blob: f9f8f3368f3f0bdc0394ba50c83535fdda48f1df (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
|
# Created by: Brent J. Nordquist <bjn@visi.com>
# $FreeBSD$
PORTNAME= cgiwrap
PORTVERSION= 4.1
CATEGORIES= www security
MASTER_SITES= SF
MAINTAINER= ports@FreeBSD.org
COMMENT= Securely execute Web CGI scripts
LICENSE= GPLv2
PKGMESSAGE= ${WRKDIR}/pkg-message
OPTIONS_DEFINE= CGI_OWNER CGI_GROUP CGI_SETUID CGI_SETGID \
CGI_GROUP_WRITABLE CGI_WORLD_WRITABLE DEBUG \
DOCS NPH USE_REDIRECT_URL USE_SCRIPT_URL
OPTIONS_DEFAULT=CGI_OWNER CGI_GROUP CGI_SETUID CGI_SETGID \
CGI_GROUP_WRITABLE CGI_WORLD_WRITABLE
OPTIONS_SUB= yes
CGI_OWNER_DESC= Check CGI file owner
CGI_GROUP_DESC= Check CGI file group
CGI_SETUID_DESC=Check CGI file setuid permissions
CGI_SETGID_DESC=Check CGI file setgid permissions
CGI_GROUP_WRITABLE_DESC=Check CGI g+w file permissions
CGI_WORLD_WRITABLE_DESC=Check CGI o+w file permissions
USE_REDIRECT_URL_DESC=Use REDIRECT_URL to build SCRIPT_NAME
USE_SCRIPT_URL_DESC=Use SCRIPT_URL to build SCRIPT_NAME
NPH_DESC= Enable nph binaries
DEBUG_DESC= Enable cgiwrapd binaries
##
# INSTALL_DIR
#
# Specify the location of the cgiwrap binaries. This is the directory
# where the cgiwrap binaries get installed in.
#
INSTALL_DIR?= ${PREFIX}/www/cgi-bin
##
# USER_CGIDIR
#
# Specify the location of the CGI directory ~user accounts will store
# CGIs in. This is "home directory relative". Alternatives include
# "www/cgi-bin" and "cgi-bin".
#
USER_CGIDIR?= public_html/cgi-bin
##
# ALLOW_FILE
# DENY_FILE
#
# Full path to the allow and deny files for CGI access. These files
# contain the username of the UNIX account who will be allowed/denied
# using the cgiwrap binary.
#
ALLOW_FILE?= ${PREFIX}/etc/${PORTNAME}.allow
DENY_FILE?= ${PREFIX}/etc/${PORTNAME}.deny
SUB_FILES= pkg-message
SUB_LIST+= INSTALL_DIR=${INSTALL_DIR} \
ALLOW_FILE=${ALLOW_FILE} \
DENY_FILE=${DENY_FILE}
GNU_CONFIGURE= yes
CONFIGURE_ARGS= --with-httpd-user=${WWWOWN} \
--with-install-group=${WWWGRP} \
--with-install-dir=${INSTALL_DIR} \
--with-cgi-dir=${USER_CGIDIR} \
--with-allow-file=${ALLOW_FILE} \
--with-deny-file=${DENY_FILE} \
--with-check-shell \
--with-wall
CGI_OWNER_CONFIGURE_WITH= check-owner
CGI_GROUP_CONFIGURE_WITH= check-group
CGI_SETUID_CONFIGURE_WITH= check-setuid
CGI_SETGID_CONFIGURE_WITH= check-setgid
CGI_GROUP_WRITABLE_CONFIGURE_WITH= check-group-writable
CGI_WORLD_WRITABLE_CONFIGURE_WITH= check-world-writable
USE_REDIRECT_URL_CONFIGURE_WITH= use-redirect-url
USE_SCRIPT_URL_CONFIGURE_WITH= use-script-url
NPH_CONFIGURE_WITH= nph
DEBUG_CONFIGURE_WITH= cgiwrapd
PORTDOCS= accesscontrol.html afs.html changes.html \
chroot.html comments.html download.html faq.html \
index.html install.html intro.html maillist.html \
notes.html pubs.html quickref.html setup.html \
thanks.html todo.html tricks.html y2k.html
##
# LOG_FILE
#
# Enables cgiwrap logging (when a user called cgiwrap, its arguments,
# and who ran it). Specify the full path to the logfile.
#
.if defined(LOG_FILE)
CONFIGURE_ARGS+= --with-logging-file=${LOG_FILE}
.else
CONFIGURE_ARGS+= --without-logging-file
.endif
do-install:
@${MKDIR} ${STAGEDIR}${INSTALL_DIR}
${INSTALL_PROGRAM} ${WRKSRC}/cgiwrap ${STAGEDIR}${INSTALL_DIR}
.for link in cgiwrapd nph-cgiwrap nph-cgiwrapd
${LN} -sf cgiwrap ${STAGEDIR}${INSTALL_DIR}/${link}
.endfor
@${MKDIR} ${STAGEDIR}${DOCSDIR}
(cd ${WRKSRC}/htdocs && ${INSTALL_DATA} ${PORTDOCS} ${STAGEDIR}${DOCSDIR})
.include <bsd.port.mk>
|