requested by Johan Huldtgren, this lets fcgi-cgi run inside a chroot jail. comments/test reports welcome.
Index: Makefile =================================================================== RCS file: /cvs/ports/www/fcgi-cgi/Makefile,v retrieving revision 1.5 diff -u -p -r1.5 Makefile --- Makefile 3 Apr 2012 19:12:38 -0000 1.5 +++ Makefile 10 Apr 2012 15:41:13 -0000 @@ -1,8 +1,12 @@ # $OpenBSD: Makefile,v 1.5 2012/04/03 19:12:38 sthen Exp $ -COMMENT= wrapper to run CGI applications via FastCGI +COMMENT-main= wrapper to run CGI applications via FastCGI +COMMENT-static= static-linked fcgi-cgi wrapper for chroot use -DISTNAME= fcgi-cgi-0.1.8 +V= 0.1.8 +DISTNAME= fcgi-cgi-$V +PKGNAME-main= fcgi-cgi-$V +PKGNAME-static= fcgi-cgi-static-$V REVISION= 1 CATEGORIES= www @@ -14,14 +18,16 @@ PERMIT_PACKAGE_FTP= Yes PERMIT_DISTFILES_CDROM= Yes PERMIT_DISTFILES_FTP= Yes -WANTLIB += c ev glib-2.0 pthread +WANTLIB += c ev glib-2.0 m pthread MASTER_SITES= http://cgit.lighttpd.net/fcgi-cgi.git/snapshot/ \ http://spacehopper.org/mirrors/ SEPARATE_BUILD= Yes +MULTI_PACKAGES= -main -static RUN_DEPENDS= www/spawn-fcgi +RUN_DEPENDS-static= www/fcgi-cgi,-main LIB_DEPENDS= devel/libev \ devel/glib2 @@ -30,12 +36,18 @@ MODULES= devel/gettext CONFIGURE_STYLE= autoconf automake AUTOCONF_VERSION= 2.68 AUTOMAKE_VERSION= 1.11 +PREFIX-static= /var/www/${TRUEPREFIX} + +CONFIGURE_ENV= CPPFLAGS="-I${LOCALBASE}/include ${CPPFLAGS}" \ + LDFLAGS="-L${LOCALBASE}/lib ${LDFLAGS}" post-patch: cd ${WRKSRC}; AUTOCONF_VERSION=${AUTOCONF_VERSION} \ AUTOMAKE_VERSION=${AUTOMAKE_VERSION} ./autogen.sh -CONFIGURE_ENV= CPPFLAGS="-I${LOCALBASE}/include ${CPPFLAGS}" \ - LDFLAGS="-L${LOCALBASE}/lib ${LDFLAGS}" +post-install: + ${INSTALL_PROGRAM_DIR} ${WRKINST}${PREFIX-static}/bin + mv ${PREFIX}/bin/fcgi-cgi-static \ + ${WRKINST}${PREFIX-static}/bin/fcgi-cgi .include <bsd.port.mk> Index: patches/patch-Makefile_am =================================================================== RCS file: patches/patch-Makefile_am diff -N patches/patch-Makefile_am --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ patches/patch-Makefile_am 10 Apr 2012 15:41:13 -0000 @@ -0,0 +1,14 @@ +$OpenBSD$ +--- Makefile.am.orig Thu Oct 28 22:43:23 2010 ++++ Makefile.am Tue Apr 10 15:47:59 2012 +@@ -4,5 +4,9 @@ man1_MANS=fcgi-cgi.1 + AM_CFLAGS=$(GLIB_CFLAGS) + fcgi_cgi_LDADD=$(GLIB_LIBS) + +-bin_PROGRAMS=fcgi-cgi ++bin_PROGRAMS=fcgi-cgi fcgi-cgi-static + fcgi_cgi_SOURCES=fastcgi.c fcgi-cgi.c ++ ++fcgi_cgi_static_LDADD=$(fcgi_cgi_LDADD) ++fcgi_cgi_static_LDFLAGS=-static ++fcgi_cgi_static_SOURCES=$(fcgi_cgi_SOURCES) Index: patches/patch-configure_ac =================================================================== RCS file: patches/patch-configure_ac diff -N patches/patch-configure_ac --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ patches/patch-configure_ac 10 Apr 2012 15:41:13 -0000 @@ -0,0 +1,12 @@ +$OpenBSD$ +--- configure.ac.orig Tue Apr 10 15:49:39 2012 ++++ configure.ac Tue Apr 10 15:49:32 2012 +@@ -22,7 +22,7 @@ PKG_CHECK_MODULES(GLIB, glib-2.0 >= 2.16.0, [ + # lib ev + AC_CHECK_HEADERS([ev.h], [], [AC_MSG_ERROR("ev.h not found")]) + AC_CHECK_LIB([ev], [ev_time], [ +- LIBS="-lev ${LIBS}" ++ LIBS="-lev -lm ${LIBS}" + AC_DEFINE([HAVE_LIBEV], [1], [ev_time in -lev]) + ], [AC_MSG_ERROR("libev not found")]) + Index: pkg/DESCR =================================================================== RCS file: pkg/DESCR diff -N pkg/DESCR --- pkg/DESCR 27 Mar 2012 14:21:26 -0000 1.1.1.1 +++ /dev/null 1 Jan 1970 00:00:00 -0000 @@ -1,3 +0,0 @@ -fcgi-cgi is a wrapper around CGI applications to support running them under -FastCGI for use with webservers such as nginx and lighttpd 2.x which do not -support running cgi scripts/binaries directly. Index: pkg/DESCR-main =================================================================== RCS file: pkg/DESCR-main diff -N pkg/DESCR-main --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ pkg/DESCR-main 10 Apr 2012 15:41:13 -0000 @@ -0,0 +1,3 @@ +fcgi-cgi is a wrapper around CGI applications to support running them under +FastCGI for use with webservers such as nginx and lighttpd 2.x which do not +support running cgi scripts/binaries directly. Index: pkg/DESCR-static =================================================================== RCS file: pkg/DESCR-static diff -N pkg/DESCR-static --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ pkg/DESCR-static 10 Apr 2012 15:41:13 -0000 @@ -0,0 +1,2 @@ +This package contains a statically-linked version of fcgi-cgi for easier +use when CGI applications are run in a chroot() jail. Index: pkg/MESSAGE-static =================================================================== RCS file: pkg/MESSAGE-static diff -N pkg/MESSAGE-static --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ pkg/MESSAGE-static 10 Apr 2012 15:41:13 -0000 @@ -0,0 +1,7 @@ +To jail fcgi-cgi within /var/www, add an entry like this to rc.conf.local: + + fcgi_cgi_flags="-a 127.0.0.1 -p 9001 -u www -U www \ + -c /var/www -- ${TRUEPREFIX}/bin/fcgi-cgi" + +Obviously you will need to ensure that everything necessary for your CGI +application is installed within the chroot jail. Index: pkg/PLIST =================================================================== RCS file: pkg/PLIST diff -N pkg/PLIST --- pkg/PLIST 27 Mar 2012 14:21:26 -0000 1.1.1.1 +++ /dev/null 1 Jan 1970 00:00:00 -0000 @@ -1,4 +0,0 @@ -@comment $OpenBSD: PLIST,v 1.1.1.1 2012/03/27 14:21:26 sthen Exp $ -@bin bin/fcgi-cgi -@man man/man1/fcgi-cgi.1 -@rcscript ${RCDIR}/fcgi_cgi Index: pkg/PLIST-main =================================================================== RCS file: pkg/PLIST-main diff -N pkg/PLIST-main --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ pkg/PLIST-main 10 Apr 2012 15:41:13 -0000 @@ -0,0 +1,5 @@ +@comment $OpenBSD: PLIST,v 1.1.1.1 2012/03/27 14:21:26 sthen Exp $ +@pkgpath www/fcgi-cgi +@bin bin/fcgi-cgi +@man man/man1/fcgi-cgi.1 +@rcscript ${RCDIR}/fcgi_cgi Index: pkg/PLIST-static =================================================================== RCS file: pkg/PLIST-static diff -N pkg/PLIST-static --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ pkg/PLIST-static 10 Apr 2012 15:41:13 -0000 @@ -0,0 +1,3 @@ +@comment $OpenBSD: PLIST,v 1.1.1.1 2012/03/27 14:21:26 sthen Exp $ +bin/ +@bin bin/fcgi-cgi
