FreeBSD Bugzilla – Attachment 125184 Details for
Bug 168769
[PATCH] www/apache22: Add SuexecUserdir support
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
patch-www-apache-suexec_userdir.txt
patch-www-apache-suexec_userdir.txt (text/plain), 3.41 KB, created by
Bryan Drewery
on 2012-06-06 22:00:24 UTC
(
hide
)
Description:
patch-www-apache-suexec_userdir.txt
Filename:
MIME Type:
Creator:
Bryan Drewery
Created:
2012-06-06 22:00:24 UTC
Size:
3.41 KB
patch
obsolete
>diff -Nur ../apache22.orig/Makefile ./Makefile >--- ../apache22.orig/Makefile 2012-02-14 06:44:22.000000000 -0600 >+++ ./Makefile 2012-06-06 15:50:07.000000000 -0500 >@@ -125,6 +125,14 @@ > > .include "${APACHEDIR}/Makefile.modules" > >+.if defined(WITH_SUEXEC_USERDIR) >+EXTRA_PATCHES+= ${FILESDIR}/extra-patch-suexec_userdir >+.if !defined(WITH_SUEXEC) >+IGNORE= suEXEC UserDir patch requires mod_suexec.\ >+ Please (re)run 'make config' and choose SUEXEC option also >+.endif >+.endif >+ > .if (defined(WITH_SSL)|| !defined(WITHOUT_SSL_MODULES)) > .include "${PORTSDIR}/Mk/bsd.openssl.mk" > CFLAGS+= -I${OPENSSLINC} >diff -Nur ../apache22.orig/Makefile.options ./Makefile.options >--- ../apache22.orig/Makefile.options 2012-02-07 22:35:31.000000000 -0600 >+++ ./Makefile.options 2012-06-06 15:31:04.000000000 -0500 >@@ -73,6 +73,7 @@ > SSL "Enable mod_ssl" ON \ > SUEXEC "Enable mod_suexec" OFF \ > SUEXEC_RSRCLIMIT "SuEXEC rlimits based on login class" OFF \ >+ SUEXEC_USERDIR "SuEXEC UserDir support" OFF \ > REQTIMEOUT "Enable mod_reqtimeout" ON \ > CGID "Enable mod_cgid" OFF \ > >diff -Nur ../apache22.orig/files/extra-patch-suexec_userdir ./files/extra-patch-suexec_userdir >--- ../apache22.orig/files/extra-patch-suexec_userdir 1969-12-31 18:00:00.000000000 -0600 >+++ ./files/extra-patch-suexec_userdir 2012-05-06 20:01:16.000000000 -0500 >@@ -0,0 +1,55 @@ >+--- modules/generators/mod_suexec.c.orig 2006-07-11 22:38:44.000000000 -0500 >++++ modules/generators/mod_suexec.c 2010-02-05 23:22:23.000000000 -0600 >+@@ -57,10 +57,11 @@ >+ } >+ >+ static const char *set_suexec_ugid(cmd_parms *cmd, void *mconfig, >+- const char *uid, const char *gid) >++ const char *uid, const char *gid, >++ int userdir) >+ { >+ suexec_config_t *cfg = (suexec_config_t *) mconfig; >+- const char *err = ap_check_cmd_context(cmd, NOT_IN_DIR_LOC_FILE|NOT_IN_LIMIT); >++ const char *err = ap_check_cmd_context(cmd, NOT_IN_LOCATION|NOT_IN_FILES|NOT_IN_LIMIT); >+ >+ if (err != NULL) { >+ return err; >+@@ -68,7 +69,7 @@ >+ if (unixd_config.suexec_enabled) { >+ cfg->ugid.uid = ap_uname2id(uid); >+ cfg->ugid.gid = ap_gname2id(gid); >+- cfg->ugid.userdir = 0; >++ cfg->ugid.userdir = userdir; >+ cfg->active = 1; >+ } >+ else { >+@@ -78,6 +79,18 @@ >+ return NULL; >+ } >+ >++static const char *set_suexec_ugid_nouserdir(cmd_parms *cmd, void *mconfig, >++ const char *uid, const char *gid) >++{ >++ return set_suexec_ugid(cmd, mconfig, uid, gid, 0); >++} >++ >++static const char *set_suexec_ugid_userdir(cmd_parms *cmd, void *mconfig, >++ const char *uid, const char *gid) >++{ >++ return set_suexec_ugid(cmd, mconfig, uid, gid, 1); >++} >++ >+ static ap_unix_identity_t *get_suexec_id_doer(const request_rec *r) >+ { >+ suexec_config_t *cfg = >+@@ -115,7 +128,9 @@ >+ { >+ /* XXX - Another important reason not to allow this in .htaccess is that >+ * the ap_[ug]name2id() is not thread-safe */ >+- AP_INIT_TAKE2("SuexecUserGroup", set_suexec_ugid, NULL, RSRC_CONF, >++ AP_INIT_TAKE2("SuexecUserGroup", set_suexec_ugid_nouserdir, NULL, RSRC_CONF|ACCESS_CONF, >++ "User and group for spawned processes"), >++ AP_INIT_TAKE2("SuexecUserdir", set_suexec_ugid_userdir, NULL, RSRC_CONF|ACCESS_CONF, >+ "User and group for spawned processes"), >+ { NULL } >+ };
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 168769
: 125184