[gentoo-commits] gentoo-x86 commit in www-servers/nginx/files: nginx.initd-r1 nginx.tmpfiles-r1

[gentoo-commits] gentoo-x86 commit in www-servers/nginx/files: nginx.initd-r1 nginx.tmpfiles-r1

[Tiziano Mueller (dev-zero)]

dev-zero    13/05/08 13:52:19

  Added:                nginx.initd-r1 nginx.tmpfiles-r1
  Log:
  Drop vulnerable versions, fix bug #458726 again for /var/tmp/nginx and stricter default permissions for /var/log/nginx.
  
  (Portage version: 2.1.11.58/cvs/Linux x86_64, RepoMan options: --force, signed Manifest commit with key 0x1E0CA85F!)

Revision  Changes    Path
1.1                  www-servers/nginx/files/nginx.initd-r1

file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/www-servers/nginx/files/nginx.initd-r1?rev=1.1&view=markup
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/www-servers/nginx/files/nginx.initd-r1?rev=1.1&content-type=text/plain

Index: nginx.initd-r1
===================================================================
#!/sbin/runscript
# Copyright 1999-2013 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Header: /var/cvsroot/gentoo-x86/www-servers/nginx/files/nginx.initd-r1,v 1.1 2013/05/08 13:52:19 dev-zero Exp $

extra_commands="configtest"
extra_started_commands="upgrade reload"

description="Robust, small and high performance http and reverse proxy server"
description_configtest="Run nginx' internal config check."
description_upgrade="Upgrade the nginx binary without losing connections."
description_reload="Reload the nginx configuration without losing connections."

nginx_config=${nginx_config:-/etc/nginx/nginx.conf}

command="/usr/sbin/nginx"
command_args="-c ${nginx_config}"
pidfile=${pidfile:-/run/nginx.pid}
user=${user:-nginx}
group=${group:-nginx}

depend() {
	need net
	use dns logger netmount
}

start_pre() {
	if [ "${RC_CMD}" != "restart" ]; then
		configtest || return 1
	fi
}

stop_pre() {
	if [ "${RC_CMD}" = "restart" ]; then
		configtest || return 1
	fi
}

stop_post() {
	rm -f ${pidfile}
}

reload() {
	configtest || return 1
	ebegin "Refreshing nginx' configuration"
	kill -HUP `cat ${pidfile}` &>/dev/null
	eend $? "Failed to reload nginx"
}

upgrade() {
	configtest || return 1
	ebegin "Upgrading nginx"

	einfo "Sending USR2 to old binary"
	kill -USR2 `cat ${pidfile}` &>/dev/null

	einfo "Sleeping 3 seconds before pid-files checking"
	sleep 3

	if [ ! -f ${pidfile}.oldbin ]; then
		eerror "File with old pid not found"
		return 1
	fi

	if [ ! -f ${pidfile} ]; then
		eerror "New binary failed to start"
		return 1
	fi

	einfo "Sleeping 3 seconds before WINCH"
	sleep 3 ; kill -WINCH `cat ${pidfile}.oldbin`

	einfo "Sending QUIT to old binary"
	kill -QUIT `cat ${pidfile}.oldbin`

	einfo "Upgrade completed"
	eend $? "Upgrade failed"
}

configtest() {
	# see bug #446734
	if [ ! -d /var/log/nginx ]; then
		checkpath -q -d -m 0750 -o root:0 /var/log/nginx
	fi

	checkpath -q -d -m 0750 -o ${user}:${group} /var/tmp/nginx
	checkpath -q -d -m 0750 -o ${user}:${group} /var/tmp/nginx/{client,proxy,fastcgi,scgi,uwsgi}

	ebegin "Checking nginx' configuration"
	${command} -c ${nginx_config} -t -q

	if [ $? -ne 0 ]; then
		${command} -c ${nginx_config} -t
	fi

	eend $? "failed, please correct errors above"
}



1.1                  www-servers/nginx/files/nginx.tmpfiles-r1

file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/www-servers/nginx/files/nginx.tmpfiles-r1?rev=1.1&view=markup
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/www-servers/nginx/files/nginx.tmpfiles-r1?rev=1.1&content-type=text/plain

Index: nginx.tmpfiles-r1
===================================================================
# systemd tmpfile settings for nginx
# See tmpfiles.d(5) for details

d /var/log/nginx 0750 root root -
d /var/tmp/nginx 0750 nginx nginx
d /var/tmp/nginx/client 0750 nginx nginx
d /var/tmp/nginx/proxy 0750 nginx nginx
d /var/tmp/nginx/fastcgi 0750 nginx nginx
d /var/tmp/nginx/scgi 0750 nginx nginx
d /var/tmp/nginx/uwsgi 0750 nginx nginx