* [gentoo-commits] gentoo-x86 commit in www-servers/nginx/files: nginx.initd-r1 nginx.tmpfiles-r1
@ 2013-05-08 13:52 Tiziano Mueller (dev-zero)
0 siblings, 0 replies; only message in thread
From: Tiziano Mueller (dev-zero) @ 2013-05-08 13:52 UTC (permalink / raw
To: gentoo-commits
dev-zero 13/05/08 13:52:19
Added: nginx.initd-r1 nginx.tmpfiles-r1
Log:
Drop vulnerable versions, fix bug #458726 again for /var/tmp/nginx and stricter default permissions for /var/log/nginx.
(Portage version: 2.1.11.58/cvs/Linux x86_64, RepoMan options: --force, signed Manifest commit with key 0x1E0CA85F!)
Revision Changes Path
1.1 www-servers/nginx/files/nginx.initd-r1
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/www-servers/nginx/files/nginx.initd-r1?rev=1.1&view=markup
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/www-servers/nginx/files/nginx.initd-r1?rev=1.1&content-type=text/plain
Index: nginx.initd-r1
===================================================================
#!/sbin/runscript
# Copyright 1999-2013 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Header: /var/cvsroot/gentoo-x86/www-servers/nginx/files/nginx.initd-r1,v 1.1 2013/05/08 13:52:19 dev-zero Exp $
extra_commands="configtest"
extra_started_commands="upgrade reload"
description="Robust, small and high performance http and reverse proxy server"
description_configtest="Run nginx' internal config check."
description_upgrade="Upgrade the nginx binary without losing connections."
description_reload="Reload the nginx configuration without losing connections."
nginx_config=${nginx_config:-/etc/nginx/nginx.conf}
command="/usr/sbin/nginx"
command_args="-c ${nginx_config}"
pidfile=${pidfile:-/run/nginx.pid}
user=${user:-nginx}
group=${group:-nginx}
depend() {
need net
use dns logger netmount
}
start_pre() {
if [ "${RC_CMD}" != "restart" ]; then
configtest || return 1
fi
}
stop_pre() {
if [ "${RC_CMD}" = "restart" ]; then
configtest || return 1
fi
}
stop_post() {
rm -f ${pidfile}
}
reload() {
configtest || return 1
ebegin "Refreshing nginx' configuration"
kill -HUP `cat ${pidfile}` &>/dev/null
eend $? "Failed to reload nginx"
}
upgrade() {
configtest || return 1
ebegin "Upgrading nginx"
einfo "Sending USR2 to old binary"
kill -USR2 `cat ${pidfile}` &>/dev/null
einfo "Sleeping 3 seconds before pid-files checking"
sleep 3
if [ ! -f ${pidfile}.oldbin ]; then
eerror "File with old pid not found"
return 1
fi
if [ ! -f ${pidfile} ]; then
eerror "New binary failed to start"
return 1
fi
einfo "Sleeping 3 seconds before WINCH"
sleep 3 ; kill -WINCH `cat ${pidfile}.oldbin`
einfo "Sending QUIT to old binary"
kill -QUIT `cat ${pidfile}.oldbin`
einfo "Upgrade completed"
eend $? "Upgrade failed"
}
configtest() {
# see bug #446734
if [ ! -d /var/log/nginx ]; then
checkpath -q -d -m 0750 -o root:0 /var/log/nginx
fi
checkpath -q -d -m 0750 -o ${user}:${group} /var/tmp/nginx
checkpath -q -d -m 0750 -o ${user}:${group} /var/tmp/nginx/{client,proxy,fastcgi,scgi,uwsgi}
ebegin "Checking nginx' configuration"
${command} -c ${nginx_config} -t -q
if [ $? -ne 0 ]; then
${command} -c ${nginx_config} -t
fi
eend $? "failed, please correct errors above"
}
1.1 www-servers/nginx/files/nginx.tmpfiles-r1
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/www-servers/nginx/files/nginx.tmpfiles-r1?rev=1.1&view=markup
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/www-servers/nginx/files/nginx.tmpfiles-r1?rev=1.1&content-type=text/plain
Index: nginx.tmpfiles-r1
===================================================================
# systemd tmpfile settings for nginx
# See tmpfiles.d(5) for details
d /var/log/nginx 0750 root root -
d /var/tmp/nginx 0750 nginx nginx
d /var/tmp/nginx/client 0750 nginx nginx
d /var/tmp/nginx/proxy 0750 nginx nginx
d /var/tmp/nginx/fastcgi 0750 nginx nginx
d /var/tmp/nginx/scgi 0750 nginx nginx
d /var/tmp/nginx/uwsgi 0750 nginx nginx
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2013-05-08 13:52 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2013-05-08 13:52 [gentoo-commits] gentoo-x86 commit in www-servers/nginx/files: nginx.initd-r1 nginx.tmpfiles-r1 Tiziano Mueller (dev-zero)
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox