aboutsummaryrefslogtreecommitdiffstats
path: root/www/cgiwrap/Makefile
blob: f9f8f3368f3f0bdc0394ba50c83535fdda48f1df (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
# Created by: Brent J. Nordquist <bjn@visi.com>
# $FreeBSD$

PORTNAME=   cgiwrap
PORTVERSION=    4.1
CATEGORIES= www security
MASTER_SITES=   SF

MAINTAINER= ports@FreeBSD.org
COMMENT=    Securely execute Web CGI scripts

LICENSE=    GPLv2

PKGMESSAGE= ${WRKDIR}/pkg-message

OPTIONS_DEFINE= CGI_OWNER CGI_GROUP CGI_SETUID CGI_SETGID \
        CGI_GROUP_WRITABLE CGI_WORLD_WRITABLE DEBUG \
        DOCS NPH USE_REDIRECT_URL USE_SCRIPT_URL
OPTIONS_DEFAULT=CGI_OWNER CGI_GROUP CGI_SETUID CGI_SETGID \
        CGI_GROUP_WRITABLE CGI_WORLD_WRITABLE
OPTIONS_SUB=    yes

CGI_OWNER_DESC= Check CGI file owner
CGI_GROUP_DESC= Check CGI file group
CGI_SETUID_DESC=Check CGI file setuid permissions
CGI_SETGID_DESC=Check CGI file setgid permissions
CGI_GROUP_WRITABLE_DESC=Check CGI g+w file permissions
CGI_WORLD_WRITABLE_DESC=Check CGI o+w file permissions
USE_REDIRECT_URL_DESC=Use REDIRECT_URL to build SCRIPT_NAME
USE_SCRIPT_URL_DESC=Use SCRIPT_URL to build SCRIPT_NAME
NPH_DESC=   Enable nph binaries
DEBUG_DESC= Enable cgiwrapd binaries

##
# INSTALL_DIR
#
# Specify the location of the cgiwrap binaries.  This is the directory
# where the cgiwrap binaries get installed in.
#
INSTALL_DIR?=   ${PREFIX}/www/cgi-bin

##
# USER_CGIDIR
#
# Specify the location of the CGI directory ~user accounts will store
# CGIs in.  This is "home directory relative".  Alternatives include
# "www/cgi-bin" and "cgi-bin".
#
USER_CGIDIR?=   public_html/cgi-bin

##
# ALLOW_FILE
# DENY_FILE
#
# Full path to the allow and deny files for CGI access.  These files
# contain the username of the UNIX account who will be allowed/denied
# using the cgiwrap binary.
#
ALLOW_FILE?=    ${PREFIX}/etc/${PORTNAME}.allow
DENY_FILE?= ${PREFIX}/etc/${PORTNAME}.deny

SUB_FILES=  pkg-message
SUB_LIST+=  INSTALL_DIR=${INSTALL_DIR} \
        ALLOW_FILE=${ALLOW_FILE} \
        DENY_FILE=${DENY_FILE}
GNU_CONFIGURE=  yes
CONFIGURE_ARGS= --with-httpd-user=${WWWOWN} \
        --with-install-group=${WWWGRP} \
        --with-install-dir=${INSTALL_DIR} \
        --with-cgi-dir=${USER_CGIDIR} \
        --with-allow-file=${ALLOW_FILE} \
        --with-deny-file=${DENY_FILE} \
        --with-check-shell \
        --with-wall

CGI_OWNER_CONFIGURE_WITH=   check-owner
CGI_GROUP_CONFIGURE_WITH=   check-group
CGI_SETUID_CONFIGURE_WITH=  check-setuid
CGI_SETGID_CONFIGURE_WITH=  check-setgid
CGI_GROUP_WRITABLE_CONFIGURE_WITH=  check-group-writable
CGI_WORLD_WRITABLE_CONFIGURE_WITH=  check-world-writable
USE_REDIRECT_URL_CONFIGURE_WITH=    use-redirect-url
USE_SCRIPT_URL_CONFIGURE_WITH=  use-script-url
NPH_CONFIGURE_WITH=     nph
DEBUG_CONFIGURE_WITH=       cgiwrapd

PORTDOCS=   accesscontrol.html afs.html changes.html \
        chroot.html comments.html download.html faq.html \
        index.html install.html intro.html maillist.html \
        notes.html pubs.html quickref.html setup.html \
        thanks.html todo.html tricks.html y2k.html

##
# LOG_FILE
#
# Enables cgiwrap logging (when a user called cgiwrap, its arguments,
# and who ran it).  Specify the full path to the logfile.
#
.if defined(LOG_FILE)
CONFIGURE_ARGS+=    --with-logging-file=${LOG_FILE}
.else
CONFIGURE_ARGS+=    --without-logging-file
.endif

do-install:
    @${MKDIR} ${STAGEDIR}${INSTALL_DIR}
    ${INSTALL_PROGRAM} ${WRKSRC}/cgiwrap ${STAGEDIR}${INSTALL_DIR}
.for link in cgiwrapd nph-cgiwrap nph-cgiwrapd
    ${LN} -sf cgiwrap ${STAGEDIR}${INSTALL_DIR}/${link}
.endfor

    @${MKDIR} ${STAGEDIR}${DOCSDIR}
    (cd ${WRKSRC}/htdocs && ${INSTALL_DATA} ${PORTDOCS} ${STAGEDIR}${DOCSDIR})

.include <bsd.port.mk>