From: "Thomas Deutschmann" <whissi@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Subject: [gentoo-commits] repo/gentoo:master commit in: www-servers/nginx/files/, www-servers/nginx/
Date: Thu, 13 Dec 2018 15:39:36 +0000 (UTC) [thread overview]
Message-ID: <1544715569.4a33b110e36087f1a5e43e47dd846f7bf26b4414.whissi@gentoo> (raw)
commit: 4a33b110e36087f1a5e43e47dd846f7bf26b4414
Author: Thomas Deutschmann <whissi <AT> gentoo <DOT> org>
AuthorDate: Thu Dec 13 15:37:16 2018 +0000
Commit: Thomas Deutschmann <whissi <AT> gentoo <DOT> org>
CommitDate: Thu Dec 13 15:39:29 2018 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4a33b110
www-servers/nginx: http_auth_pam: adjust loglevel for auth failures
Package-Manager: Portage-2.3.52, Repoman-2.3.12
Signed-off-by: Thomas Deutschmann <whissi <AT> gentoo.org>
...just-loglevel-for-authentication-failures.patch | 22 ++++++++++++++++++++++
...{nginx-1.14.2.ebuild => nginx-1.14.2-r1.ebuild} | 6 ++++++
...{nginx-1.15.7.ebuild => nginx-1.15.7-r1.ebuild} | 6 ++++++
3 files changed, 34 insertions(+)
diff --git a/www-servers/nginx/files/http_auth_pam-1.5.1-adjust-loglevel-for-authentication-failures.patch b/www-servers/nginx/files/http_auth_pam-1.5.1-adjust-loglevel-for-authentication-failures.patch
new file mode 100644
index 00000000000..632dcdee50e
--- /dev/null
+++ b/www-servers/nginx/files/http_auth_pam-1.5.1-adjust-loglevel-for-authentication-failures.patch
@@ -0,0 +1,22 @@
+https://github.com/sto/ngx_http_auth_pam_module/pull/18
+
+--- a/ngx_http_auth_pam_module.c
++++ b/ngx_http_auth_pam_module.c
+@@ -348,7 +348,7 @@ ngx_http_auth_pam_authenticate(ngx_http_request_t *r,
+ /* try to authenticate user, log error on failure */
+ if ((rc = pam_authenticate(pamh,
+ PAM_DISALLOW_NULL_AUTHTOK)) != PAM_SUCCESS) {
+- ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
++ ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
+ "PAM: user '%s' - not authenticated: %s",
+ ainfo.username.data, pam_strerror(pamh, rc));
+ pam_end(pamh, PAM_SUCCESS);
+@@ -357,7 +357,7 @@ ngx_http_auth_pam_authenticate(ngx_http_request_t *r,
+
+ /* check that the account is healthy */
+ if ((rc = pam_acct_mgmt(pamh, PAM_DISALLOW_NULL_AUTHTOK)) != PAM_SUCCESS) {
+- ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
++ ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
+ "PAM: user '%s' - invalid account: %s",
+ ainfo.username.data, pam_strerror(pamh, rc));
+ pam_end(pamh, PAM_SUCCESS);
diff --git a/www-servers/nginx/nginx-1.14.2.ebuild b/www-servers/nginx/nginx-1.14.2-r1.ebuild
similarity index 99%
rename from www-servers/nginx/nginx-1.14.2.ebuild
rename to www-servers/nginx/nginx-1.14.2-r1.ebuild
index 66b09925f1e..08100e45578 100644
--- a/www-servers/nginx/nginx-1.14.2.ebuild
+++ b/www-servers/nginx/nginx-1.14.2-r1.ebuild
@@ -381,6 +381,12 @@ src_prepare() {
eapply "${FILESDIR}/${PN}-1.4.1-fix-perl-install-path.patch"
eapply "${FILESDIR}/${PN}-httpoxy-mitigation-r1.patch"
+ if use nginx_modules_http_auth_pam; then
+ cd "${HTTP_AUTH_PAM_MODULE_WD}" || die
+ eapply "${FILESDIR}"/http_auth_pam-1.5.1-adjust-loglevel-for-authentication-failures.patch
+ cd "${S}" || die
+ fi
+
if use nginx_modules_http_brotli; then
cd "${HTTP_BROTLI_MODULE_WD}" || die
eapply "${FILESDIR}"/http_brotli-detect-brotli-r2.patch
diff --git a/www-servers/nginx/nginx-1.15.7.ebuild b/www-servers/nginx/nginx-1.15.7-r1.ebuild
similarity index 99%
rename from www-servers/nginx/nginx-1.15.7.ebuild
rename to www-servers/nginx/nginx-1.15.7-r1.ebuild
index e873f4b5416..6fbcd2eaad4 100644
--- a/www-servers/nginx/nginx-1.15.7.ebuild
+++ b/www-servers/nginx/nginx-1.15.7-r1.ebuild
@@ -381,6 +381,12 @@ src_prepare() {
eapply "${FILESDIR}/${PN}-1.4.1-fix-perl-install-path.patch"
eapply "${FILESDIR}/${PN}-httpoxy-mitigation-r1.patch"
+ if use nginx_modules_http_auth_pam; then
+ cd "${HTTP_AUTH_PAM_MODULE_WD}" || die
+ eapply "${FILESDIR}"/http_auth_pam-1.5.1-adjust-loglevel-for-authentication-failures.patch
+ cd "${S}" || die
+ fi
+
if use nginx_modules_http_brotli; then
cd "${HTTP_BROTLI_MODULE_WD}" || die
eapply "${FILESDIR}"/http_brotli-detect-brotli-r2.patch
next reply other threads:[~2018-12-13 15:39 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-12-13 15:39 Thomas Deutschmann [this message]
-- strict thread matches above, loose matches on Subject: below --
2024-12-23 9:38 [gentoo-commits] repo/gentoo:master commit in: www-servers/nginx/files/, www-servers/nginx/ Sam James
2024-10-19 14:44 Louis Sautier
2024-09-02 2:55 Sam James
2022-10-23 20:24 Conrad Kostecki
2022-07-13 19:05 Conrad Kostecki
2020-08-14 0:07 Thomas Deutschmann
2018-11-11 22:43 Thomas Deutschmann
2018-06-22 10:37 Thomas Deutschmann
2018-06-05 16:25 Thomas Deutschmann
2018-02-18 16:05 Thomas Deutschmann
2017-07-12 10:34 Thomas Deutschmann
2017-04-14 10:51 Thomas Deutschmann
2016-11-15 21:49 Thomas Deutschmann
2016-10-19 14:38 Thomas Deutschmann
2016-10-12 19:48 Thomas Deutschmann
2016-08-10 22:13 Thomas Deutschmann
2016-07-26 9:51 Lars Wendler
2016-07-26 9:51 Lars Wendler
2016-05-14 9:05 Zac Medico
2016-05-07 3:15 Zac Medico
2016-04-21 20:49 Zac Medico
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1544715569.4a33b110e36087f1a5e43e47dd846f7bf26b4414.whissi@gentoo \
--to=whissi@gentoo.org \
--cc=gentoo-commits@lists.gentoo.org \
--cc=gentoo-dev@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox