From owner-freebsd-ports-bugs@FreeBSD.ORG Sun Nov 18 11:40:00 2012 Return-Path: Delivered-To: freebsd-ports-bugs@smarthost.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id E9BD9722 for ; Sun, 18 Nov 2012 11:40:00 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:1900:2254:206c::16:87]) by mx1.freebsd.org (Postfix) with ESMTP id C19988FC17 for ; Sun, 18 Nov 2012 11:40:00 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.5/8.14.5) with ESMTP id qAIBe0vC028001 for ; Sun, 18 Nov 2012 11:40:00 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.5/8.14.5/Submit) id qAIBe0oA027996; Sun, 18 Nov 2012 11:40:00 GMT (envelope-from gnats) Resent-Date: Sun, 18 Nov 2012 11:40:00 GMT Resent-Message-Id: <201211181140.qAIBe0oA027996@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-ports-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, peter@vereshagin.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id D122263A for ; Sun, 18 Nov 2012 11:32:42 +0000 (UTC) (envelope-from peter@vereshagin.org) Received: from mx1.skyriver.ru (ns1.skyriver.ru [89.108.118.221]) by mx1.freebsd.org (Postfix) with ESMTP id 2C1E68FC13 for ; Sun, 18 Nov 2012 11:32:41 +0000 (UTC) Received: from localhost (tor4.anonymizer.ccc.de [80.237.226.74]) by mx1.skyriver.ru (Postfix) with ESMTPSA id E03BF5A8D; Sun, 18 Nov 2012 15:32:37 +0400 (MSK) Message-Id: <20121118113231.GA5332@external.screwed.box> Date: Sun, 18 Nov 2012 15:32:31 +0400 From: peter@vereshagin.org To: FreeBSD-gnats-submit@FreeBSD.org Subject: ports/173698: www/p5-FCGI-Spawn update to v0.16.2 Cc: peter@vereshagin.org X-BeenThere: freebsd-ports-bugs@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list Reply-To: peter@vereshagin.org List-Id: Ports bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 18 Nov 2012 11:40:01 -0000 >Number: 173698 >Category: ports >Synopsis: www/p5-FCGI-Spawn update to v0.16.2 >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Sun Nov 18 11:40:00 UTC 2012 >Closed-Date: >Last-Modified: >Originator: >Release: FreeBSD 7.4-STABLE i386 >Organization: ' >Environment: System: FreeBSD tehost 7.4-STABLE FreeBSD 7.4-STABLE #12: Wed Oct 5 05:49:39 MSK 2011 usr@tehost:/CONF i386 >Description: Security fix for www/p5-FCGI-Spawn users. Supplemental groups don't use to be dropped by bin/fcgi_spawn. This is not what bin/fcgi_spawn has the '-g' switch for. More info: https://rt.cpan.org/Ticket/Display.html?id=72408 Thanks: John Lightsey >How-To-Repeat: If you 'print `/usr/bin/id`, "\n";' in your CGI program running with www/p5-FCGI-Spawn, you'll see supplemental groups in the output. >Fix: Update the port to v0.16.2. Shell archive of the port is supplied (follows). --- p5-FCGI-Spawn.shar begins here --- # This is a shell archive. Save it in a file, remove anything before # this line, and then unpack it by entering "sh file". Note, it may # create directories; files and directories will be owned by you and # have default permissions. # # This archive contains: # # p5-FCGI-Spawn # p5-FCGI-Spawn/Makefile # p5-FCGI-Spawn/distinfo # p5-FCGI-Spawn/files # p5-FCGI-Spawn/files/fcgi_spawn.in # p5-FCGI-Spawn/pkg-deinstall # p5-FCGI-Spawn/pkg-descr # p5-FCGI-Spawn/pkg-install # p5-FCGI-Spawn/pkg-message # p5-FCGI-Spawn/pkg-plist # echo c - p5-FCGI-Spawn mkdir -p p5-FCGI-Spawn > /dev/null 2>&1 echo x - p5-FCGI-Spawn/Makefile sed 's/^X//' >p5-FCGI-Spawn/Makefile << '78eca2bb13f9b634ff529efbf64534aa' X# New ports collection makefile for: p5-FCGI-Spawn X# Date created: 2012-11-17 X# Whom: Peter Vereshagin X# X# $FreeBSD: ports/www/p5-FCGI-Spawn/Makefile,v 1.6 2010/04/14 13:48:02 skreuzer Exp $ X# X XPORTNAME= FCGI-Spawn XPORTVERSION= 0.16.2 XCATEGORIES= www perl5 XMASTER_SITES= CPAN XPKGNAMEPREFIX= p5- X XMAINTAINER= peter@vereshagin.org XCOMMENT= FastCGI server for CGI-like applications multiprocessing X XRUN_DEPENDS= ${SITE_PERL}/FCGI/ProcManager.pm:${PORTSDIR}/www/p5-FCGI-ProcManager X XPERL_CONFIGURE= yes X XUSE_RC_SUBR+= fcgi_spawn X XMAN3= FCGI::Spawn.3 \ X FCGI::Spawn::BinUtils.3 XMAN1= fcgi_spawn.1 X XOPTIONS= MYSQL "MySQL dependency to run on RC start" off \ X PGSQL "PgSQL dependency to run on RC start" off X X.include X X.if defined(WITH_MYSQL) X# RUN_DEPENDS+= mysql-server>=0:${PORTSDIR}/databases/mysql${MYSQL_VER}-server XSUB_LIST+= MYSQL=mysql X. else XSUB_LIST+= MYSQL= X.endif X X.if defined(WITH_PGSQL) X# RUN_DEPENDS+= postgresql-server>=0:${PORTSDIR}/databases/postgresql${PGSQL_VER}-server XSUB_LIST+= PGSQL=postgresql X. else XSUB_LIST+= PGSQL= X.endif X Xpost-install: X @${MKDIR} ${PREFIX}/etc/fcgi_spawn X @${INSTALL_DATA} ${WRKSRC}/fcgi_spawn.conf.sample ${PREFIX}/etc/fcgi_spawn X @${MKDIR} ${PREFIX}/share/doc/${PKGNAMEPREFIX}${PORTNAME} X @${INSTALL_DATA} ${WRKSRC}/README \ X ${PREFIX}/share/doc/${PKGNAMEPREFIX}${PORTNAME} X @${CAT} ${PKGMESSAGE} X X.include 78eca2bb13f9b634ff529efbf64534aa echo x - p5-FCGI-Spawn/distinfo sed 's/^X//' >p5-FCGI-Spawn/distinfo << 'f02bcba4c6a290527ae5b163e7ad9864' XSHA256 (FCGI-Spawn-0.16.2.tar.gz) = 2880f26f229b37a674c07afceb9199fea1986d36c268bd71f9e19d710df9eef7 XSIZE (FCGI-Spawn-0.16.2.tar.gz) = 29443 f02bcba4c6a290527ae5b163e7ad9864 echo c - p5-FCGI-Spawn/files mkdir -p p5-FCGI-Spawn/files > /dev/null 2>&1 echo x - p5-FCGI-Spawn/files/fcgi_spawn.in sed 's/^X//' >p5-FCGI-Spawn/files/fcgi_spawn.in << '498aa025dce9fba92dc1292abab35f32' X#!/bin/sh X X# PROVIDE: fcgi_spawn X# REQUIRE: LOGIN %%MYSQL%% %%PGSQL%% X# KEYWORD: shutdown X X. /etc/rc.subr X Xname="fcgi_spawn" Xrcvar=${name}_enable X Xfcgi_spawn_enable=${fcgi_spawn_enable:-"NO"} Xpidfile=${fcgi_spawn_pid:-"/var/run/${name}.pid"} X Xload_rc_config ${name} X Xfcgi_spawn_config_path=${fcgi_spawn_config_path:-"/usr/local/etc/${name}"} Xfcgi_spawn_log=${fcgi_spawn_log:-"/var/log/${name}.log"} Xfcgi_spawn_socket_path=${fcgi_spawn_socket_path:-"/tmp/spawner.sock"} Xfcgi_spawn_redefine_exit=${fcgi_spawn_redefine_exit:-"0"} Xfcgi_spawn_username=${fcgi_spawn_username:-"fcgi"} Xfcgi_spawn_groupname=${fcgi_spawn_groupname:-"fcgi"} Xfcgi_spawn_flags=${fcgi_spawn_flags:-""} Xcommand="%%PREFIX%%/bin/${name}" Xcommand_args="-l ${fcgi_spawn_log} -p ${pidfile} -c ${fcgi_spawn_config_path} -u ${fcgi_spawn_username} -g ${fcgi_spawn_groupname} -s ${fcgi_spawn_socket_path}" Xrequired_dirs=${fcgi_spawn_config_path} X Xrun_rc_command "$1" 498aa025dce9fba92dc1292abab35f32 echo x - p5-FCGI-Spawn/pkg-deinstall sed 's/^X//' >p5-FCGI-Spawn/pkg-deinstall << 'dd48392362ec8cfd3a71c5b52dc384ea' X#!/bin/sh X# X# $FreeBSD: ports/www/p5-FCGI-Spawn/pkg-deinstall,v 1.1 2010/04/14 13:58:52 skreuzer Exp $ X# X Xif [ "$2" != "POST-DEINSTALL" ]; then X exit 0 Xfi X XUSER=fcgi X Xif pw usershow "${USER}" 2>/dev/null 1>&2; then X echo "To delete user permanently, use 'pw userdel ${USER}'. Also, unused groups of that user should be deleted, too" Xfi X Xexit 0 dd48392362ec8cfd3a71c5b52dc384ea echo x - p5-FCGI-Spawn/pkg-descr sed 's/^X//' >p5-FCGI-Spawn/pkg-descr << '81551c0d2f91cd075e018bf0588b30a3' XFCGI::Spawn is used to serve CGI-like applications as a FastCGI process Xmanager. Besides the features the FCGI::ProcManager posess itself, the XFCGI::Spawn is targeted as web server admin understandable instance for Xbuilding the own fastcgi server with copy-on-write memory sharing among Xforks and with single input parameters like socket path and processes Xnumber. Another thing to mention is that it is able to execute/do() any file Xpointed by Web server. So we have the daemon that separates the task of Xdevelopers (admins, users, etc.) within the same processes set making the Xsoultion a memory-effective. X XWWW: http://search.cpan.org/dist/FCGI-Spawn/ 81551c0d2f91cd075e018bf0588b30a3 echo x - p5-FCGI-Spawn/pkg-install sed 's/^X//' >p5-FCGI-Spawn/pkg-install << 'e2149dbcf96982c8ba6102bb711a810d' X#!/bin/sh X# X# $FreeBSD: ports/www/p5-FCGI-Spawn/pkg-install,v 1.1 2010/04/14 13:58:52 skreuzer Exp $ X# X Xif [ "$2" != "PRE-INSTALL" ]; then X exit 0 Xfi X XUSER=fcgi XGROUP=${USER} X Xif ! pw groupshow "${GROUP}" 2>/dev/null 1>&2; then X if pw groupadd ${GROUP} ; then X echo "Added group \"${GROUP}\"." X else X echo "Adding group \"${GROUP}\" failed..." X exit 1 X fi Xfi X Xif ! pw usershow "${USER}" 2>/dev/null 1>&2; then X if pw useradd ${USER} -g ${GROUP} -h - \ X -s "/sbin/nologin" -d "/nonexistent" \ X -c "FastCGI Spawner"; \ X then X echo "Added user \"${USER}\"." X else X echo "Adding user \"${USER}\" failed..." X exit 1 X fi Xfi X Xexit 0 e2149dbcf96982c8ba6102bb711a810d echo x - p5-FCGI-Spawn/pkg-message sed 's/^X//' >p5-FCGI-Spawn/pkg-message << '3ce0816cea8492bc7e0b5a82e53fef17' X-=*** FCGI::Spawn and fcgi_spawn are installed ***=- X XFor the first time, check all the docs supplied with the package. X XTo run the fcgi_spawn on boot time, create the system user for it, and group, Xtoo. After that, assuming you name them "fcgi", add this to your rc.conf: X Xfcgi_spawn_enable="YES" Xfcgi_spawn_username="fcgi" Xfcgi_spawn_groupname="fcgi" X XYou may want to set fcgi_spawn_flags also according to taste. 3ce0816cea8492bc7e0b5a82e53fef17 echo x - p5-FCGI-Spawn/pkg-plist sed 's/^X//' >p5-FCGI-Spawn/pkg-plist << '840fce8901f5b04ff59e2d2f7c825097' X%%SITE_PERL%%/FCGI/Spawn/BinUtils.pm X%%SITE_PERL%%/FCGI/Spawn.pm X%%SITE_PERL%%/%%PERL_ARCH%%/auto/FCGI/Spawn/.packlist Xbin/fcgi_spawn Xetc/fcgi_spawn/fcgi_spawn.conf.sample Xshare/doc/p5-FCGI-Spawn/README X@dirrmtry %%SITE_PERL%%/%%PERL_ARCH%%/auto/FCGI/Spawn X@dirrmtry %%SITE_PERL%%/%%PERL_ARCH%%/auto/FCGI X@dirrmtry %%SITE_PERL%%/FCGI X@dirrmtry share/doc/p5-FCGI-Spawn X@dirrmtry etc/fcgi_spawn 840fce8901f5b04ff59e2d2f7c825097 exit --- p5-FCGI-Spawn.shar ends here --- >Release-Note: >Audit-Trail: >Unformatted: