commit: 4a33b110e36087f1a5e43e47dd846f7bf26b4414
Author: Thomas Deutschmann <whissi <AT> gentoo <DOT> org>
AuthorDate: Thu Dec 13 15:37:16 2018 +0000
Commit: Thomas Deutschmann <whissi <AT> gentoo <DOT> org>
CommitDate: Thu Dec 13 15:39:29 2018 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4a33b110
www-servers/nginx: http_auth_pam: adjust loglevel for auth failures
Package-Manager: Portage-2.3.52, Repoman-2.3.12
Signed-off-by: Thomas Deutschmann <whissi <AT> gentoo.org>
...just-loglevel-for-authentication-failures.patch | 22 ++++++++++++++++++++++
...{nginx-1.14.2.ebuild => nginx-1.14.2-r1.ebuild} | 6 ++++++
...{nginx-1.15.7.ebuild => nginx-1.15.7-r1.ebuild} | 6 ++++++
3 files changed, 34 insertions(+)
diff --git
a/www-servers/nginx/files/http_auth_pam-1.5.1-adjust-loglevel-for-authentication-failures.patch
b/www-servers/nginx/files/http_auth_pam-1.5.1-adjust-loglevel-for-authentication-failures.patch
new file mode 100644
index 00000000000..632dcdee50e
--- /dev/null
+++
b/www-servers/nginx/files/http_auth_pam-1.5.1-adjust-loglevel-for-authentication-failures.patch
@@ -0,0 +1,22 @@
+https://github.com/sto/ngx_http_auth_pam_module/pull/18
+
+--- a/ngx_http_auth_pam_module.c
++++ b/ngx_http_auth_pam_module.c
+@@ -348,7 +348,7 @@ ngx_http_auth_pam_authenticate(ngx_http_request_t *r,
+ /* try to authenticate user, log error on failure */
+ if ((rc = pam_authenticate(pamh,
+ PAM_DISALLOW_NULL_AUTHTOK)) != PAM_SUCCESS) {
+- ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
++ ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
+ "PAM: user '%s' - not authenticated: %s",
+ ainfo.username.data, pam_strerror(pamh, rc));
+ pam_end(pamh, PAM_SUCCESS);
+@@ -357,7 +357,7 @@ ngx_http_auth_pam_authenticate(ngx_http_request_t *r,
+
+ /* check that the account is healthy */
+ if ((rc = pam_acct_mgmt(pamh, PAM_DISALLOW_NULL_AUTHTOK)) != PAM_SUCCESS)
{
+- ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
++ ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
+ "PAM: user '%s' - invalid account: %s",
+ ainfo.username.data, pam_strerror(pamh, rc));
+ pam_end(pamh, PAM_SUCCESS);
diff --git a/www-servers/nginx/nginx-1.14.2.ebuild
b/www-servers/nginx/nginx-1.14.2-r1.ebuild
similarity index 99%
rename from www-servers/nginx/nginx-1.14.2.ebuild
rename to www-servers/nginx/nginx-1.14.2-r1.ebuild
index 66b09925f1e..08100e45578 100644
--- a/www-servers/nginx/nginx-1.14.2.ebuild
+++ b/www-servers/nginx/nginx-1.14.2-r1.ebuild
@@ -381,6 +381,12 @@ src_prepare() {
eapply "${FILESDIR}/${PN}-1.4.1-fix-perl-install-path.patch"
eapply "${FILESDIR}/${PN}-httpoxy-mitigation-r1.patch"
+ if use nginx_modules_http_auth_pam; then
+ cd "${HTTP_AUTH_PAM_MODULE_WD}" || die
+ eapply
"${FILESDIR}"/http_auth_pam-1.5.1-adjust-loglevel-for-authentication-failures.patch
+ cd "${S}" || die
+ fi
+
if use nginx_modules_http_brotli; then
cd "${HTTP_BROTLI_MODULE_WD}" || die
eapply "${FILESDIR}"/http_brotli-detect-brotli-r2.patch
diff --git a/www-servers/nginx/nginx-1.15.7.ebuild
b/www-servers/nginx/nginx-1.15.7-r1.ebuild
similarity index 99%
rename from www-servers/nginx/nginx-1.15.7.ebuild
rename to www-servers/nginx/nginx-1.15.7-r1.ebuild
index e873f4b5416..6fbcd2eaad4 100644
--- a/www-servers/nginx/nginx-1.15.7.ebuild
+++ b/www-servers/nginx/nginx-1.15.7-r1.ebuild
@@ -381,6 +381,12 @@ src_prepare() {
eapply "${FILESDIR}/${PN}-1.4.1-fix-perl-install-path.patch"
eapply "${FILESDIR}/${PN}-httpoxy-mitigation-r1.patch"
+ if use nginx_modules_http_auth_pam; then
+ cd "${HTTP_AUTH_PAM_MODULE_WD}" || die
+ eapply
"${FILESDIR}"/http_auth_pam-1.5.1-adjust-loglevel-for-authentication-failures.patch
+ cd "${S}" || die
+ fi
+
if use nginx_modules_http_brotli; then
cd "${HTTP_BROTLI_MODULE_WD}" || die
eapply "${FILESDIR}"/http_brotli-detect-brotli-r2.patch
