280 lines
8.8 KiB
RPMSpec
280 lines
8.8 KiB
RPMSpec
%define webroot /var/www/lighttpd
|
|
%global _hardened_build 1
|
|
%define confswitch() %{expand:%%{?with_%{1}:--with-%{1}}%%{!?with_%{1}:--without-%{1}}}
|
|
%bcond_without mysql
|
|
%bcond_without ldap
|
|
%bcond_without attr
|
|
%bcond_without openssl
|
|
%bcond_without kerberos5
|
|
%bcond_without pcre
|
|
%bcond_with fam
|
|
%bcond_without lua
|
|
%bcond_without krb5
|
|
%bcond_without pam
|
|
%bcond_with webdavprops
|
|
%bcond_with webdavlocks
|
|
%bcond_without gdbm
|
|
%bcond_with memcache
|
|
%bcond_without tmpfiles
|
|
%bcond_without systemd
|
|
Summary: Lightning fast webserver with light system requirements
|
|
Name: lighttpd
|
|
Version: 1.4.63
|
|
Release: 5
|
|
License: BSD-3-Clause and OML and GPLv3 and GPLv2
|
|
URL: https://github.com/lighttpd/lighttpd1.4
|
|
Source0: https://github.com/lighttpd/lighttpd1.4/archive/lighttpd-1.4.63.tar.gz
|
|
Source1: lighttpd.logrotate
|
|
Source2: php.d-lighttpd.ini
|
|
Source3: lighttpd.init
|
|
Source4: lighttpd.service
|
|
Patch0: lighttpd-1.4.62-defaultconf.patch
|
|
Patch1: 5a257fab511225bbfa56b4f1a8b2bb7085f96478.patch
|
|
Patch2: 492773a20f8a1deb1c94e25d40023970dd9608a1.patch
|
|
Patch3: CVE-2022-22707.patch
|
|
Patch4: CVE-2022-37797.patch
|
|
Requires: %{name}-filesystem
|
|
%if %{with systemd}
|
|
Requires(post): systemd
|
|
Requires(preun): systemd
|
|
Requires(postun): systemd
|
|
BuildRequires: systemd
|
|
%else
|
|
Requires(post): /sbin/chkconfig
|
|
Requires(preun): /sbin/service, /sbin/chkconfig
|
|
Requires(postun): /sbin/service
|
|
%endif
|
|
Provides: webserver
|
|
BuildRequires: openssl-devel, pcre-devel, bzip2-devel, zlib-devel, autoconf, automake, libtool
|
|
BuildRequires: /usr/bin/awk, libattr-devel
|
|
%{?with_ldap:BuildRequires: openldap-devel}
|
|
%{?with_fam:BuildRequires: gamin-devel}
|
|
%{?with_webdavprops:BuildRequires: libxml2-devel}
|
|
%{?with_webdavlocks:BuildRequires: sqlite-devel}
|
|
%{?with_gdbm:BuildRequires: gdbm-devel}
|
|
%{?with_memcache:BuildRequires: memcached-devel}
|
|
%{?with_lua:BuildRequires: lua-devel}
|
|
|
|
%description
|
|
Secure, fast, compliant and very flexible web-server which has been optimized
|
|
for high-performance environments. It has a very low memory footprint compared
|
|
to other webservers and takes care of cpu-load. Its advanced feature-set
|
|
(FastCGI, CGI, Auth, Output-Compression, URL-Rewriting and many more) make
|
|
it the perfect webserver-software for every server that is suffering load
|
|
problems.
|
|
|
|
%package fastcgi
|
|
Summary: FastCGI module and spawning helper for lighttpd and PHP configuration
|
|
Requires: %{name} = %{version}-%{release} spawn-fcgi
|
|
%description fastcgi
|
|
This package contains the spawn-fcgi helper for lighttpd's automatic spawning
|
|
of local FastCGI programs. Included is also a PHP .ini file to change a few
|
|
defaults needed for correct FastCGI behavior.
|
|
|
|
%package mod_mysql_vhost
|
|
Summary: Virtual host module for lighttpd that uses a MySQL database
|
|
Requires: %{name} = %{version}-%{release}
|
|
BuildRequires: mariadb-connector-c-devel
|
|
%description mod_mysql_vhost
|
|
Virtual host module for lighttpd that uses a MySQL database.
|
|
|
|
%package mod_authn_mysql
|
|
Summary: Authentication module for lighttpd that uses a MySQL database
|
|
Requires: %{name} = %{version}-%{release}
|
|
BuildRequires: mariadb-connector-c-devel
|
|
%description mod_authn_mysql
|
|
Authentication module for lighttpd that uses a MySQL database.
|
|
|
|
%package mod_authn_gssapi
|
|
Summary: Authentication module for lighttpd that uses GSSAPI
|
|
Requires: %{name} = %{version}-%{release}
|
|
%description mod_authn_gssapi
|
|
Authentication module for lighttpd that uses GSSAPI
|
|
|
|
%package mod_authn_pam
|
|
Summary: Authentication module for lighttpd that uses PAM
|
|
Requires: %{name} = %{version}-%{release}
|
|
BuildRequires: pam-devel
|
|
%description mod_authn_pam
|
|
Authentication module for lighttpd that uses PAM.
|
|
|
|
%package filesystem
|
|
Summary: The basic directory layout for lighttpd
|
|
BuildArch: noarch
|
|
Requires(pre): /usr/sbin/useradd
|
|
%description filesystem
|
|
The lighttpd-filesystem package contains the basic directory layout
|
|
for the lighttpd server including the correct permissions
|
|
for the directories.
|
|
|
|
%prep
|
|
%setup -q
|
|
%patch0 -p0 -b .defaultconf
|
|
%patch1 -p1 -b .setrlimit
|
|
%patch2 -p1 -b .fixtrace
|
|
%patch3 -p1
|
|
%patch4 -p1
|
|
|
|
%build
|
|
autoreconf -if
|
|
%configure \
|
|
--libdir='%{_libdir}/lighttpd' \
|
|
%{confswitch mysql} \
|
|
%{confswitch pam} \
|
|
%{confswitch ldap} \
|
|
%{confswitch attr} \
|
|
%{confswitch openssl} \
|
|
%{confswitch pcre} \
|
|
%{confswitch fam} \
|
|
%{?with_webdavprops:--with-webdav-props} \
|
|
%{?with_webdavlocks:--with-webdav-locks} \
|
|
%{confswitch gdbm} \
|
|
%{confswitch memcached} \
|
|
%{confswitch lua} \
|
|
%{confswitch krb5}
|
|
make %{?_smp_mflags}
|
|
|
|
%install
|
|
make install DESTDIR=%{buildroot}
|
|
install -D -p -m 0644 %{SOURCE1} \
|
|
%{buildroot}%{_sysconfdir}/logrotate.d/lighttpd
|
|
install -D -p -m 0644 %{SOURCE2} \
|
|
%{buildroot}%{_sysconfdir}/php.d/lighttpd.ini
|
|
%if %{with systemd}
|
|
install -D -p -m 0644 %{SOURCE4} \
|
|
%{buildroot}%{_unitdir}/lighttpd.service
|
|
%else
|
|
install -D -p -m 0755 %{SOURCE3} \
|
|
%{buildroot}%{_sysconfdir}/rc.d/init.d/lighttpd
|
|
%endif
|
|
mkdir -p %{buildroot}%{webroot}
|
|
rm -rf config
|
|
cp -a doc/config config
|
|
find config -name 'Makefile*' | xargs rm -f
|
|
chmod -x doc/scripts/*.sh
|
|
mkdir -p %{buildroot}%{_sysconfdir}/lighttpd
|
|
cp -a config/*.conf config/*.d %{buildroot}%{_sysconfdir}/lighttpd/
|
|
mkdir -p %{buildroot}%{_var}/log/lighttpd
|
|
mkdir -p %{buildroot}%{_var}/run/lighttpd
|
|
%if %{with tmpfiles}
|
|
mkdir -p %{buildroot}%{_sysconfdir}/tmpfiles.d
|
|
echo 'D /var/run/lighttpd 0750 lighttpd lighttpd -' > \
|
|
%{buildroot}%{_sysconfdir}/tmpfiles.d/lighttpd.conf
|
|
%endif
|
|
|
|
%pre filesystem
|
|
/usr/sbin/useradd -s /sbin/nologin -M -r -d %{webroot} \
|
|
-c 'lighttpd web server' lighttpd &>/dev/null || :
|
|
|
|
%post
|
|
%if %{with systemd}
|
|
%systemd_post lighttpd.service
|
|
%else
|
|
/sbin/chkconfig --add lighttpd
|
|
%endif
|
|
|
|
%preun
|
|
%if %{with systemd}
|
|
%systemd_preun lighttpd.service
|
|
%else
|
|
if [ $1 -eq 0 ]; then
|
|
/sbin/service lighttpd stop &>/dev/null || :
|
|
/sbin/chkconfig --del lighttpd
|
|
fi
|
|
%endif
|
|
|
|
%postun
|
|
%if %{with systemd}
|
|
%systemd_postun_with_restart lighttpd.service
|
|
%else
|
|
if [ $1 -ge 1 ]; then
|
|
/sbin/service lighttpd condrestart &>/dev/null || :
|
|
fi
|
|
%endif
|
|
|
|
%files
|
|
%license COPYING
|
|
%doc AUTHORS README
|
|
%doc config/ doc/scripts/rrdtool-graph.sh
|
|
%config(noreplace) %{_sysconfdir}/lighttpd/*.conf
|
|
%config(noreplace) %{_sysconfdir}/lighttpd/conf.d/*.conf
|
|
%exclude %{_sysconfdir}/lighttpd/conf.d/fastcgi.conf
|
|
%exclude %{_sysconfdir}/lighttpd/conf.d/mysql_vhost.conf
|
|
%config %{_sysconfdir}/lighttpd/conf.d/mod.template
|
|
%config %{_sysconfdir}/lighttpd/vhosts.d/vhosts.template
|
|
%config(noreplace) %{_sysconfdir}/logrotate.d/lighttpd
|
|
%if %{with systemd}
|
|
%{_unitdir}/lighttpd.service
|
|
%else
|
|
%{_sysconfdir}/rc.d/init.d/lighttpd
|
|
%endif
|
|
%if %{with tmpfiles}
|
|
%config(noreplace) %{_sysconfdir}/tmpfiles.d/lighttpd.conf
|
|
%endif
|
|
%{_sbindir}/lighttpd
|
|
%{_sbindir}/lighttpd-angel
|
|
%{_libdir}/lighttpd/
|
|
%exclude %{_libdir}/lighttpd/*.la
|
|
%exclude %{_libdir}/lighttpd/mod_fastcgi.so
|
|
%exclude %{_libdir}/lighttpd/mod_mysql_vhost.so
|
|
%exclude %{_libdir}/lighttpd/mod_authn_mysql.so
|
|
%exclude %{_libdir}/lighttpd/mod_authn_gssapi.so
|
|
%{_mandir}/man8/lighttpd*8*
|
|
|
|
%files fastcgi
|
|
%doc doc/outdated/fastcgi*.txt doc/scripts/spawn-php.sh
|
|
%config(noreplace) %{_sysconfdir}/php.d/lighttpd.ini
|
|
%config(noreplace) %{_sysconfdir}/lighttpd/conf.d/fastcgi.conf
|
|
%dir %{_libdir}/lighttpd/
|
|
%{_libdir}/lighttpd/mod_fastcgi.so
|
|
|
|
%files mod_mysql_vhost
|
|
%doc doc/outdated/mysqlvhost.txt
|
|
%config(noreplace) %{_sysconfdir}/lighttpd/conf.d/mysql_vhost.conf
|
|
%dir %{_libdir}/lighttpd/
|
|
%{_libdir}/lighttpd/mod_mysql_vhost.so
|
|
|
|
%files mod_authn_mysql
|
|
%dir %{_libdir}/lighttpd/
|
|
%{_libdir}/lighttpd/mod_authn_mysql.so
|
|
|
|
%files mod_authn_gssapi
|
|
%dir %{_libdir}/lighttpd/
|
|
%{_libdir}/lighttpd/mod_authn_gssapi.so
|
|
|
|
%files mod_authn_pam
|
|
%dir %{_libdir}/lighttpd/
|
|
%{_libdir}/lighttpd/mod_authn_pam.so
|
|
|
|
%files filesystem
|
|
%dir %{_sysconfdir}/lighttpd/
|
|
%dir %{_sysconfdir}/lighttpd/conf.d/
|
|
%dir %{_sysconfdir}/lighttpd/vhosts.d/
|
|
%dir %{_var}/run/lighttpd/
|
|
%if %{with tmpfiles}
|
|
%ghost %attr(0750, lighttpd, lighttpd) %{_var}/run/lighttpd/
|
|
%else
|
|
%attr(0750, lighttpd, lighttpd) %{_var}/run/lighttpd/
|
|
%endif
|
|
%attr(0750, lighttpd, lighttpd) %{_var}/log/lighttpd/
|
|
%attr(0700, lighttpd, lighttpd) %dir %{webroot}/
|
|
|
|
%changelog
|
|
* Mon Sep 19 2022 mayp <mayanping@ncti-gba.cn> - 1.4.63-5
|
|
- Fix CVE-2022-37797
|
|
|
|
* Thu Aug 18 2022 caodongxia <caodongxia@h-partners.com> - 1.4.63-4
|
|
- Disable fam support as gamin is deprecated
|
|
|
|
* Sat Feb 19 2022 baizhonggui <baizhonggui@huawei.com> - 1.4.63-3
|
|
- Fix excuting systemctl start lighttpd.service failed
|
|
|
|
* Fri Jan 14 2022 yaoxin <yaoxin30@huawei.com> - 1.4.63-2
|
|
- Fix CVE-2022-22707
|
|
|
|
* Thu Jan 13 2022 liyanan <liyanan32@huawei.com> - 1.4.63-1
|
|
- update to 1.4.63
|
|
|
|
* Fri Jan 8 2021 chengzihan <chengzihan2@huawei.com> - 1.4.53-1
|
|
- Package init
|