From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id F2407138350 for ; Sat, 8 Feb 2020 16:53:34 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 1BA53E089B; Sat, 8 Feb 2020 16:53:30 +0000 (UTC) Received: from smtp.gentoo.org (mail.gentoo.org [IPv6:2001:470:ea4a:1:5054:ff:fec7:86e4]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id EC601E089C for ; Sat, 8 Feb 2020 16:53:29 +0000 (UTC) Received: from oystercatcher.gentoo.org (oystercatcher.gentoo.org [148.251.78.52]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id E239634E87F for ; Sat, 8 Feb 2020 16:53:28 +0000 (UTC) Received: from localhost.localdomain (localhost [IPv6:::1]) by oystercatcher.gentoo.org (Postfix) with ESMTP id 284F514C for ; Sat, 8 Feb 2020 16:53:24 +0000 (UTC) From: "David Seifert" To: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: 8bit Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "David Seifert" Message-ID: <1581180773.3292fb668f9229f7a15ba3ef30ec596bcdfd286b.soap@gentoo> Subject: [gentoo-commits] repo/gentoo:master commit in: www-servers/nginx/ X-VCS-Repository: repo/gentoo X-VCS-Files: www-servers/nginx/nginx-1.16.1-r1.ebuild www-servers/nginx/nginx-1.17.7.ebuild www-servers/nginx/nginx-1.17.8.ebuild X-VCS-Directories: www-servers/nginx/ X-VCS-Committer: soap X-VCS-Committer-Name: David Seifert X-VCS-Revision: 3292fb668f9229f7a15ba3ef30ec596bcdfd286b X-VCS-Branch: master Date: Sat, 8 Feb 2020 16:53:24 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply X-Archives-Salt: 808fe5ac-9c35-44b6-b9f0-9c06371437fd X-Archives-Hash: aacbb39d64b350165ace1a4f2b4179ec commit: 3292fb668f9229f7a15ba3ef30ec596bcdfd286b Author: David Seifert gentoo org> AuthorDate: Sat Feb 8 16:52:53 2020 +0000 Commit: David Seifert gentoo org> CommitDate: Sat Feb 8 16:52:53 2020 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3292fb66 www-servers/nginx: [QA] Fix UnnecessarySlashStrip Signed-off-by: David Seifert gentoo.org> www-servers/nginx/nginx-1.16.1-r1.ebuild | 20 ++++++++++---------- www-servers/nginx/nginx-1.17.7.ebuild | 20 ++++++++++---------- www-servers/nginx/nginx-1.17.8.ebuild | 20 ++++++++++---------- 3 files changed, 30 insertions(+), 30 deletions(-) diff --git a/www-servers/nginx/nginx-1.16.1-r1.ebuild b/www-servers/nginx/nginx-1.16.1-r1.ebuild index fcb191046b1..9c62c90db19 100644 --- a/www-servers/nginx/nginx-1.16.1-r1.ebuild +++ b/www-servers/nginx/nginx-1.16.1-r1.ebuild @@ -996,15 +996,15 @@ pkg_postinst() { ewarn "following directories to mitigate a security bug" ewarn "(CVE-2013-0337, bug #458726):" ewarn "" - ewarn " ${EPREFIX%/}/var/log/nginx" - ewarn " ${EPREFIX%/}${NGINX_HOME_TMP}/{,client,proxy,fastcgi,scgi,uwsgi}" + ewarn " ${EPREFIX}/var/log/nginx" + ewarn " ${EPREFIX}${NGINX_HOME_TMP}/{,client,proxy,fastcgi,scgi,uwsgi}" ewarn "" ewarn "Check if this is correct for your setup before restarting nginx!" ewarn "This is a one-time change and will not happen on subsequent updates." - ewarn "Furthermore nginx' temp directories got moved to '${EPREFIX%/}${NGINX_HOME_TMP}'" + ewarn "Furthermore nginx' temp directories got moved to '${EPREFIX}${NGINX_HOME_TMP}'" chmod o-rwx \ - "${EPREFIX%/}"/var/log/nginx \ - "${EPREFIX%/}"${NGINX_HOME_TMP}/{,client,proxy,fastcgi,scgi,uwsgi} || \ + "${EPREFIX}"/var/log/nginx \ + "${EPREFIX}"${NGINX_HOME_TMP}/{,client,proxy,fastcgi,scgi,uwsgi} || \ _has_to_show_permission_warning=1 fi @@ -1013,15 +1013,15 @@ pkg_postinst() { ewarn "The permissions on the following directory have been reset in" ewarn "order to mitigate a security bug (CVE-2016-1247, bug #605008):" ewarn "" - ewarn " ${EPREFIX%/}/var/log/nginx" + ewarn " ${EPREFIX}/var/log/nginx" ewarn "" ewarn "Check if this is correct for your setup before restarting nginx!" ewarn "Also ensure that no other log directory used by any of your" ewarn "vhost(s) is not writeable for nginx user. Any of your log files" ewarn "used by nginx can be abused to escalate privileges!" ewarn "This is a one-time change and will not happen on subsequent updates." - chown 0:nginx "${EPREFIX%/}"/var/log/nginx || _has_to_show_permission_warning=1 - chmod 710 "${EPREFIX%/}"/var/log/nginx || _has_to_show_permission_warning=1 + chown 0:nginx "${EPREFIX}"/var/log/nginx || _has_to_show_permission_warning=1 + chmod 710 "${EPREFIX}"/var/log/nginx || _has_to_show_permission_warning=1 fi if [[ ${_has_to_show_permission_warning} -eq 1 ]]; then @@ -1046,7 +1046,7 @@ pkg_postinst() { # unmerged a affected installation on purpose in the past leaving # /var/log/nginx on their system due to keepdir/non-empty folder # and are now installing the package again. - local _sanity_check_testfile=$(mktemp --dry-run "${EPREFIX%/}"/var/log/nginx/.CVE-2016-1247.XXXXXXXXX) + local _sanity_check_testfile=$(mktemp --dry-run "${EPREFIX}"/var/log/nginx/.CVE-2016-1247.XXXXXXXXX) su -s /bin/sh -c "touch ${_sanity_check_testfile}" nginx >&/dev/null if [ $? -eq 0 ] ; then # Cleanup -- no reason to die here! @@ -1059,7 +1059,7 @@ pkg_postinst() { ewarn "Looks like your installation is vulnerable to CVE-2016-1247" ewarn "(bug #605008) because nginx user is able to create files in" ewarn "" - ewarn " ${EPREFIX%/}/var/log/nginx" + ewarn " ${EPREFIX}/var/log/nginx" ewarn "" ewarn "Also ensure that no other log directory used by any of your" ewarn "vhost(s) is not writeable for nginx user. Any of your log files" diff --git a/www-servers/nginx/nginx-1.17.7.ebuild b/www-servers/nginx/nginx-1.17.7.ebuild index 9b7d6b814db..266794ff8de 100644 --- a/www-servers/nginx/nginx-1.17.7.ebuild +++ b/www-servers/nginx/nginx-1.17.7.ebuild @@ -996,15 +996,15 @@ pkg_postinst() { ewarn "following directories to mitigate a security bug" ewarn "(CVE-2013-0337, bug #458726):" ewarn "" - ewarn " ${EPREFIX%/}/var/log/nginx" - ewarn " ${EPREFIX%/}${NGINX_HOME_TMP}/{,client,proxy,fastcgi,scgi,uwsgi}" + ewarn " ${EPREFIX}/var/log/nginx" + ewarn " ${EPREFIX}${NGINX_HOME_TMP}/{,client,proxy,fastcgi,scgi,uwsgi}" ewarn "" ewarn "Check if this is correct for your setup before restarting nginx!" ewarn "This is a one-time change and will not happen on subsequent updates." - ewarn "Furthermore nginx' temp directories got moved to '${EPREFIX%/}${NGINX_HOME_TMP}'" + ewarn "Furthermore nginx' temp directories got moved to '${EPREFIX}${NGINX_HOME_TMP}'" chmod o-rwx \ - "${EPREFIX%/}"/var/log/nginx \ - "${EPREFIX%/}"${NGINX_HOME_TMP}/{,client,proxy,fastcgi,scgi,uwsgi} || \ + "${EPREFIX}"/var/log/nginx \ + "${EPREFIX}"${NGINX_HOME_TMP}/{,client,proxy,fastcgi,scgi,uwsgi} || \ _has_to_show_permission_warning=1 fi @@ -1013,15 +1013,15 @@ pkg_postinst() { ewarn "The permissions on the following directory have been reset in" ewarn "order to mitigate a security bug (CVE-2016-1247, bug #605008):" ewarn "" - ewarn " ${EPREFIX%/}/var/log/nginx" + ewarn " ${EPREFIX}/var/log/nginx" ewarn "" ewarn "Check if this is correct for your setup before restarting nginx!" ewarn "Also ensure that no other log directory used by any of your" ewarn "vhost(s) is not writeable for nginx user. Any of your log files" ewarn "used by nginx can be abused to escalate privileges!" ewarn "This is a one-time change and will not happen on subsequent updates." - chown 0:nginx "${EPREFIX%/}"/var/log/nginx || _has_to_show_permission_warning=1 - chmod 710 "${EPREFIX%/}"/var/log/nginx || _has_to_show_permission_warning=1 + chown 0:nginx "${EPREFIX}"/var/log/nginx || _has_to_show_permission_warning=1 + chmod 710 "${EPREFIX}"/var/log/nginx || _has_to_show_permission_warning=1 fi if [[ ${_has_to_show_permission_warning} -eq 1 ]]; then @@ -1046,7 +1046,7 @@ pkg_postinst() { # unmerged a affected installation on purpose in the past leaving # /var/log/nginx on their system due to keepdir/non-empty folder # and are now installing the package again. - local _sanity_check_testfile=$(mktemp --dry-run "${EPREFIX%/}"/var/log/nginx/.CVE-2016-1247.XXXXXXXXX) + local _sanity_check_testfile=$(mktemp --dry-run "${EPREFIX}"/var/log/nginx/.CVE-2016-1247.XXXXXXXXX) su -s /bin/sh -c "touch ${_sanity_check_testfile}" nginx >&/dev/null if [ $? -eq 0 ] ; then # Cleanup -- no reason to die here! @@ -1059,7 +1059,7 @@ pkg_postinst() { ewarn "Looks like your installation is vulnerable to CVE-2016-1247" ewarn "(bug #605008) because nginx user is able to create files in" ewarn "" - ewarn " ${EPREFIX%/}/var/log/nginx" + ewarn " ${EPREFIX}/var/log/nginx" ewarn "" ewarn "Also ensure that no other log directory used by any of your" ewarn "vhost(s) is not writeable for nginx user. Any of your log files" diff --git a/www-servers/nginx/nginx-1.17.8.ebuild b/www-servers/nginx/nginx-1.17.8.ebuild index fe0559cad19..e950633e242 100644 --- a/www-servers/nginx/nginx-1.17.8.ebuild +++ b/www-servers/nginx/nginx-1.17.8.ebuild @@ -996,15 +996,15 @@ pkg_postinst() { ewarn "following directories to mitigate a security bug" ewarn "(CVE-2013-0337, bug #458726):" ewarn "" - ewarn " ${EPREFIX%/}/var/log/nginx" - ewarn " ${EPREFIX%/}${NGINX_HOME_TMP}/{,client,proxy,fastcgi,scgi,uwsgi}" + ewarn " ${EPREFIX}/var/log/nginx" + ewarn " ${EPREFIX}${NGINX_HOME_TMP}/{,client,proxy,fastcgi,scgi,uwsgi}" ewarn "" ewarn "Check if this is correct for your setup before restarting nginx!" ewarn "This is a one-time change and will not happen on subsequent updates." - ewarn "Furthermore nginx' temp directories got moved to '${EPREFIX%/}${NGINX_HOME_TMP}'" + ewarn "Furthermore nginx' temp directories got moved to '${EPREFIX}${NGINX_HOME_TMP}'" chmod o-rwx \ - "${EPREFIX%/}"/var/log/nginx \ - "${EPREFIX%/}"${NGINX_HOME_TMP}/{,client,proxy,fastcgi,scgi,uwsgi} || \ + "${EPREFIX}"/var/log/nginx \ + "${EPREFIX}"${NGINX_HOME_TMP}/{,client,proxy,fastcgi,scgi,uwsgi} || \ _has_to_show_permission_warning=1 fi @@ -1013,15 +1013,15 @@ pkg_postinst() { ewarn "The permissions on the following directory have been reset in" ewarn "order to mitigate a security bug (CVE-2016-1247, bug #605008):" ewarn "" - ewarn " ${EPREFIX%/}/var/log/nginx" + ewarn " ${EPREFIX}/var/log/nginx" ewarn "" ewarn "Check if this is correct for your setup before restarting nginx!" ewarn "Also ensure that no other log directory used by any of your" ewarn "vhost(s) is not writeable for nginx user. Any of your log files" ewarn "used by nginx can be abused to escalate privileges!" ewarn "This is a one-time change and will not happen on subsequent updates." - chown 0:nginx "${EPREFIX%/}"/var/log/nginx || _has_to_show_permission_warning=1 - chmod 710 "${EPREFIX%/}"/var/log/nginx || _has_to_show_permission_warning=1 + chown 0:nginx "${EPREFIX}"/var/log/nginx || _has_to_show_permission_warning=1 + chmod 710 "${EPREFIX}"/var/log/nginx || _has_to_show_permission_warning=1 fi if [[ ${_has_to_show_permission_warning} -eq 1 ]]; then @@ -1046,7 +1046,7 @@ pkg_postinst() { # unmerged a affected installation on purpose in the past leaving # /var/log/nginx on their system due to keepdir/non-empty folder # and are now installing the package again. - local _sanity_check_testfile=$(mktemp --dry-run "${EPREFIX%/}"/var/log/nginx/.CVE-2016-1247.XXXXXXXXX) + local _sanity_check_testfile=$(mktemp --dry-run "${EPREFIX}"/var/log/nginx/.CVE-2016-1247.XXXXXXXXX) su -s /bin/sh -c "touch ${_sanity_check_testfile}" nginx >&/dev/null if [ $? -eq 0 ] ; then # Cleanup -- no reason to die here! @@ -1059,7 +1059,7 @@ pkg_postinst() { ewarn "Looks like your installation is vulnerable to CVE-2016-1247" ewarn "(bug #605008) because nginx user is able to create files in" ewarn "" - ewarn " ${EPREFIX%/}/var/log/nginx" + ewarn " ${EPREFIX}/var/log/nginx" ewarn "" ewarn "Also ensure that no other log directory used by any of your" ewarn "vhost(s) is not writeable for nginx user. Any of your log files"