4390d56940
the owner of all installed files is a non-root user. This change
affects most packages that require special users or groups by making
them use the specified unprivileged user and group instead.
(1) Add two new variables PKG_GROUPS_VARS and PKG_USERS_VARS to
unprivileged.mk. These two variables are lists of other bmake
variables that define package-specific users and groups. Packages
that have user-settable variables for users and groups, e.g. apache
and APACHE_{USER,GROUP}, courier-mta and COURIER_{USER,GROUP},
etc., should list these variables in PKG_USERS_VARS and PKG_GROUPS_VARS
so that unprivileged.mk can know to set them to ${UNPRIVILEGED_USER}
and ${UNPRIVILEGED_GROUP}.
(2) Modify packages to use PKG_GROUPS_VARS and PKG_USERS_VARS.
29 lines
998 B
Makefile
29 lines
998 B
Makefile
# $NetBSD: options.mk,v 1.7 2007/07/04 20:55:03 jlam Exp $
|
|
|
|
PKG_OPTIONS_VAR= PKG_OPTIONS.apache
|
|
PKG_SUPPORTED_OPTIONS= suexec
|
|
|
|
.include "../../mk/bsd.options.mk"
|
|
|
|
.if !empty(PKG_OPTIONS:Msuexec)
|
|
PKG_USERS_VARS+= APACHE_USER
|
|
BUILD_DEFS+= VARBASE APACHE_SUEXEC_PATH
|
|
BUILD_DEFS+= APACHE_SUEXEC_DOCROOT APACHE_SUEXEC_LOGFILE
|
|
|
|
APACHE_SUEXEC_DOCROOT?= ${PREFIX}/share/httpd/htdocs
|
|
APACHE_SUEXEC_PATH= /bin:/usr/bin:${PREFIX}/bin:/usr/local/bin
|
|
APACHE_SUEXEC_LOGFILE?= ${VARBASE}/log/httpd/suexec.log
|
|
APACHE_SUEXEC_CONFIGURE_ARGS+= \
|
|
--with-suexec-bin=${PREFIX}/sbin/suexec \
|
|
--with-suexec-caller=${APACHE_USER} \
|
|
--with-suexec-safepath='${APACHE_SUEXEC_PATH:Q}' \
|
|
--with-suexec-docroot=${APACHE_SUEXEC_DOCROOT:Q} \
|
|
--with-suexec-logfile=${APACHE_SUEXEC_LOGFILE:Q}
|
|
|
|
APACHE_MODULES+= suexec
|
|
CONFIGURE_ARGS+= ${APACHE_SUEXEC_CONFIGURE_ARGS:M--with-suexec-*}
|
|
BUILD_DEFS+= APACHE_SUEXEC_CONFIGURE_ARGS
|
|
PLIST_SUBST+= SUEXEC_COMMENT=
|
|
.else
|
|
PLIST_SUBST+= SUEXEC_COMMENT="@comment "
|
|
.endif
|