diff options
| author | Philip M. Gollucci <pgollucci@FreeBSD.org> | 2010-05-14 18:52:32 +0000 |
|---|---|---|
| committer | Philip M. Gollucci <pgollucci@FreeBSD.org> | 2010-05-14 18:52:32 +0000 |
| commit | a2d781870f9fabe1823f02c24ec44a2ab76bbc25 (patch) | |
| tree | f4edb4f05cce43a1a603974f0e809d20017558d4 /www/apache20 | |
| parent | e3ff961defba66981ff223a32f8975846946b2a9 (diff) | |
| download | ports-a2d781870f9fabe1823f02c24ec44a2ab76bbc25.tar.gz ports-a2d781870f9fabe1823f02c24ec44a2ab76bbc25.zip | |
Notes
Diffstat (limited to 'www/apache20')
| -rw-r--r-- | www/apache20/Makefile | 8 | ||||
| -rw-r--r-- | www/apache20/files/extra-patch-suexec_rsrclimit | 50 |
2 files changed, 58 insertions, 0 deletions
diff --git a/www/apache20/Makefile b/www/apache20/Makefile index 07ea290dbab5..33235686ccac 100644 --- a/www/apache20/Makefile +++ b/www/apache20/Makefile @@ -68,6 +68,14 @@ USE_BZIP2= yes MPM_ITK_VERSION?= 20061030-01 +.if defined(WITH_SUEXEC_RSRCLIMIT) +EXTRA_PATCHES+= ${FILESDIR}/extra-patch-suexec_rsrclimit +.if !defined(WITH_SUEXEC) +IGNORE= suEXEC resource limit patch requires mod_suexec.\ + Please add 'WITH_SUEXEC=YES' to you /etc/make.conf +.endif +.endif + CONFIGURE_ARGS= --prefix=${PREFIX_RELDEST} \ --enable-layout=FreeBSD \ --with-perl=${PERL5} \ diff --git a/www/apache20/files/extra-patch-suexec_rsrclimit b/www/apache20/files/extra-patch-suexec_rsrclimit new file mode 100644 index 000000000000..f6ef9d765cf5 --- /dev/null +++ b/www/apache20/files/extra-patch-suexec_rsrclimit @@ -0,0 +1,50 @@ +diff -Nru support/Makefile.in.orig1 support/Makefile.in +--- support/Makefile.in.orig1 2010-05-14 10:05:11.000000000 +0400 ++++ support/Makefile.in 2010-05-14 10:05:41.000000000 +0400 +@@ -57,7 +57,7 @@ + + suexec_OBJECTS = suexec.lo + suexec: $(suexec_OBJECTS) +- $(LINK) $(suexec_OBJECTS) ++ $(LINK) -lutil $(suexec_OBJECTS) + + httxt2dbm_OBJECTS = httxt2dbm.lo + httxt2dbm: $(httxt2dbm_OBJECTS) +diff -Nru support/suexec.c.orig1 support/suexec.c +--- support/suexec.c.orig1 2006-07-12 11:40:55.000000000 +0400 ++++ support/suexec.c 2010-05-14 10:05:41.000000000 +0400 +@@ -37,6 +37,7 @@ + #include <sys/param.h> + #include <sys/stat.h> + #include <sys/types.h> ++#include <login_cap.h> + #include <string.h> + #include <time.h> + #if APR_HAVE_UNISTD_H +@@ -242,6 +243,7 @@ + char *cmd; /* command to be executed */ + char cwd[AP_MAXPATH]; /* current working directory */ + char dwd[AP_MAXPATH]; /* docroot working directory */ ++ login_cap_t *lc; /* user resource limits */ + struct passwd *pw; /* password entry holder */ + struct group *gr; /* group entry holder */ + struct stat dir_info; /* directory info holder */ +@@ -448,6 +450,18 @@ + } + + /* ++ * Apply user resource limits based on login class. ++ */ ++ if ((lc = login_getclassbyname(pw->pw_class, pw)) == NULL) { ++ log_err("failed to login_getclassbyname()\n"); ++ exit(109); ++ } ++ if ((setusercontext(lc, pw, uid, LOGIN_SETRESOURCES)) != 0) { ++ log_err("failed to setusercontext()\n"); ++ exit(109); ++ } ++ ++ /* + * Change UID/GID here so that the following tests work over NFS. + * + * Initialize the group access list for the target user, |