diff options
| author | sem <sem@FreeBSD.org> | 2004-08-17 13:29:01 +0800 |
|---|---|---|
| committer | sem <sem@FreeBSD.org> | 2004-08-17 13:29:01 +0800 |
| commit | 84727c8ce6730da386931be58a593a44721790c4 (patch) | |
| tree | f1d46ec2d01a24a9115cd3480eb76f522004b73c /www/cgiwrap/Makefile | |
| parent | 9bef5896cf6285abc1fd84f0ab218473b8c31456 (diff) | |
| download | freebsd-ports-gnome-84727c8ce6730da386931be58a593a44721790c4.tar.gz freebsd-ports-gnome-84727c8ce6730da386931be58a593a44721790c4.tar.zst freebsd-ports-gnome-84727c8ce6730da386931be58a593a44721790c4.zip | |
* Uses WWWOWN and WWWGRP.
* Changes tweaks to CGIWRAP_ALLOWFILE and CGIWRAP_DENYFILE.
* Add optional ability to build without some features.
* Adds CGIWRAP_DEBUG, which adds support for the cgiwrapd/nph-cgiwrapd binaries.
* Proper/secure permissions on the binaries.
* Another cosmetic changes.
* Pass maintainership to submitter.
PR: ports/70106
Submitted by: Jeremy Chadwick <freebsd@jdc.parodius.com>
Diffstat (limited to 'www/cgiwrap/Makefile')
| -rw-r--r-- | www/cgiwrap/Makefile | 109 |
1 files changed, 76 insertions, 33 deletions
diff --git a/www/cgiwrap/Makefile b/www/cgiwrap/Makefile index 4c3444ec7f7c..0e89401eb7ab 100644 --- a/www/cgiwrap/Makefile +++ b/www/cgiwrap/Makefile @@ -7,56 +7,99 @@ PORTNAME= cgiwrap PORTVERSION= 3.9 +PORTREVISION= 1 CATEGORIES= www security MASTER_SITES= ${MASTER_SITE_SOURCEFORGE} MASTER_SITE_SUBDIR= ${PORTNAME} -MAINTAINER= jre@vineyard.net +MAINTAINER= freebsd@jdc.parodius.com COMMENT= Securely execute ~user CGI scripts GNU_CONFIGURE= yes -CONFIGURE_ARGS= --with-httpd-user=${HTTPDUSER} \ +CONFIGURE_ARGS= --with-httpd-user=${WWWOWN} \ + --with-install-group=${WWWGRP} \ --with-install-dir=${MAINCGIDIR} \ - --with-install-group=${BINGRP} \ - --with-cgi-dir=${CGIDIR} \ - --with-allow-file=${ALLOWFILE} \ - --with-deny-file=${DENYFILE} \ - ${WITHOUTCHECK} + --with-cgi-dir=${CGIWRAP_CGIDIR} \ + --with-local-contact=${CGIWRAP_CONTACT} \ + --with-allow-file=${CGIWRAP_ALLOWFILE} \ + --with-deny-file=${CGIWRAP_DENYFILE} -### +# # Set this to the directory (relative to each user's home) where CGI -# scripts will be found. (Another common value is "www/cgi-bin".) -### -CGIDIR?= public_html/cgi-bin -### -# The default security settings are very tight; enable one or more -# of these to loosen them. Run "configure -help" for information on -# these and other options. -### -#WITHOUTCHECK?= --without-check-owner --without-check-setuid \ -# --without-check-group --without-check-setgid \ -# --without-check-group-writable \ -# --without-check-world-writable -### -# Use these options for Apache: -### +# scripts will be found. Common alternate values are "www/cgi-bin" +# (a.k.a. ~user/www/cgi-bin) and "cgi-bin" (a.k.a. ~user/cgi-bin) +# +CGIWRAP_CGIDIR?= public_html/cgi-bin + +# +# MAINCGIDIR is the directory the cgiwrap binaries get installed to. +# MAINCGIDIR?= ${PREFIX}/www/cgi-bin -HTTPDUSER?= www -### + +# # The allow and deny files control access to cgiwrap. +# +CGIWRAP_ALLOWFILE?= ${PREFIX}/etc/${PORTNAME}.allow +CGIWRAP_DENYFILE?= ${PREFIX}/etc/${PORTNAME}.deny + +# +# Set the contact Email address. +# +CGIWRAP_CONTACT?= webmaster@dummy-host.example.com + +# +# Define CGIWRAP_LOGGING and specify where you want the logfile. +# +.if defined(CGIWRAP_LOGGING) +CONFIGURE_ARGS+= --with-logging-file=${CGIWRAP_LOGGING} +.endif + +# +# Some users enjoy being able to debug their own CGI scripts, since +# the standard "Internal server error" response doesn't help much. +# Administrators may find this useful as well. See the cgiwrap +# documentation for details on how to use this. +# +.if defined(CGIWRAP_DEBUG) +PLIST_SUB+= CGIWRAPDFLAG= +.else +PLIST_SUB+= CGIWRAPDFLAG="@comment " +.endif + +# +# A slew of --without-* configure flags exist for cgiwrap. You +# should refer to the cgiwrap documentation for details regarding +# what these do, and when (if) they're necessary. +# ### -ALLOWFILE?= ${PREFIX}/etc/${PORTNAME}.allow -DENYFILE?= ${PREFIX}/etc/${PORTNAME}.deny +.if defined(CGIWRAP_WITHOUT_CHECK_OWNER) +CONFIGURE_ARGS+= --without-check-owner +.endif +.if defined(CGIWRAP_WITHOUT_CHECK_GROUP) +CONFIGURE_ARGS+= --without-check-group +.endif +.if defined(CGIWRAP_WITHOUT_CHECK_SETUID) +CONFIGURE_ARGS+= --without-check-setuid +.endif +.if defined(CGIWRAP_WITHOUT_CHECK_SETGID) +CONFIGURE_ARGS+= --without-check-setgid +.endif +.if defined(CGIWRAP_WITHOUT_CHECK_GROUP_WRITABLE) +CONFIGURE_ARGS+= --without-check-group-writable +.endif +.if defined(CGIWRAP_WITHOUT_CHECK_WORLD_WRITABLE) +CONFIGURE_ARGS+= --without-check-world-writable +.endif pre-install: @${MKDIR} ${MAINCGIDIR} post-install: - ${STRIP_CMD} ${MAINCGIDIR}/cgiwrap - ${RM} ${MAINCGIDIR}/cgiwrapd ${MAINCGIDIR}/nph-cgiwrapd - ${CP} ${MAINCGIDIR}/cgiwrap ${MAINCGIDIR}/cgiwrapd - ${LN} ${MAINCGIDIR}/cgiwrapd ${MAINCGIDIR}/nph-cgiwrapd - ${CHMOD} 644 ${MAINCGIDIR}/cgiwrapd + @${STRIP_CMD} ${MAINCGIDIR}/cgiwrap + @${CHMOD} 4550 ${MAINCGIDIR}/cgiwrap +.if !defined(CGIWRAP_WITH_DEBUG) + @${RM} ${MAINCGIDIR}/cgiwrapd ${MAINCGIDIR}/nph-cgiwrapd +.endif .if !defined(NOPORTDOCS) @${MKDIR} ${DOCSDIR} .for file in accesscontrol.html afs.html changes.html chroot.html \ @@ -68,6 +111,6 @@ post-install: .endfor @${ECHO} "Documentation installed in ${DOCSDIR}" .endif - @${CAT} ${PKGMESSAGE} + @${CAT} ${PKGMESSAGE} | ${SED} -e's#%%PREFIX%%#${PREFIX}#g' .include <bsd.port.mk> |