the owner of all installed files is a non-root user. This change
affects most packages that require special users or groups by making
them use the specified unprivileged user and group instead.
(1) Add two new variables PKG_GROUPS_VARS and PKG_USERS_VARS to
unprivileged.mk. These two variables are lists of other bmake
variables that define package-specific users and groups. Packages
that have user-settable variables for users and groups, e.g. apache
and APACHE_{USER,GROUP}, courier-mta and COURIER_{USER,GROUP},
etc., should list these variables in PKG_USERS_VARS and PKG_GROUPS_VARS
so that unprivileged.mk can know to set them to ${UNPRIVILEGED_USER}
and ${UNPRIVILEGED_GROUP}.
(2) Modify packages to use PKG_GROUPS_VARS and PKG_USERS_VARS.
sets BUILDLINK_INCDIRS.apr, remove custom CPPFLAGS. Use -e for the
SUBST_SED expression to mollify pkglint. Add APACHE_USER and VARBASE
to BUILD_DEFS. Don't try to remove lib/httpd on deinstall, as it
belongs to Apache. Bump PKGREVISION.
The suPHP Apache module together with suPHP itself provides an easy way
to run PHP scripts with different users on the same server.
It provides security, because the PHP scripts are not run with the
rights of the webserver's user. In addition to that you probably won't
have to use PHP's "safe mode", which applies many restrictions on the
scripts.
