headers"; if (first_header) -@@ -553,9 +561,12 @@ AP_DECLARE(int) ap_scan_script_header_er +@@ -555,10 +564,13 @@ if (!(l = strchr(w, ':'))) { if (!buffer) { /* Soak up all the script output - may save an outright kill */ -- while ((*getsfunc) (w, MAX_STRING_LEN - 1, getsfunc_data)) { +- while ((*getsfunc)(w, MAX_STRING_LEN - 1, getsfunc_data) > 0) { + while ((*getsfunc) (w, wlen - 1, getsfunc_data)) { continue; } -+ } else if (w != buffer) { +- } ++ } else if (w != buffer) { + strncpy(buffer, w, MAX_STRING_LEN - 1); + buffer[MAX_STRING_LEN - 1] = 0; - } ++ } ap_log_rerror(SCRIPT_LOG_MARK, APLOG_ERR|APLOG_TOCLIENT, 0, r, + "malformed header from script '%s': Bad header: %.30s", ++++++ httpd-2.4.10-apachectl.patch -> httpd-apachectl.patch ++++++ --- /work/SRC/openSUSE:Factory/apache2/httpd-2.4.10-apachectl.patch 2015-06-10 09:15:14.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.apache2.new/httpd-apachectl.patch 2015-07-14 17:20:54.000000000 +0200 @@ -1,56 +1,27 @@ -diff -Ndurp httpd-2.4.10/support/apachectl.in httpd-2.4.10-apachectl/support/apachectl.in ---- httpd-2.4.10/support/apachectl.in 2012-02-01 05:47:28.000000000 +0200 -+++ httpd-2.4.10-apachectl/support/apachectl.in 2014-10-18 19:18:51.203692588 +0300 -@@ -42,17 +42,32 @@ ARGV="$@" + +Index: support/apachectl.in +=================================================================== +--- support/apachectl.in.orig 2012-02-01 04:47:28.000000000 +0100 ++++ support/apachectl.in 2015-07-13 17:09:06.651280087 +0200 +@@ -42,7 +42,7 @@ # -------------------- -------------------- # # the path to your httpd binary, including options if necessary -HTTPD='@exp_sbindir@/@progname@' -+HTTPD='@exp_sbindir@/httpd' ++HTTPD='@exp_sbindir@/start_apache2' # # pick up any necessary environment variables if test -f @exp_sbindir@/envvars; then - . @exp_sbindir@/envvars - fi -+ -+pname=apache2 -+sysconfig_apache=/etc/sysconfig/$pname -+sysconfdir=/etc/$pname -+ -+test -s $sysconfig_apache && . $sysconfig_apache -+httpd_conf=${APACHE_HTTPD_CONF:-$sysconfdir/httpd.conf} -+ - # +@@ -52,7 +52,11 @@ # a command that outputs a formatted text version of the HTML at the # url given on the command line. Designed for lynx, however other # programs may work. -LYNX="@LYNX_PATH@ -dump" -+ +if [ -x "`which w3m`" ]; then + LYNX="w3m -dump -cols ${COLUMNS:-80}" +elif [ -x "`which lynx`" ]; then + LYNX="lynx -dump -width=${COLUMNS:-80}" +fi -+ -+ # # the URL to your server's mod_status status page. If you do not # have one, then status and fullstatus will not work. -@@ -78,7 +93,7 @@ fi - - case $ACMD in - start|stop|restart|graceful|graceful-stop) -- $HTTPD -k $ARGV -+ $HTTPD ${httpd_conf+-f $httpd_conf} -k $ARGV - ERROR=$? - ;; - startssl|sslstart|start-SSL) -@@ -88,7 +103,7 @@ startssl|sslstart|start-SSL) - ERROR=2 - ;; - configtest) -- $HTTPD -t -+ $HTTPD ${httpd_conf+-f $httpd_conf} -t - ERROR=$? - ;; - status) ++++++ httpd-implicit-pointer-decl.patch ++++++ --- httpd-2.4.6.orig/server/request.c +++ httpd-2.4.6/server/request.c @@ -46,10 +46,13 @@ #include "util_script.h" #include "ap_expr.h" #include "mod_request.h" - +#include "http_connection.h" #include "mod_core.h" #include "mod_auth.h" +#include <unistd.h> +#include <sys/types.h> + #if APR_HAVE_STDARG_H #include <stdarg.h> #endif --- httpd-2.4.6.orig/server/config.c +++ httpd-2.4.6/server/config.c @@ -48,10 +48,14 @@ #include "http_request.h" /* for default_handler (see invoke_handler) */ #include "http_main.h" #include "http_vhost.h" +#include "http_connection.h" #include "util_cfgtree.h" #include "util_varbuf.h" #include "mpm_common.h" +#include <unistd.h> +#include <sys/types.h> + #define APLOG_UNSET (APLOG_NO_MODULE - 1) /* we know core's module_index is 0 */ #undef APLOG_MODULE_INDEX ++++++ start_apache2 ++++++ --- /var/tmp/diff_new_pack.0wUGZI/_old 2015-07-14 17:20:56.000000000 +0200 +++ /var/tmp/diff_new_pack.0wUGZI/_new 2015-07-14 17:20:56.000000000 +0200 @@ -1,4 +1,4 @@ -#!/bin/bash +#!/bin/sh # # Copyright (c) 1996, 1997, 1998 S.u.S.E. GmbH # Copyright (c) 1998, 1999, 2000, 2001 SuSE GmbH @@ -10,33 +10,52 @@ # 2008, 2009, 2010 # # -pname=apache2 -. /usr/share/$pname/load_configuration -export ${!APACHE_*} +. /usr/share/apache2/script-helpers -apache_link=/usr/sbin/httpd -apache_bin=$(/usr/share/$pname/find_mpm 2>/dev/null) -httpd_conf=${APACHE_HTTPD_CONF:-/etc/apache2/httpd.conf} - -test -L $apache_link && apache_bin=$(readlink $apache_link) +# +# which instance should we will run +# -if [ -z "$APACHE_MPM" ]; then - APACHE_MPM=${apache_bin##*-} +unset instance_suffix +if [ -n "$HTTPD_INSTANCE" ]; then + instance_suffix="@$HTTPD_INSTANCE" fi -if ! [ -x $apache_bin ]; then - echo >&2 $apache_bin-$APACHE_MPM is not a valid httpd binary. - echo >&2 Check your APACHE_MPM setting in /etc/sysconfig/$pname. - exit 5 +# +# load sysconfig variables APACHE_* from instance sysconfig +# file +# +export SYSCONFIG_FILE=/etc/sysconfig/apache2${instance_suffix} +load_sysconfig + +unset server_flags +# +# server_flags: -DSYSCONFIG +# +if [ -f "$SYSCONFIG_FILE" ]; then + server_flags="$server_flags -DSYSCONFIG" fi -# a proper home should be set, otherwise the server might end up -# with HOME=/root and some script might try to use that -HOME=/var/lib/apache2 +# +# figure out correct apache2 binary (/usr/sbin/httpd-prefork, +# /usr/sbin/httpd-worker, etc.) and serverflags +# +find_mpm +if [ -n "$HTTPD_MPM" ]; then + apache_bin="$HTTPD_SBIN_BASE-$HTTPD_MPM" + if ! [ -x $apache_bin ]; then + echo >&2 "$apache_bin-$APACHE_MPM is not a valid httpd binary." + echo >&2 "Check your APACHE_MPM setting in /etc/sysconfig/apache2." + exit 1 + fi +else + echo >&2 "${warn}No Apache binary found. No MPM package installed? $norm" + echo >&2 "Hint: install the apache2-prefork package, and try again." + exit 1 +fi -unset server_flags -case "$action" in startssl) server_flags="-DSSL";; esac +# server flags from APACHE_SERVER_FLAGS for i in $APACHE_SERVER_FLAGS; do case $i in -D) ;; @@ -44,8 +63,87 @@ *) server_flags="$server_flags -D$i";; esac done -${get_module_list_done:=false} || /usr/share/$pname/get_module_list && export get_module_list_done=true -${get_includes:=false} || /usr/share/$pname/get_includes && export get_includes_done=true -export -n ${!APACHE_*} -exec $apache_bin -f $httpd_conf $server_flags $@ +# +# head configuration file +# +httpd_conf=${APACHE_HTTPD_CONF:-/etc/apache2${instance_suffix}/httpd.conf} + +# +# set PidFile to this file name; PidFile should not +# be used in the configuration to change this, otherwise +# stopping will not work +# +pid_file=/var/run/httpd${instance_suffix}.pid + +unset sysconfig_setting +# +# involve the sysconfig variables +# +# APACHE_ACCESS_LOG +if [ -n "$APACHE_ACCESS_LOG" ]; then + sysconfig_setting=("${sysconfig_setting[@]}" "-C" "CustomLog $APACHE_ACCESS_LOG") +fi +# APACHE_CONF_INCLUDE_FILES +for file in $APACHE_CONF_INCLUDE_FILES; do + sysconfig_setting=("${sysconfig_setting[@]}" "-C" "Include $file") +done +# APACHE_CONF_INCLUDE_DIRS +for dir in $APACHE_CONF_INCLUDE_DIRS; do + sysconfig_setting=("${sysconfig_setting[@]}" "-C" "Include $dir") +done +# APACHE_SERVERADMIN +if [ -n "$APACHE_SERVERADMIN" ]; then + sysconfig_setting=("${sysconfig_setting[@]}" "-C" "ServerAdmin $APACHE_SERVERADMIN") +fi +# APACHE_SERVERNAME +if [ -n "$APACHE_SERVERNAME" ]; then + sysconfig_setting=("${sysconfig_setting[@]}" "-C" "ServerName $APACHE_SERVERNAME") +fi +# APACHE_START_TIMEOUT +# not used nowadays +# APACHE_SERVERSIGNATURE +if [ -n "$APACHE_SERVERSIGNATURE" ]; then + sysconfig_setting=("${sysconfig_setting[@]}" "-C" "ServerSignature $APACHE_SERVERSIGNATURE") +fi +# APACHE_LOGLEVEL +if [ -n "$APACHE_LOGLEVEL" ]; then + sysconfig_setting=("${sysconfig_setting[@]}" "-C" "LogLevel $APACHE_LOGLEVEL") +fi +# APACHE_USE_CANONICAL_NAME +if [ -n "$APACHE_USE_CANONICAL_NAME" ]; then + sysconfig_setting=("${sysconfig_setting[@]}" "-C" "UseCanonicalName $APACHE_USE_CANONICAL_NAME") +fi +# APACHE_SERVERTOKENS +if [ -n "$APACHE_SERVERTOKENS" ]; then + sysconfig_setting=("${sysconfig_setting[@]}" "-C" "ServerTokens $APACHE_SERVERTOKENS") +fi +# APACHE_EXTENDED_STATUS +if [ -n "$APACHE_EXTENDED_STATUS" ]; then + sysconfig_setting=("${sysconfig_setting[@]}" "-C" "ExtendedStatus $APACHE_EXTENDED_STATUS") +fi +# APACHE_MODULES +get_module_list +module_ids=($HTTPD_MODULE_IDS) +module_paths=($HTTPD_MODULE_PATHS) +for i in "${!module_ids[@]}"; do + sysconfig_setting=("${sysconfig_setting[@]}" "-C" "LoadModule ${module_ids[$i]} ${module_paths[$i]}") +done + +# +# a proper home should be set, otherwise the server might end up +# with HOME=/root and some script might try to use that +# +HOME=/var/lib/apache2${instance_suffix} + +# +# run Apache +# + +exec $apache_bin -f $httpd_conf $server_flags \ + -C "PidFile $pid_file" \ + "${sysconfig_setting[@]}" \ + $@ + +exit 0 + ++++++ sysconfig.apache2 ++++++ --- /var/tmp/diff_new_pack.0wUGZI/_old 2015-07-14 17:20:56.000000000 +0200 +++ /var/tmp/diff_new_pack.0wUGZI/_new 2015-07-14 17:20:56.000000000 +0200 @@ -30,7 +30,7 @@ APACHE_CONF_INCLUDE_DIRS="" ## Type: string -## Default: "actions alias auth_basic authz_host authn_file authz_groupfile authz_default authz_user autoindex cgi dir env expires include log_config mime negotiation setenvif ssl suexec userdir php5" +## Default: "actions alias auth_basic authn_file authz_host authz_groupfile authz_core authz_user autoindex cgi dir env expires include log_config mime negotiation setenvif ssl socache_shmcb userdir reqtimeout" ## ServiceRestart: apache2 # # [It might look silly to not simply edit httpd.conf for the LoadModule statements. @@ -38,9 +38,7 @@ # switching between MPMs can be quite a hassle. It's easier to just give the names here.] # # * list of all modules shipped with the base distribution: -# -@@all_modules@@ -# +# see /usr/lib64/apache2-$MPM # see http://httpd.apache.org/docs/2.4/mod/ ! # # * It pays to use IfDefine statements... like @@ -79,7 +77,7 @@ # apache's default installation # APACHE_MODULES="authz_host actions alias asis auth autoindex cgi dir imap include log_config mime negotiation setenvif status userdir" # your settings -APACHE_MODULES="actions alias auth_basic authn_file authz_host authz_groupfile authz_core authz_user autoindex cgi dir env expires include log_config mime negotiation setenvif ssl socache_shmcb userdir php5 reqtimeout" +APACHE_MODULES="actions alias auth_basic authn_file authz_host authz_groupfile authz_core authz_user autoindex cgi dir env expires include log_config mime negotiation setenvif ssl socache_shmcb userdir reqtimeout" ## Type: string
