687 lines
22 KiB
RPMSpec
687 lines
22 KiB
RPMSpec
%define contentdir %{_datadir}/httpd
|
|
%define docroot /var/www
|
|
%define suexec_caller apache
|
|
%define mmn 20120211
|
|
%define mmnisa %{mmn}%{__isa_name}%{__isa_bits}
|
|
%define vstring %(source /etc/os-release; echo ${REDHAT_SUPPORT_PRODUCT})
|
|
|
|
Summary: Apache HTTP Server
|
|
Name: httpd
|
|
Version: 2.4.29
|
|
Release: 1%{?dist}
|
|
URL: http://httpd.apache.org/
|
|
Source0: http://www.apache.org/dist/httpd/httpd-%{version}.tar.bz2
|
|
Source1: index.html
|
|
Source2: httpd.logrotate
|
|
Source3: httpd.sysconf
|
|
Source4: httpd-ssl-pass-dialog
|
|
Source5: httpd.tmpfiles
|
|
Source6: httpd.service
|
|
Source7: action-graceful.sh
|
|
Source8: action-configtest.sh
|
|
Source10: httpd.conf
|
|
Source11: 00-base.conf
|
|
Source12: 00-mpm.conf
|
|
Source13: 00-lua.conf
|
|
Source14: 01-cgi.conf
|
|
Source15: 00-dav.conf
|
|
Source16: 00-proxy.conf
|
|
Source17: 00-ssl.conf
|
|
Source18: 01-ldap.conf
|
|
Source19: 00-proxyhtml.conf
|
|
Source20: userdir.conf
|
|
Source21: ssl.conf
|
|
Source22: welcome.conf
|
|
Source23: manual.conf
|
|
Source24: 00-systemd.conf
|
|
Source25: 01-session.conf
|
|
Source26: 10-listen443.conf
|
|
Source27: httpd.socket
|
|
Source28: 00-optional.conf
|
|
# Documentation
|
|
Source30: README.confd
|
|
Source31: README.confmod
|
|
Source40: htcacheclean.service
|
|
Source41: htcacheclean.sysconf
|
|
# build/scripts patches
|
|
Patch1: httpd-2.4.1-apctl.patch
|
|
Patch2: httpd-2.4.9-apxs.patch
|
|
Patch3: httpd-2.4.1-deplibs.patch
|
|
Patch5: httpd-2.4.3-layout.patch
|
|
Patch6: httpd-2.4.3-apctl-systemd.patch
|
|
# Needed for socket activation and mod_systemd patch
|
|
Patch19: httpd-2.4.10-detect-systemd.patch
|
|
# Features/functional changes
|
|
Patch23: httpd-2.4.4-export.patch
|
|
Patch24: httpd-2.4.1-corelimit.patch
|
|
Patch25: httpd-2.4.1-selinux.patch
|
|
Patch26: httpd-2.4.4-r1337344+.patch
|
|
Patch27: httpd-2.4.2-icons.patch
|
|
Patch29: httpd-2.4.10-mod_systemd.patch
|
|
Patch30: httpd-2.4.4-cachehardmax.patch
|
|
Patch31: httpd-2.4.18-sslmultiproxy.patch
|
|
Patch34: httpd-2.4.17-socket-activation.patch
|
|
Patch35: httpd-2.4.17-sslciphdefault.patch
|
|
# Bug fixes
|
|
Patch56: httpd-2.4.4-mod_unique_id.patch
|
|
Patch57: httpd-2.4.10-sigint.patch
|
|
# Security fixes
|
|
|
|
License: ASL 2.0
|
|
Group: System Environment/Daemons
|
|
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
|
|
BuildRequires: autoconf, perl, perl-generators, pkgconfig, findutils, xmlto
|
|
BuildRequires: zlib-devel, libselinux-devel, lua-devel
|
|
BuildRequires: apr-devel >= 1.4.8, apr-util-devel >= 1.4.8, pcre-devel >= 5.0
|
|
BuildRequires: systemd-devel, libnghttp2-devel
|
|
Requires: /etc/mime.types
|
|
Obsoletes: httpd-suexec
|
|
Provides: webserver
|
|
Provides: mod_dav = %{version}-%{release}, httpd-suexec = %{version}-%{release}
|
|
Provides: httpd-mmn = %{mmn}, httpd-mmn = %{mmnisa}
|
|
Requires: httpd-tools = %{version}-%{release}
|
|
Requires: httpd-filesystem = %{version}-%{release}
|
|
Requires(pre): httpd-filesystem
|
|
Requires(preun): systemd-units
|
|
Requires(postun): systemd-units
|
|
Requires(post): systemd-units
|
|
Conflicts: apr < 1.4.8
|
|
|
|
%description
|
|
The Apache HTTP Server is a powerful, efficient, and extensible
|
|
web server.
|
|
|
|
%package devel
|
|
Group: Development/Libraries
|
|
Summary: Development interfaces for the Apache HTTP server
|
|
Obsoletes: secureweb-devel, apache-devel, stronghold-apache-devel
|
|
Requires: apr-devel, apr-util-devel, pkgconfig
|
|
Requires: httpd = %{version}-%{release}
|
|
|
|
%description devel
|
|
The httpd-devel package contains the APXS binary and other files
|
|
that you need to build Dynamic Shared Objects (DSOs) for the
|
|
Apache HTTP Server.
|
|
|
|
If you are installing the Apache HTTP server and you want to be
|
|
able to compile or develop additional modules for Apache, you need
|
|
to install this package.
|
|
|
|
%package manual
|
|
Group: Documentation
|
|
Summary: Documentation for the Apache HTTP server
|
|
Requires: httpd = %{version}-%{release}
|
|
Obsoletes: secureweb-manual, apache-manual
|
|
BuildArch: noarch
|
|
|
|
%description manual
|
|
The httpd-manual package contains the complete manual and
|
|
reference guide for the Apache HTTP server. The information can
|
|
also be found at http://httpd.apache.org/docs/2.2/.
|
|
|
|
%package filesystem
|
|
Group: System Environment/Daemons
|
|
Summary: The basic directory layout for the Apache HTTP server
|
|
BuildArch: noarch
|
|
Requires(pre): /usr/sbin/useradd
|
|
|
|
%description filesystem
|
|
The httpd-filesystem package contains the basic directory layout
|
|
for the Apache HTTP server including the correct permissions
|
|
for the directories.
|
|
|
|
%package tools
|
|
Group: System Environment/Daemons
|
|
Summary: Tools for use with the Apache HTTP Server
|
|
|
|
%description tools
|
|
The httpd-tools package contains tools which can be used with
|
|
the Apache HTTP Server.
|
|
|
|
%package -n mod_ssl
|
|
Group: System Environment/Daemons
|
|
Summary: SSL/TLS module for the Apache HTTP Server
|
|
Epoch: 1
|
|
BuildRequires: openssl-devel
|
|
Requires(post): openssl, /bin/cat, hostname
|
|
Requires(pre): httpd-filesystem
|
|
Requires: httpd = 0:%{version}-%{release}, httpd-mmn = %{mmnisa}
|
|
Obsoletes: stronghold-mod_ssl
|
|
# Require an OpenSSL which supports PROFILE=SYSTEM
|
|
Conflicts: openssl-libs < 1:1.0.1h-4
|
|
|
|
%description -n mod_ssl
|
|
The mod_ssl module provides strong cryptography for the Apache Web
|
|
server via the Secure Sockets Layer (SSL) and Transport Layer
|
|
Security (TLS) protocols.
|
|
|
|
%package -n mod_proxy_html
|
|
Group: System Environment/Daemons
|
|
Summary: HTML and XML content filters for the Apache HTTP Server
|
|
Requires: httpd = 0:%{version}-%{release}, httpd-mmn = %{mmnisa}
|
|
BuildRequires: libxml2-devel
|
|
Epoch: 1
|
|
Obsoletes: mod_proxy_html < 1:2.4.1-2
|
|
|
|
%description -n mod_proxy_html
|
|
The mod_proxy_html and mod_xml2enc modules provide filters which can
|
|
transform and modify HTML and XML content.
|
|
|
|
%package -n mod_ldap
|
|
Group: System Environment/Daemons
|
|
Summary: LDAP authentication modules for the Apache HTTP Server
|
|
Requires: httpd = 0:%{version}-%{release}, httpd-mmn = %{mmnisa}
|
|
Requires: apr-util-ldap
|
|
|
|
%description -n mod_ldap
|
|
The mod_ldap and mod_authnz_ldap modules add support for LDAP
|
|
authentication to the Apache HTTP Server.
|
|
|
|
%package -n mod_session
|
|
Group: System Environment/Daemons
|
|
Summary: Session interface for the Apache HTTP Server
|
|
Requires: httpd = 0:%{version}-%{release}, httpd-mmn = %{mmnisa}
|
|
|
|
%description -n mod_session
|
|
The mod_session module and associated backends provide an abstract
|
|
interface for storing and accessing per-user session data.
|
|
|
|
%prep
|
|
%setup -q
|
|
%patch1 -p1 -b .apctl
|
|
%patch2 -p1 -b .apxs
|
|
%patch3 -p1 -b .deplibs
|
|
%patch5 -p1 -b .layout
|
|
%patch6 -p1 -b .apctlsystemd
|
|
|
|
%patch19 -p1 -b .detectsystemd
|
|
|
|
%patch23 -p1 -b .export
|
|
%patch24 -p1 -b .corelimit
|
|
%patch25 -p1 -b .selinux
|
|
%patch26 -p1 -b .r1337344+
|
|
%patch27 -p1 -b .icons
|
|
%patch29 -p1 -b .systemd
|
|
%patch30 -p1 -b .cachehardmax
|
|
%patch31 -p1 -b .sslmultiproxy
|
|
#%patch34 -p1 -b .socketactivation
|
|
%patch35 -p1 -b .sslciphdefault
|
|
|
|
#%patch56 -p1 -b .uniqueid
|
|
#%patch57 -p1 -b .sigint
|
|
|
|
# Patch in the vendor string
|
|
sed -i '/^#define PLATFORM/s/Unix/%{vstring}/' os/unix/os.h
|
|
|
|
# Prevent use of setcap in "install-suexec-caps" target.
|
|
sed -i '/suexec/s,setcap ,echo Skipping setcap for ,' Makefile.in
|
|
|
|
# Safety check: prevent build if defined MMN does not equal upstream MMN.
|
|
vmmn=`echo MODULE_MAGIC_NUMBER_MAJOR | cpp -include include/ap_mmn.h | sed -n '/^2/p'`
|
|
if test "x${vmmn}" != "x%{mmn}"; then
|
|
: Error: Upstream MMN is now ${vmmn}, packaged MMN is %{mmn}
|
|
: Update the mmn macro and rebuild.
|
|
exit 1
|
|
fi
|
|
|
|
: Building with MMN %{mmn}, MMN-ISA %{mmnisa} and vendor string '%{vstring}'
|
|
|
|
%build
|
|
# forcibly prevent use of bundled apr, apr-util, pcre
|
|
rm -rf srclib/{apr,apr-util,pcre}
|
|
|
|
# regenerate configure scripts
|
|
autoheader && autoconf || exit 1
|
|
|
|
# Before configure; fix location of build dir in generated apxs
|
|
%{__perl} -pi -e "s:\@exp_installbuilddir\@:%{_libdir}/httpd/build:g" \
|
|
support/apxs.in
|
|
|
|
export CFLAGS=$RPM_OPT_FLAGS
|
|
export LDFLAGS="-Wl,-z,relro,-z,now"
|
|
|
|
# Hard-code path to links to avoid unnecessary builddep
|
|
export LYNX_PATH=/usr/bin/links
|
|
|
|
# Build the daemon
|
|
./configure \
|
|
--prefix=%{_sysconfdir}/httpd \
|
|
--exec-prefix=%{_prefix} \
|
|
--bindir=%{_bindir} \
|
|
--sbindir=%{_sbindir} \
|
|
--mandir=%{_mandir} \
|
|
--libdir=%{_libdir} \
|
|
--sysconfdir=%{_sysconfdir}/httpd/conf \
|
|
--includedir=%{_includedir}/httpd \
|
|
--libexecdir=%{_libdir}/httpd/modules \
|
|
--datadir=%{contentdir} \
|
|
--enable-layout=RedHat \
|
|
--with-installbuilddir=%{_libdir}/httpd/build \
|
|
--enable-mpms-shared=all \
|
|
--with-apr=%{_prefix} --with-apr-util=%{_prefix} \
|
|
--enable-suexec --with-suexec \
|
|
--enable-suexec-capabilities \
|
|
--with-suexec-caller=%{suexec_caller} \
|
|
--with-suexec-docroot=%{docroot} \
|
|
--without-suexec-logfile \
|
|
--with-suexec-syslog \
|
|
--with-suexec-bin=%{_sbindir}/suexec \
|
|
--with-suexec-uidmin=1000 --with-suexec-gidmin=1000 \
|
|
--enable-pie \
|
|
--with-pcre \
|
|
--enable-mods-shared=all \
|
|
--enable-ssl --with-ssl --disable-distcache \
|
|
--enable-proxy --enable-proxy-fdpass \
|
|
--enable-cache \
|
|
--enable-disk-cache \
|
|
--enable-ldap --enable-authnz-ldap \
|
|
--enable-cgid --enable-cgi \
|
|
--enable-authn-anon --enable-authn-alias \
|
|
--disable-imagemap --disable-file-cache
|
|
$*
|
|
make %{?_smp_mflags}
|
|
|
|
%install
|
|
rm -rf $RPM_BUILD_ROOT
|
|
|
|
make DESTDIR=$RPM_BUILD_ROOT install
|
|
|
|
# Install systemd service files
|
|
mkdir -p $RPM_BUILD_ROOT%{_unitdir}
|
|
for s in httpd.service htcacheclean.service httpd.socket; do
|
|
install -p -m 644 $RPM_SOURCE_DIR/${s} \
|
|
$RPM_BUILD_ROOT%{_unitdir}/${s}
|
|
done
|
|
|
|
# install conf file/directory
|
|
mkdir $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.d \
|
|
$RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.modules.d
|
|
install -m 644 $RPM_SOURCE_DIR/README.confd \
|
|
$RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.d/README
|
|
install -m 644 $RPM_SOURCE_DIR/README.confmod \
|
|
$RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.modules.d/README
|
|
for f in 00-base.conf 00-mpm.conf 00-lua.conf 01-cgi.conf 00-dav.conf \
|
|
00-proxy.conf 00-ssl.conf 01-ldap.conf 00-proxyhtml.conf \
|
|
01-ldap.conf 00-systemd.conf 01-session.conf 00-optional.conf; do
|
|
install -m 644 -p $RPM_SOURCE_DIR/$f \
|
|
$RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.modules.d/$f
|
|
done
|
|
|
|
# install systemd override drop directory
|
|
# Web application packages can drop snippets into this location if
|
|
# they need ExecStart[pre|post].
|
|
mkdir $RPM_BUILD_ROOT%{_unitdir}/httpd.service.d
|
|
mkdir $RPM_BUILD_ROOT%{_unitdir}/httpd.socket.d
|
|
|
|
install -m 644 -p $RPM_SOURCE_DIR/10-listen443.conf \
|
|
$RPM_BUILD_ROOT%{_unitdir}/httpd.socket.d/10-listen443.conf
|
|
|
|
for f in welcome.conf ssl.conf manual.conf userdir.conf; do
|
|
install -m 644 -p $RPM_SOURCE_DIR/$f \
|
|
$RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.d/$f
|
|
done
|
|
|
|
# Split-out extra config shipped as default in conf.d:
|
|
for f in autoindex; do
|
|
install -m 644 docs/conf/extra/httpd-${f}.conf \
|
|
$RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.d/${f}.conf
|
|
done
|
|
|
|
# Extra config trimmed:
|
|
rm -v docs/conf/extra/httpd-{ssl,userdir}.conf
|
|
|
|
rm $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf/*.conf
|
|
install -m 644 -p $RPM_SOURCE_DIR/httpd.conf \
|
|
$RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf/httpd.conf
|
|
|
|
mkdir $RPM_BUILD_ROOT%{_sysconfdir}/sysconfig
|
|
for s in httpd htcacheclean; do
|
|
install -m 644 -p $RPM_SOURCE_DIR/${s}.sysconf \
|
|
$RPM_BUILD_ROOT%{_sysconfdir}/sysconfig/${s}
|
|
done
|
|
|
|
# tmpfiles.d configuration
|
|
mkdir -p $RPM_BUILD_ROOT%{_prefix}/lib/tmpfiles.d
|
|
install -m 644 -p $RPM_SOURCE_DIR/httpd.tmpfiles \
|
|
$RPM_BUILD_ROOT%{_prefix}/lib/tmpfiles.d/httpd.conf
|
|
|
|
# Other directories
|
|
mkdir -p $RPM_BUILD_ROOT%{_localstatedir}/lib/dav \
|
|
$RPM_BUILD_ROOT/run/httpd/htcacheclean
|
|
|
|
# Substitute in defaults which are usually done (badly) by "make install"
|
|
sed -i \
|
|
"s,@@ServerRoot@@/var,%{_localstatedir}/lib/dav,;
|
|
s,@@ServerRoot@@/user.passwd,/etc/httpd/conf/user.passwd,;
|
|
s,@@ServerRoot@@/docs,%{docroot},;
|
|
s,@@ServerRoot@@,%{docroot},;
|
|
s,@@Port@@,80,;" \
|
|
docs/conf/extra/*.conf
|
|
|
|
# Create cache directory
|
|
mkdir -p $RPM_BUILD_ROOT%{_localstatedir}/cache/httpd \
|
|
$RPM_BUILD_ROOT%{_localstatedir}/cache/httpd/proxy \
|
|
$RPM_BUILD_ROOT%{_localstatedir}/cache/httpd/ssl
|
|
|
|
# Make the MMN accessible to module packages
|
|
echo %{mmnisa} > $RPM_BUILD_ROOT%{_includedir}/httpd/.mmn
|
|
mkdir -p $RPM_BUILD_ROOT%{_rpmconfigdir}/macros.d
|
|
cat > $RPM_BUILD_ROOT%{_rpmconfigdir}/macros.d/macros.httpd <<EOF
|
|
%%_httpd_mmn %{mmnisa}
|
|
%%_httpd_apxs %%{_bindir}/apxs
|
|
%%_httpd_modconfdir %%{_sysconfdir}/httpd/conf.modules.d
|
|
%%_httpd_confdir %%{_sysconfdir}/httpd/conf.d
|
|
%%_httpd_contentdir %{contentdir}
|
|
%%_httpd_moddir %%{_libdir}/httpd/modules
|
|
EOF
|
|
|
|
# Handle contentdir
|
|
mkdir $RPM_BUILD_ROOT%{contentdir}/noindex
|
|
install -m 644 -p $RPM_SOURCE_DIR/index.html \
|
|
$RPM_BUILD_ROOT%{contentdir}/noindex/index.html
|
|
rm -rf %{contentdir}/htdocs
|
|
|
|
# remove manual sources
|
|
find $RPM_BUILD_ROOT%{contentdir}/manual \( \
|
|
-name \*.xml -o -name \*.xml.* -o -name \*.ent -o -name \*.xsl -o -name \*.dtd \
|
|
\) -print0 | xargs -0 rm -f
|
|
|
|
# Strip the manual down just to English and replace the typemaps with flat files:
|
|
set +x
|
|
for f in `find $RPM_BUILD_ROOT%{contentdir}/manual -name \*.html -type f`; do
|
|
if test -f ${f}.en; then
|
|
cp ${f}.en ${f}
|
|
rm ${f}.*
|
|
fi
|
|
done
|
|
set -x
|
|
|
|
# Clean Document Root
|
|
rm -v $RPM_BUILD_ROOT%{docroot}/html/*.html \
|
|
$RPM_BUILD_ROOT%{docroot}/cgi-bin/*
|
|
|
|
# Symlink for the powered-by-$DISTRO image:
|
|
ln -s ../../pixmaps/poweredby.png \
|
|
$RPM_BUILD_ROOT%{contentdir}/icons/poweredby.png
|
|
|
|
# symlinks for /etc/httpd
|
|
ln -s ../..%{_localstatedir}/log/httpd $RPM_BUILD_ROOT/etc/httpd/logs
|
|
ln -s /run/httpd $RPM_BUILD_ROOT/etc/httpd/run
|
|
ln -s ../..%{_libdir}/httpd/modules $RPM_BUILD_ROOT/etc/httpd/modules
|
|
|
|
# install http-ssl-pass-dialog
|
|
mkdir -p $RPM_BUILD_ROOT%{_libexecdir}
|
|
install -m755 $RPM_SOURCE_DIR/httpd-ssl-pass-dialog \
|
|
$RPM_BUILD_ROOT%{_libexecdir}/httpd-ssl-pass-dialog
|
|
|
|
# Install action scripts
|
|
mkdir -p $RPM_BUILD_ROOT%{_libexecdir}/initscripts/legacy-actions/httpd
|
|
for f in graceful configtest; do
|
|
install -p -m 755 $RPM_SOURCE_DIR/action-${f}.sh \
|
|
$RPM_BUILD_ROOT%{_libexecdir}/initscripts/legacy-actions/httpd/${f}
|
|
done
|
|
|
|
# Install logrotate config
|
|
mkdir -p $RPM_BUILD_ROOT/etc/logrotate.d
|
|
install -m 644 -p $RPM_SOURCE_DIR/httpd.logrotate \
|
|
$RPM_BUILD_ROOT/etc/logrotate.d/httpd
|
|
|
|
# fix man page paths
|
|
sed -e "s|/usr/local/apache2/conf/httpd.conf|/etc/httpd/conf/httpd.conf|" \
|
|
-e "s|/usr/local/apache2/conf/mime.types|/etc/mime.types|" \
|
|
-e "s|/usr/local/apache2/conf/magic|/etc/httpd/conf/magic|" \
|
|
-e "s|/usr/local/apache2/logs/error_log|/var/log/httpd/error_log|" \
|
|
-e "s|/usr/local/apache2/logs/access_log|/var/log/httpd/access_log|" \
|
|
-e "s|/usr/local/apache2/logs/httpd.pid|/run/httpd/httpd.pid|" \
|
|
-e "s|/usr/local/apache2|/etc/httpd|" < docs/man/httpd.8 \
|
|
> $RPM_BUILD_ROOT%{_mandir}/man8/httpd.8
|
|
|
|
# Make ap_config_layout.h libdir-agnostic
|
|
sed -i '/.*DEFAULT_..._LIBEXECDIR/d;/DEFAULT_..._INSTALLBUILDDIR/d' \
|
|
$RPM_BUILD_ROOT%{_includedir}/httpd/ap_config_layout.h
|
|
|
|
# Fix path to instdso in special.mk
|
|
sed -i '/instdso/s,top_srcdir,top_builddir,' \
|
|
$RPM_BUILD_ROOT%{_libdir}/httpd/build/special.mk
|
|
|
|
# Remove unpackaged files
|
|
rm -vf \
|
|
$RPM_BUILD_ROOT%{_libdir}/*.exp \
|
|
$RPM_BUILD_ROOT/etc/httpd/conf/mime.types \
|
|
$RPM_BUILD_ROOT%{_libdir}/httpd/modules/*.exp \
|
|
$RPM_BUILD_ROOT%{_libdir}/httpd/build/config.nice \
|
|
$RPM_BUILD_ROOT%{_bindir}/{ap?-config,dbmmanage} \
|
|
$RPM_BUILD_ROOT%{_sbindir}/{checkgid,envvars*} \
|
|
$RPM_BUILD_ROOT%{contentdir}/htdocs/* \
|
|
$RPM_BUILD_ROOT%{_mandir}/man1/dbmmanage.* \
|
|
$RPM_BUILD_ROOT%{contentdir}/cgi-bin/*
|
|
|
|
rm -rf $RPM_BUILD_ROOT/etc/httpd/conf/{original,extra}
|
|
|
|
%pre filesystem
|
|
getent group apache >/dev/null || groupadd -g 48 -r apache
|
|
getent passwd apache >/dev/null || \
|
|
useradd -r -u 48 -g apache -s /sbin/nologin \
|
|
-d %{contentdir} -c "Apache" apache
|
|
exit 0
|
|
|
|
%post
|
|
%systemd_post httpd.service htcacheclean.service httpd.socket
|
|
|
|
%preun
|
|
%systemd_preun httpd.service htcacheclean.service httpd.socket
|
|
|
|
%postun
|
|
%systemd_postun
|
|
|
|
# Trigger for conversion from SysV, per guidelines at:
|
|
# https://fedoraproject.org/wiki/Packaging:ScriptletSnippets#Systemd
|
|
%triggerun -- httpd < 2.2.21-5
|
|
# Save the current service runlevel info
|
|
# User must manually run systemd-sysv-convert --apply httpd
|
|
# to migrate them to systemd targets
|
|
/usr/bin/systemd-sysv-convert --save httpd.service >/dev/null 2>&1 ||:
|
|
|
|
# Run these because the SysV package being removed won't do them
|
|
/sbin/chkconfig --del httpd >/dev/null 2>&1 || :
|
|
|
|
%posttrans
|
|
test -f /etc/sysconfig/httpd-disable-posttrans || \
|
|
/bin/systemctl try-restart httpd.service htcacheclean.service >/dev/null 2>&1 || :
|
|
|
|
%define sslcert %{_sysconfdir}/pki/tls/certs/localhost.crt
|
|
%define sslkey %{_sysconfdir}/pki/tls/private/localhost.key
|
|
|
|
%post -n mod_ssl
|
|
umask 077
|
|
|
|
if [ -f %{sslkey} -o -f %{sslcert} ]; then
|
|
exit 0
|
|
fi
|
|
|
|
%{_bindir}/openssl genrsa -rand /proc/apm:/proc/cpuinfo:/proc/dma:/proc/filesystems:/proc/interrupts:/proc/ioports:/proc/pci:/proc/rtc:/proc/uptime 2048 > %{sslkey} 2> /dev/null
|
|
|
|
FQDN=`hostname`
|
|
# A >59 char FQDN means "root@FQDN" exceeds 64-char max length for emailAddress
|
|
if [ "x${FQDN}" = "x" -o ${#FQDN} -gt 59 ]; then
|
|
FQDN=localhost.localdomain
|
|
fi
|
|
|
|
cat << EOF | %{_bindir}/openssl req -new -key %{sslkey} \
|
|
-x509 -sha256 -days 365 -set_serial $RANDOM -extensions v3_req \
|
|
-out %{sslcert} 2>/dev/null
|
|
--
|
|
SomeState
|
|
SomeCity
|
|
SomeOrganization
|
|
SomeOrganizationalUnit
|
|
${FQDN}
|
|
root@${FQDN}
|
|
EOF
|
|
|
|
%check
|
|
# Check the built modules are all PIC
|
|
if readelf -d $RPM_BUILD_ROOT%{_libdir}/httpd/modules/*.so | grep TEXTREL; then
|
|
: modules contain non-relocatable code
|
|
exit 1
|
|
fi
|
|
set +x
|
|
rv=0
|
|
# Ensure every mod_* that's built is loaded.
|
|
for f in $RPM_BUILD_ROOT%{_libdir}/httpd/modules/*.so; do
|
|
m=${f##*/}
|
|
if ! grep -q $m $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.modules.d/*.conf; then
|
|
echo ERROR: Module $m not configured. Disable it, or load it.
|
|
rv=1
|
|
fi
|
|
done
|
|
# Ensure every loaded mod_* is actually built
|
|
mods=`grep -h ^LoadModule $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.modules.d/*.conf | sed 's,.*modules/,,'`
|
|
for m in $mods; do
|
|
f=$RPM_BUILD_ROOT%{_libdir}/httpd/modules/${m}
|
|
if ! test -x $f; then
|
|
echo ERROR: Module $m is configured but not built.
|
|
rv=1
|
|
fi
|
|
done
|
|
exit $rv
|
|
|
|
%clean
|
|
rm -rf $RPM_BUILD_ROOT
|
|
|
|
%files
|
|
%defattr(-,root,root)
|
|
|
|
%doc ABOUT_APACHE README CHANGES LICENSE VERSIONING NOTICE
|
|
%doc docs/conf/extra/*.conf
|
|
|
|
%{_sysconfdir}/httpd/modules
|
|
%{_sysconfdir}/httpd/logs
|
|
%{_sysconfdir}/httpd/run
|
|
%dir %{_sysconfdir}/httpd/conf
|
|
%config(noreplace) %{_sysconfdir}/httpd/conf/httpd.conf
|
|
%config(noreplace) %{_sysconfdir}/httpd/conf/magic
|
|
|
|
%config(noreplace) %{_sysconfdir}/logrotate.d/httpd
|
|
|
|
%config(noreplace) %{_sysconfdir}/httpd/conf.d/*.conf
|
|
%exclude %{_sysconfdir}/httpd/conf.d/ssl.conf
|
|
%exclude %{_sysconfdir}/httpd/conf.d/manual.conf
|
|
|
|
%dir %{_sysconfdir}/httpd/conf.modules.d
|
|
%{_sysconfdir}/httpd/conf.modules.d/README
|
|
%config(noreplace) %{_sysconfdir}/httpd/conf.modules.d/*.conf
|
|
%exclude %{_sysconfdir}/httpd/conf.modules.d/00-ssl.conf
|
|
%exclude %{_sysconfdir}/httpd/conf.modules.d/00-proxyhtml.conf
|
|
%exclude %{_sysconfdir}/httpd/conf.modules.d/01-ldap.conf
|
|
%exclude %{_sysconfdir}/httpd/conf.modules.d/01-session.conf
|
|
|
|
%config(noreplace) %{_sysconfdir}/sysconfig/ht*
|
|
%{_prefix}/lib/tmpfiles.d/httpd.conf
|
|
|
|
%dir %{_libexecdir}/initscripts/legacy-actions/httpd
|
|
%{_libexecdir}/initscripts/legacy-actions/httpd/*
|
|
|
|
%{_sbindir}/ht*
|
|
%{_sbindir}/fcgistarter
|
|
%{_sbindir}/apachectl
|
|
%{_sbindir}/rotatelogs
|
|
%caps(cap_setuid,cap_setgid+pe) %attr(510,root,%{suexec_caller}) %{_sbindir}/suexec
|
|
|
|
%dir %{_libdir}/httpd
|
|
%dir %{_libdir}/httpd/modules
|
|
%{_libdir}/httpd/modules/mod*.so
|
|
%exclude %{_libdir}/httpd/modules/mod_auth_form.so
|
|
%exclude %{_libdir}/httpd/modules/mod_ssl.so
|
|
%exclude %{_libdir}/httpd/modules/mod_*ldap.so
|
|
%exclude %{_libdir}/httpd/modules/mod_proxy_html.so
|
|
%exclude %{_libdir}/httpd/modules/mod_xml2enc.so
|
|
%exclude %{_libdir}/httpd/modules/mod_session*.so
|
|
|
|
%dir %{contentdir}/error
|
|
%dir %{contentdir}/error/include
|
|
%dir %{contentdir}/noindex
|
|
%{contentdir}/icons/*
|
|
%{contentdir}/error/README
|
|
%{contentdir}/error/*.var
|
|
%{contentdir}/error/include/*.html
|
|
%{contentdir}/noindex/index.html
|
|
|
|
%attr(0710,root,apache) %dir /run/httpd
|
|
%attr(0700,apache,apache) %dir /run/httpd/htcacheclean
|
|
%attr(0700,root,root) %dir %{_localstatedir}/log/httpd
|
|
%attr(0700,apache,apache) %dir %{_localstatedir}/lib/dav
|
|
%attr(0700,apache,apache) %dir %{_localstatedir}/cache/httpd
|
|
%attr(0700,apache,apache) %dir %{_localstatedir}/cache/httpd/proxy
|
|
|
|
%{_mandir}/man8/*
|
|
|
|
%{_unitdir}/*.service
|
|
%{_unitdir}/*.socket
|
|
%attr(755,root,root) %dir %{_unitdir}/httpd.service.d
|
|
%attr(755,root,root) %dir %{_unitdir}/httpd.socket.d
|
|
|
|
%files filesystem
|
|
%dir %{_sysconfdir}/httpd
|
|
%dir %{_sysconfdir}/httpd/conf.d
|
|
%{_sysconfdir}/httpd/conf.d/README
|
|
%dir %{docroot}
|
|
%dir %{docroot}/cgi-bin
|
|
%dir %{docroot}/html
|
|
%dir %{contentdir}
|
|
%dir %{contentdir}/icons
|
|
|
|
%files tools
|
|
%defattr(-,root,root)
|
|
%{_bindir}/*
|
|
%{_mandir}/man1/*
|
|
%doc LICENSE NOTICE
|
|
%exclude %{_bindir}/apxs
|
|
%exclude %{_mandir}/man1/apxs.1*
|
|
|
|
%files manual
|
|
%defattr(-,root,root)
|
|
%{contentdir}/manual
|
|
%config(noreplace) %{_sysconfdir}/httpd/conf.d/manual.conf
|
|
|
|
%files -n mod_ssl
|
|
%defattr(-,root,root)
|
|
%{_libdir}/httpd/modules/mod_ssl.so
|
|
%config(noreplace) %{_sysconfdir}/httpd/conf.modules.d/00-ssl.conf
|
|
%config(noreplace) %{_sysconfdir}/httpd/conf.d/ssl.conf
|
|
%attr(0700,apache,root) %dir %{_localstatedir}/cache/httpd/ssl
|
|
%{_libexecdir}/httpd-ssl-pass-dialog
|
|
%{_unitdir}/httpd.socket.d/10-listen443.conf
|
|
|
|
%files -n mod_proxy_html
|
|
%defattr(-,root,root)
|
|
%{_libdir}/httpd/modules/mod_proxy_html.so
|
|
%{_libdir}/httpd/modules/mod_xml2enc.so
|
|
%config(noreplace) %{_sysconfdir}/httpd/conf.modules.d/00-proxyhtml.conf
|
|
|
|
%files -n mod_ldap
|
|
%defattr(-,root,root)
|
|
%{_libdir}/httpd/modules/mod_*ldap.so
|
|
%config(noreplace) %{_sysconfdir}/httpd/conf.modules.d/01-ldap.conf
|
|
|
|
%files -n mod_session
|
|
%defattr(-,root,root)
|
|
%{_libdir}/httpd/modules/mod_session*.so
|
|
%{_libdir}/httpd/modules/mod_auth_form.so
|
|
%config(noreplace) %{_sysconfdir}/httpd/conf.modules.d/01-session.conf
|
|
|
|
%files devel
|
|
%defattr(-,root,root)
|
|
%{_includedir}/httpd
|
|
%{_bindir}/apxs
|
|
%{_mandir}/man1/apxs.1*
|
|
%dir %{_libdir}/httpd/build
|
|
%{_libdir}/httpd/build/*.mk
|
|
%{_libdir}/httpd/build/*.sh
|
|
%{_rpmconfigdir}/macros.d/macros.httpd
|
|
|
|
%changelog
|
|
* Tue Feb 13 2018 Daniel Steiner <dsteiner@redhat.com> - 2.4.29-1
|
|
- new version 2.4.29
|
|
|