From owner-svn-ports-all@freebsd.org Mon Mar 16 19:42:02 2020 Return-Path: Delivered-To: svn-ports-all@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id BEA4026DBF9; Mon, 16 Mar 2020 19:42:02 +0000 (UTC) (envelope-from osa@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 48h6Bf3KjZz4LDr; Mon, 16 Mar 2020 19:42:02 +0000 (UTC) (envelope-from osa@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 676672573B; Mon, 16 Mar 2020 19:42:02 +0000 (UTC) (envelope-from osa@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id 02GJg2iH026803; Mon, 16 Mar 2020 19:42:02 GMT (envelope-from osa@FreeBSD.org) Received: (from osa@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id 02GJg2vC026801; Mon, 16 Mar 2020 19:42:02 GMT (envelope-from osa@FreeBSD.org) Message-Id: <202003161942.02GJg2vC026801@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: osa set sender to osa@FreeBSD.org using -f From: "Sergey A. Osokin" Date: Mon, 16 Mar 2020 19:42:02 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r528539 - in head/www/unit: . files X-SVN-Group: ports-head X-SVN-Commit-Author: osa X-SVN-Commit-Paths: in head/www/unit: . files X-SVN-Commit-Revision: 528539 X-SVN-Commit-Repository: ports MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-all@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: SVN commit messages for the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 16 Mar 2020 19:42:02 -0000 Author: osa Date: Mon Mar 16 19:42:01 2020 New Revision: 528539 URL: https://svnweb.freebsd.org/changeset/ports/528539 Log: Change default user for non-priveleged processes of NGINX Unit from `nobody' to `www' user. Also check the directory for temporary files exists and has correct permissions. Bump PORTREVISION. Modified: head/www/unit/Makefile head/www/unit/files/unitd.in Modified: head/www/unit/Makefile ============================================================================== --- head/www/unit/Makefile Mon Mar 16 19:15:45 2020 (r528538) +++ head/www/unit/Makefile Mon Mar 16 19:42:01 2020 (r528539) @@ -3,6 +3,7 @@ PORTNAME= unit PORTVERSION= 1.16.0 +PORTREVISION= 1 CATEGORIES= www MASTER_SITES= https://unit.nginx.org/download/ @@ -48,16 +49,25 @@ CONFIGURE_ARGS= --prefix=${PREFIX} \ --modules=libexec/unit/modules \ --pid=${UNIT_PIDFILE} \ --state=libexec/unit \ - --tmp=${UNIT_TMPDIR} + --tmp=${UNIT_TMPDIR} \ + --user=${WWWOWN} --group=${WWWGRP} -PLIST_FILES?= sbin/unitd +USERS?= ${WWWOWN} +GROUPS?=${WWWGRP} + +ALL_TARGET= + PLIST_DIRS?= libexec/unit/modules \ libexec/unit +PLIST_FILES?= sbin/unitd USE_RC_SUBR?= unitd SUB_LIST= PREFIX=${PREFIX} \ UNIT_PIDFILE=${UNIT_PIDFILE} \ - UNIT_SOCK=${UNIT_SOCK} + UNIT_SOCK=${UNIT_SOCK} \ + UNIT_TMPDIR=${UNIT_TMPDIR} \ + WWWOWN=${WWWOWN} \ + WWWGRP=${WWWGRP} .if ${PORT_OPTIONS:MDEBUG} CONFIGURE_ARGS+=--debug Modified: head/www/unit/files/unitd.in ============================================================================== --- head/www/unit/files/unitd.in Mon Mar 16 19:15:45 2020 (r528538) +++ head/www/unit/files/unitd.in Mon Mar 16 19:42:01 2020 (r528539) @@ -21,9 +21,20 @@ rcvar=unitd_enable command="%%PREFIX%%/sbin/unitd" start_precmd=start_precmd +_tmpprefix="%%UNIT_TMPDIR%%" +unitd_checktmpdir() +{ + if [ ! -d ${_tmpprefix} ] ; then + install -d -o %%WWWOWN%% -g %%WWWGRP%% -m 755 ${_tmpprefix} + else + chown -R %%WWWOWN%%:%%WWWGRP%% ${_tmpprefix} + fi +} + start_precmd() { + unitd_checktmpdir rm -f %%UNIT_SOCK%% }