Hello community, here is the log from the commit of package matomo for openSUSE:Factory checked in at 2019-12-21 12:34:51 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/matomo (Old) and /work/SRC/openSUSE:Factory/.matomo.new.6675 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "matomo" Sat Dec 21 12:34:51 2019 rev:20 rq:758646 version:3.13.0 Changes: -------- --- /work/SRC/openSUSE:Factory/matomo/matomo.changes 2019-12-12 23:20:10.966202609 +0100 +++ /work/SRC/openSUSE:Factory/.matomo.new.6675/matomo.changes 2019-12-21 12:35:07.751470171 +0100 @@ -1,0 +2,13 @@ +Thu Dec 12 11:22:26 UTC 2019 - Lars Vogdt <[email protected]> + +- moved the update message in post to the right position +- disable some (unused) php functions +- use open basedir +- add newly required php modules: + php-ctype, php-dom, php-iconv, php-tokenizer, php-xmlreader, + php-xmlwriter, php-zlibm +- define locations of web-, log- and config directories dynamically +- allow to enable compression +- enhanced README.SUSE + +------------------------------------------------------------------- ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ matomo.spec ++++++ --- /var/tmp/diff_new_pack.TThWDS/_old 2019-12-21 12:35:09.535471019 +0100 +++ /var/tmp/diff_new_pack.TThWDS/_new 2019-12-21 12:35:09.535471019 +0100 @@ -1,7 +1,7 @@ # # spec file for package matomo # -# Copyright (c) 2019 SUSE LLC +# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -58,9 +58,6 @@ BuildRequires: fdupes BuildRequires: logrotate BuildRequires: mariadb -#BuildRequires: php-json -#BuildRequires: php-mbstring -#BuildRequires: php-pdo BuildRequires: systemd BuildRequires: unzip Requires: apache2 @@ -68,12 +65,21 @@ Requires: logrotate Requires: mariadb Requires: mod_php_any >= 5.5.9 +Requires: php-ctype Requires: php-curl +Requires: php-dom Requires: php-gd +Requires: php-iconv Requires: php-json Requires: php-mbstring Requires: php-mysql +#Requires: php-openssl Requires: php-pdo +#Requires: php-sqlite +Requires: php-tokenizer +Requires: php-xmlreader +Requires: php-xmlwriter +Requires: php-zlib %{?systemd_requires} Recommends: php-geoip Recommends: apache2-mod_geoip @@ -86,10 +92,10 @@ strategy and online experience of visitors may be optimized. %prep -%setup -q -n matomo +%setup -q -n %{name} install -m644 %{SOURCE4} README.SUSE # remove unwanted files -find . -type f "(" -name .htaccess -o -name .travis.sh ")" -delete +find . -type f "(" -name .htaccess -o -name .travis.sh -o -name .gitkeep ")" -delete #find . -name ".git*" -exec rm -Rf "{}" "+" find . -type f "(" -name "*.c" -o -name "*.h" -o -name "*.js.orig" ")" -delete # env-script-interpreter @@ -133,7 +139,11 @@ mv *md %{buildroot}/%{_defaultdocdir}/%{name} cp -dR * %{buildroot}/%{ap_serverroot}/%{name} # install matomo.conf to apache conf.d -install -D -m0640 %{SOURCE2} %{buildroot}/%{ap_sysconfdir}/conf.d/%{name}.conf +mkdir -p %{buildroot}/%{ap_sysconfdir}/conf.d +sed -e 's|__matomo_web__|%{ap_serverroot}/%{name}|g' \ + -e 's|__matomo_conf__|%{_sysconfdir}/%{name}|g' \ + -e 's|__matomo_log__|/var/log/%{name}|g' \ + %{SOURCE2} > %{buildroot}/%{ap_sysconfdir}/conf.d/%{name}.conf # install logrotate install -D -m0644 %{SOURCE3} %{buildroot}/%{_sysconfdir}/logrotate.d/%{name} # move config to etc/matomo and make symlink @@ -162,9 +172,9 @@ # BSC#1154324 # # # chown -R %{ap_usr}:%{ap_grp} %{ap_serverroot}/%{name} %service_add_post matomo-archive.timer matomo-archive.service apache2.service -# Update matomo if this is an upgrade $1 == 2 -echo "matomo: Update matomo:core..." if [ $1 -gt 1 ]; then + # Update matomo if this is an upgrade $1 == 2 + echo "matomo: Update matomo:core..." su wwwrun -s /bin/sh -c "%{_bindir}/php %{ap_serverroot}/%{name}/console config:set 'Tracker.record_statistics="0"'" || : su wwwrun -s /bin/sh -c "%{_bindir}/php %{ap_serverroot}/%{name}/console config:set 'General.maintenance_mode="1"'" || : su wwwrun -s /bin/sh -c "%{_bindir}/php %{ap_serverroot}/%{name}/console core:update --yes" || : @@ -208,15 +218,16 @@ %attr(0644,%{ap_usr},%{ap_grp}) %{ap_serverroot}/%{name}/js/piwik.min.js %attr(0770,%{ap_usr},%{ap_grp}) %{ap_serverroot}/%{name}/console %attr(0770,%{ap_usr},%{ap_grp}) %{ap_serverroot}/%{name}/misc/cron/archive.sh -%attr(0770,%{ap_usr},%{ap_grp}) %{ap_serverroot}/%{name}/misc/log-analytics/import_logs.py +#%attr(0770,%{ap_usr},%{ap_grp}) %{ap_serverroot}/%{name}/misc/log-analytics/import_logs.py %attr(0770,%{ap_usr},%{ap_grp}) %{ap_serverroot}/%{name}/misc/composer/clean-xhprof.sh %attr(0770,%{ap_usr},%{ap_grp}) %{ap_serverroot}/%{name}/misc/composer/build-xhprof.sh -%attr(0770,%{ap_usr},%{ap_grp}) %{ap_serverroot}/%{name}/vendor/leafo/lessphp/package.sh -%attr(0770,%{ap_usr},%{ap_grp}) %{ap_serverroot}/%{name}/vendor/leafo/lessphp/lessify -%attr(0770,%{ap_usr},%{ap_grp}) %{ap_serverroot}/%{name}/vendor/leafo/lessphp/plessc -%attr(0770,%{ap_usr},%{ap_grp}) %{ap_serverroot}/%{name}/vendor/pear/archive_tar/sync-php4 -%attr(0770,%{ap_usr},%{ap_grp}) %{ap_serverroot}/%{name}/vendor/szymach/c-pchart/coverage.sh -%attr(0770,%{ap_usr},%{ap_grp}) %{ap_serverroot}/%{name}/vendor/tecnickcom/tcpdf/tools/tcpdf_addfont.php +#%attr(0770,%{ap_usr},%{ap_grp}) %{ap_serverroot}/%{name}/plugins/TestRunner/scripts/on_instance_launch.sh +#%attr(0770,%{ap_usr},%{ap_grp}) %{ap_serverroot}/%{name}/vendor/leafo/lessphp/package.sh +#%attr(0770,%{ap_usr},%{ap_grp}) %{ap_serverroot}/%{name}/vendor/leafo/lessphp/lessify +#%attr(0770,%{ap_usr},%{ap_grp}) %{ap_serverroot}/%{name}/vendor/leafo/lessphp/plessc +#%attr(0770,%{ap_usr},%{ap_grp}) %{ap_serverroot}/%{name}/vendor/pear/archive_tar/sync-php4 +#%attr(0770,%{ap_usr},%{ap_grp}) %{ap_serverroot}/%{name}/vendor/szymach/c-pchart/coverage.sh +#%attr(0770,%{ap_usr},%{ap_grp}) %{ap_serverroot}/%{name}/vendor/tecnickcom/tcpdf/tools/tcpdf_addfont.php %{ap_serverroot}/%{name}/* %changelog ++++++ matomo-README.SUSE ++++++ --- /var/tmp/diff_new_pack.TThWDS/_old 2019-12-21 12:35:09.563471032 +0100 +++ /var/tmp/diff_new_pack.TThWDS/_new 2019-12-21 12:35:09.563471032 +0100 @@ -13,9 +13,18 @@ Apache22: Allow from .mydomain.de Apache24: Require host mydomain.de +Enable needed modules: +~# for module in php7 headers setenvif ; do +~# /usr/sbin/a2enmod $module +~# done + +If you also want to enable compression, just enable the following modules as well: +~# /usr/sbin/a2enmod deflate +~# /usr/sbin/a2enmod filter + And then restart or reload apache - systemctl restart apache2 +~# /usr/bin/systemctl restart apache2 c) installer Go to http://www.mydomain.de/matomo/ @@ -47,4 +56,6 @@ For autoarchiving you have two options. With cron or with systemd.timer. For cron you must uncomment the line in /etc/cron.d/matomo-archive -For systemd.timer you must start and enable matomo-archive.timer +For systemd.timer you must start and enable matomo-archive.timer: +~# /usr/bin/systemctl enable --now matomo-archive.timer + ++++++ matomo-archive.cron ++++++ --- /var/tmp/diff_new_pack.TThWDS/_old 2019-12-21 12:35:09.579471040 +0100 +++ /var/tmp/diff_new_pack.TThWDS/_new 2019-12-21 12:35:09.579471040 +0100 @@ -3,7 +3,7 @@ # # without CLI -#5 * * * * wwwrun /usr/bin/php @ap_serverroot@/matomo/misc/cron/archive.php --url=http://localhost/matomo/ > /var/log/matomo/matomo-archive.log +#-5 * * * * wwwrun /usr/bin/php @ap_serverroot@/matomo/misc/cron/archive.php --url=http://localhost/matomo/ > /var/log/matomo/matomo-archive.log # with CLI -5 * * * * wwwrun /usr/bin/php @ap_serverroot@/matomo/console core:archive --url=http://localhost/matomo/ > /var/log/matomo/matomo-archive.log +-5 * * * * wwwrun /usr/bin/php @ap_serverroot@/matomo/console core:archive --url=http://localhost/matomo/ > /var/log/matomo/matomo-archive.log ++++++ matomo.conf ++++++ --- /var/tmp/diff_new_pack.TThWDS/_old 2019-12-21 12:35:09.631471065 +0100 +++ /var/tmp/diff_new_pack.TThWDS/_new 2019-12-21 12:35:09.631471065 +0100 @@ -1,6 +1,6 @@ -Alias /matomo "/srv/www/matomo" +Alias /matomo "__matomo_web__" -<Directory "/srv/www/matomo"> +<Directory "__matomo_web__"> AllowOverride All Options FollowSymLinks <IfModule mod_authz_core.c> @@ -59,10 +59,37 @@ </IfModule> + <IfModule mod_mime.c> + AddType application/x-javascript .js + AddType text/css .css + </IfModule> + <IfModule mod_deflate.c> + AddOutputFilterByType DEFLATE text/css application/x-javascript text/x-component text/html text/plain text/xml application/javascript + <IfModule mod_setenvif.c> + BrowserMatch ^Mozilla/4 gzip-only-text/html + BrowserMatch ^Mozilla/4.0[678] no-gzip + BrowserMatch bMSIE !no-gzip !gzip-only-text/html + </IfModule> + </IfModule> + Header append Vary User-Agent env=!dont-vary + + <IfModule mod_php7.c> + # improved security + php_admin_value open_basedir "__matomo_web__:__matomo_conf__:__matomo_log__:/tmp:/usr/bin" + php_admin_flag display_startup_errors Off + php_admin_flag display_errors Off + php_admin_flag file_uploads Off + php_admin_flag allow_url_fopen Off + php_admin_value disable_functions "posix_setpgid,exec,ftp_login,mysql_pconnect,apache_setenv,popen,posix_getpwuid,posix_setsid,passthru,escapeshellcmd,ini_alter,ftp_raw,ftp_nb_fput,ini_restore,shell_exec,ftp_get,proc_get_status,highlight_file,proc_close,proc_terminate,syslog,ftp_connect,posix_uname,ini_get_all,proc_open,posix_kill,escapeshellarg,ftp_rawlist,posix_setuid,openlog,php_uname,system,ftp_exec,posix_mkfifo,proc_nice,ftp_put" + php_admin_value memory_limit "1024M" + php_admin_value max_execution_time 120 + </IfModule> + + </Directory> -<Directory "/srv/www/matomo/vendor/tecnickcom/tcpdf/tools"> +<Directory "__matomo_web__/vendor/tecnickcom/tcpdf/tools"> <IfModule mod_authz_core.c> # Apache 2.4 Require all denied ++++++ matomo.rpmlintrc ++++++ --- /var/tmp/diff_new_pack.TThWDS/_old 2019-12-21 12:35:09.671471084 +0100 +++ /var/tmp/diff_new_pack.TThWDS/_new 2019-12-21 12:35:09.671471084 +0100 @@ -7,3 +7,4 @@ addFilter("non-conffile-in-etc /etc/matomo/environment/dev.php") addFilter("non-conffile-in-etc /etc/matomo/environment/test.php") addFilter("non-conffile-in-etc /etc/matomo/environment/ui-test.php") +addFilter("explicit-lib-dependency php-zlib")
