diff options
| author | pav <pav@FreeBSD.org> | 2005-07-09 06:35:06 +0800 |
|---|---|---|
| committer | pav <pav@FreeBSD.org> | 2005-07-09 06:35:06 +0800 |
| commit | 158c2d5393237fa50e022c36981859d1081ec8ad (patch) | |
| tree | cff49c7c6bb6e9539c2e6b64bcb4f5bf2d00b643 /www | |
| parent | a15a909f79fe4b0e12b48ad6d2abbe051b286902 (diff) | |
| download | freebsd-ports-graphics-158c2d5393237fa50e022c36981859d1081ec8ad.tar.gz freebsd-ports-graphics-158c2d5393237fa50e022c36981859d1081ec8ad.tar.zst freebsd-ports-graphics-158c2d5393237fa50e022c36981859d1081ec8ad.zip | |
- Convert to OPTIONS
- Add NPH and DEBUG knobs
- Rename some tunables
- Remove EMAIL knob
PR: ports/83144
Submitted by: Jeremy Chadwick <freebsd@jdc.parodius.com> (maintainer)
Diffstat (limited to 'www')
| -rw-r--r-- | www/cgiwrap/Makefile | 149 | ||||
| -rw-r--r-- | www/cgiwrap/pkg-descr | 1 | ||||
| -rw-r--r-- | www/cgiwrap/pkg-message | 17 | ||||
| -rw-r--r-- | www/cgiwrap/pkg-plist | 6 |
4 files changed, 90 insertions, 83 deletions
diff --git a/www/cgiwrap/Makefile b/www/cgiwrap/Makefile index 2d6d8af6b19..c38799fd4ff 100644 --- a/www/cgiwrap/Makefile +++ b/www/cgiwrap/Makefile @@ -7,98 +7,110 @@ PORTNAME= cgiwrap PORTVERSION= 3.9 -PORTREVISION= 2 +PORTREVISION= 3 CATEGORIES= www security MASTER_SITES= ${MASTER_SITE_SOURCEFORGE} MASTER_SITE_SUBDIR= ${PORTNAME} MAINTAINER= freebsd@jdc.parodius.com -COMMENT= Securely execute ~user CGI scripts - -GNU_CONFIGURE= yes -CONFIGURE_ARGS= --with-httpd-user=${WWWOWN} \ - --with-install-group=${WWWGRP} \ - --with-install-dir=${WITH_MAIN_CGIDIR} \ - --with-cgi-dir=${WITH_USER_CGIDIR} \ - --with-local-contact=${WITH_EMAIL} \ - --with-allow-file=${WITH_ALLOWFILE} \ - --with-deny-file=${WITH_DENYFILE} +COMMENT= Securely execute Web CGI scripts WRKSRC= ${WRKDIR}/${PORTNAME}-${PORTVERSION} PKGMESSAGE= ${WRKDIR}/pkg-message -## Available knobs: +OPTIONS= CGI_OWNER "Check CGI file owner" on \ + CGI_GROUP "Check CGI file group" on \ + CGI_SETUID "Check CGI file setuid permissions" on \ + CGI_SETGID "Check CGI file setgid permissions" on \ + CGI_GROUP_WRITABLE "Check CGI g+w file permissions" on \ + CGI_WORLD_WRITABLE "Check CGI o+w file permissions" on \ + NPH "Enable nph binaries" off \ + DEBUG "Enable cgiwrapd binaries" off + ## -## WITH_MAIN_CGIDIR: location of the cgiwrap binaries +# INSTALL_DIR # -# This is the directory where the cgiwrap binaries (i.e. the setuid -# root binaries) get installed to. +# Specify the location of the cgiwrap binaries. This is the directory +# where the cgiwrap binaries get installed in. # -WITH_MAIN_CGIDIR?= ${PREFIX}/www/cgi-bin +INSTALL_DIR?= ${PREFIX}/www/cgi-bin -## WITH_USER_CGIDIR: location of the CGI directory per user -## account (i.e. public_html/cgi-bin) +## +# USER_CGIDIR # -# Set this to the directory (relative to each user's home) where CGI -# scripts will be found. Common alternate values are "www/cgi-bin" -# (a.k.a. ~user/www/cgi-bin) and "cgi-bin" (a.k.a. ~user/cgi-bin) +# Specify the location of the CGI directory ~user accounts will store +# CGIs in. This is "home directory relative". Alternatives include +# "www/cgi-bin" and "cgi-bin". # -WITH_USER_CGIDIR?= public_html/cgi-bin +USER_CGIDIR?= public_html/cgi-bin -## WITH_ALLOWFILE: location/name of the cgiwrap.allow ACL file -## WITH_DENYFILE: location/name of the cgiwrap.deny ACL file +## +# ALLOW_FILE +# DENY_FILE # -WITH_ALLOWFILE?= ${PREFIX}/etc/${PORTNAME}.allow -WITH_DENYFILE?= ${PREFIX}/etc/${PORTNAME}.deny - -## WITH_EMAIL: cgiwrap administrator's Email address +# Full path to the allow and deny files for CGI access. These files +# contain the username of the UNIX account who will be allowed/denied +# using the cgiwrap binary. # -WITH_EMAIL?= webmaster@dummy-host.example.com +ALLOW_FILE?= ${PREFIX}/etc/${PORTNAME}.allow +DENY_FILE?= ${PREFIX}/etc/${PORTNAME}.deny -## WITH_LOGGING: enables cgiwrap logging; specifies the -## path and filename of the logfile +## +# LOG_FILE # -.if defined(WITH_LOGGING) -CONFIGURE_ARGS+= --with-logging-file=${WITH_LOGGING} -.endif - -## WITH_DEBUG: enables cgiwrap debugging support, via -## the 'cgiwrapd' binary +# Enables cgiwrap logging (when a user called cgiwrap, its arguments, +# and who ran it). Specify the full path to the logfile. # -.if defined(WITH_DEBUG) -PLIST_SUB+= CGIWRAPDFLAG= +.if defined(LOG_FILE) +CONFIGURE_ARGS+= --with-logging-file=${LOG_FILE} .else -PLIST_SUB+= CGIWRAPDFLAG="@comment " +CONFIGURE_ARGS+= --without-logging-file .endif -## WITHOUT_CHECK_OWNER: disable CGI file ownership checks -## WITHOUT_CHECK_GROUP: disable CGI file group checks -## WITHOUT_CHECK_SETUID: disable CGI file setuid permissions check -## WITHOUT_CHECK_SETGID: disable CGI file setgid permissions check -## WITHOUT_CHECK_GROUP_WRITABLE: -## disable CGI file group-writable permissions check -## WITHOUT_CHECK_WORLD_WRITABLE: -## disable CGI file world-writable permissions check -# -.if defined(WITHOUT_CHECK_OWNER) +GNU_CONFIGURE= yes +CONFIGURE_ARGS= --with-httpd-user=${WWWOWN} \ + --with-install-group=${WWWGRP} \ + --with-install-dir=${INSTALL_DIR} \ + --with-cgi-dir=${USER_CGIDIR} \ + --with-allow-file=${ALLOW_FILE} \ + --with-deny-file=${DENY_FILE} \ + --with-wall + +.include <bsd.port.pre.mk> + +.if !defined(WITH_CGI_OWNER) CONFIGURE_ARGS+= --without-check-owner .endif -.if defined(WITHOUT_CHECK_GROUP) +.if !defined(WITH_CGI_GROUP) CONFIGURE_ARGS+= --without-check-group .endif -.if defined(WITHOUT_CHECK_SETUID) +.if !defined(WITH_CGI_SETUID) CONFIGURE_ARGS+= --without-check-setuid .endif -.if defined(WITHOUT_CHECK_SETGID) +.if !defined(WITH_CGI_SETGID) CONFIGURE_ARGS+= --without-check-setgid .endif -.if defined(WITHOUT_CHECK_GROUP_WRITABLE) +.if !defined(WITH_CGI_GROUP_WRITABLE) CONFIGURE_ARGS+= --without-check-group-writable .endif -.if defined(WITHOUT_CHECK_WORLD_WRITABLE) +.if !defined(WITH_CGI_WORLD_WRITABLE) CONFIGURE_ARGS+= --without-check-world-writable .endif +.if !defined(WITH_NPH) +PLIST_SUB+= NPHFLAG="@comment " +CONFIGURE_ARGS+= --without-nph +.else +PLIST_SUB+= NPHFLAG= +.endif + +.if !defined(WITH_DEBUG) +PLIST_SUB+= DEBUGFLAG="@comment " +CONFIGURE_ARGS+= --without-cgiwrapd +.else +PLIST_SUB+= DEBUGFLAG= +.endif + .if !defined(NOPORTDOCS) PORTDOCS= accesscontrol.html afs.html changes.html \ chroot.html comments.html download.html faq.html \ @@ -107,18 +119,19 @@ PORTDOCS= accesscontrol.html afs.html changes.html \ thanks.html todo.html tricks.html y2k.html .endif -show-options: - @${SED} -ne 's/^##//p' ${.CURDIR}/Makefile - pre-install: - @${MKDIR} ${WITH_MAIN_CGIDIR} + @${MKDIR} ${INSTALL_DIR} post-install: - @${STRIP_CMD} ${WITH_MAIN_CGIDIR}/cgiwrap - @${CHMOD} 4550 ${WITH_MAIN_CGIDIR}/cgiwrap -.if !defined(WITH_DEBUG) - @${RM} ${WITH_MAIN_CGIDIR}/cgiwrapd - @${RM} ${WITH_MAIN_CGIDIR}/nph-cgiwrapd + @${STRIP_CMD} ${INSTALL_DIR}/cgiwrap + @${CHMOD} 4550 ${INSTALL_DIR}/cgiwrap +.if defined(WITH_DEBUG) + @${STRIP_CMD} ${INSTALL_DIR}/cgiwrapd + @${CHMOD} 4550 ${INSTALL_DIR}/cgiwrapd +.if defined(WITH_NPH) + @${STRIP_CMD} ${INSTALL_DIR}/nph-cgiwrapd + @${CHMOD} 4550 ${INSTALL_DIR}/nph-cgiwrapd +.endif .endif .if !defined(NOPORTDOCS) @${MKDIR} ${DOCSDIR} @@ -126,10 +139,10 @@ post-install: @${INSTALL_DATA} ${WRKSRC}/htdocs/${f} ${DOCSDIR} .endfor .endif - @${SED} -e's,%%MAIN_CGIDIR%%,${WITH_MAIN_CGIDIR},g' \ - -e's,%%ALLOWFILE%%,${WITH_ALLOWFILE},g' \ - -e's,%%DENYFILE%%,${WITH_DENYFILE},g' \ + @${SED} -e's,%%INSTALL_DIR%%,${INSTALL_DIR},g' \ + -e's,%%ALLOW_FILE%%,${ALLOW_FILE},g' \ + -e's,%%DENY_FILE%%,${DENY_FILE},g' \ ${MASTERDIR}/pkg-message > ${PKGMESSAGE} @${CAT} ${PKGMESSAGE} -.include <bsd.port.mk> +.include <bsd.port.post.mk> diff --git a/www/cgiwrap/pkg-descr b/www/cgiwrap/pkg-descr index 74cc3438a71..e16fea6cca2 100644 --- a/www/cgiwrap/pkg-descr +++ b/www/cgiwrap/pkg-descr @@ -9,3 +9,4 @@ and Communications servers, and probably any other Unix-based Web server software that supports CGI. WWW: http://cgiwrap.sourceforge.net/ +WWW: http://cgiwrap.unixtools.org/ diff --git a/www/cgiwrap/pkg-message b/www/cgiwrap/pkg-message index b35046420fd..5c724c4c5a0 100644 --- a/www/cgiwrap/pkg-message +++ b/www/cgiwrap/pkg-message @@ -1,19 +1,12 @@ ----------------------------------------------------------------- -You have installed cgiwrap, a wrapper to securely execute user -CGI programs. cgiwrap is reported to work with most Web servers -that support CGI, so no one specific server has been included as -a dependancy. If you are unsure of which Web server to use, it -is recommended that you try the Apache HTTP server. - The cgiwrap binaries have been installed in the following directory: - %%MAIN_CGIDIR%% + %%INSTALL_DIR%% -You should create/manage the following two files, otherwise -cgiwrap will not function as expected. These ACL files define -which users can and cannot run CGI binaries via cgiwrap: +You should create the following two files, otherwise cgiwrap will +not function as expected: - %%ALLOWFILE%% - %%DENYFILE%% + %%ALLOW_FILE%% + %%DENY_FILE%% ----------------------------------------------------------------- diff --git a/www/cgiwrap/pkg-plist b/www/cgiwrap/pkg-plist index 53791763fdf..12b7a58134e 100644 --- a/www/cgiwrap/pkg-plist +++ b/www/cgiwrap/pkg-plist @@ -1,5 +1,5 @@ www/cgi-bin/cgiwrap -%%CGIWRAPDFLAG%%www/cgi-bin/cgiwrapd -www/cgi-bin/nph-cgiwrap -%%CGIWRAPDFLAG%%www/cgi-bin/nph-cgiwrapd +%%DEBUGFLAG%%www/cgi-bin/cgiwrapd +%%NPHFLAG%%www/cgi-bin/nph-cgiwrap +%%NPHFLAG%%%%DEBUGFLAG%%www/cgi-bin/nph-cgiwrapd @unexec rmdir %D/www/cgi-bin 2>/dev/null || true |