1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
|
# Copyright 1999-2022 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=7
# latest gentoo apache files
GENTOO_PATCHSTAMP="20210212"
GENTOO_DEVELOPER="polynomial-c"
GENTOO_PATCHNAME="gentoo-apache-2.4.46-r6"
# IUSE/USE_EXPAND magic
IUSE_MPMS_FORK="prefork"
IUSE_MPMS_THREAD="event worker"
# << obsolete modules:
# authn_default authz_default mem_cache
# mem_cache is replaced by cache_disk
# ?? buggy modules
# proxy_scgi: startup error: undefined symbol "ap_proxy_release_connection", no fix found
# >> added modules for reason:
# compat: compatibility with 2.2 access control
# authz_host: new module for access control
# authn_core: functionality provided by authn_alias in previous versions
# authz_core: new module, provides core authorization capabilities
# cache_disk: replacement for mem_cache
# lbmethod_byrequests: Split off from mod_proxy_balancer in 2.3
# lbmethod_bytraffic: Split off from mod_proxy_balancer in 2.3
# lbmethod_bybusyness: Split off from mod_proxy_balancer in 2.3
# lbmethod_heartbeat: Split off from mod_proxy_balancer in 2.3
# slotmem_shm: Slot-based shared memory provider (for lbmethod_byrequests).
# socache_shmcb: shared object cache provider. Default config with ssl needs it
# unixd: fixes startup error: Invalid command 'User'
IUSE_MODULES="access_compat actions alias asis auth_basic auth_digest auth_form
authn_anon authn_core authn_dbd authn_dbm authn_file authn_socache authz_core
authz_dbd authz_dbm authz_groupfile authz_host authz_owner authz_user autoindex
brotli cache cache_disk cache_socache cern_meta charset_lite cgi cgid dav dav_fs dav_lock
dbd deflate dir dumpio env expires ext_filter file_cache filter headers http2
ident imagemap include info lbmethod_byrequests lbmethod_bytraffic lbmethod_bybusyness
lbmethod_heartbeat log_config log_forensic logio lua macro md mime mime_magic negotiation
proxy proxy_ajp proxy_balancer proxy_connect proxy_ftp proxy_html proxy_http proxy_scgi
proxy_http2 proxy_fcgi proxy_uwsgi proxy_wstunnel rewrite ratelimit remoteip reqtimeout
session session_cookie session_crypto session_dbd setenvif slotmem_shm speling
socache_memcache socache_shmcb status substitute unique_id userdir usertrack
unixd version vhost_alias watchdog xml2enc"
# The following are also in the source as of this version, but are not available
# for user selection:
# bucketeer case_filter case_filter_in echo http isapi optional_fn_export
# optional_fn_import optional_hook_export optional_hook_import
# inter-module dependencies
# TODO: this may still be incomplete
MODULE_DEPENDS="
auth_form:session
brotli:filter
dav_fs:dav
dav_lock:dav
deflate:filter
cache_disk:cache
ext_filter:filter
file_cache:cache
lbmethod_byrequests:proxy_balancer
lbmethod_byrequests:slotmem_shm
lbmethod_bytraffic:proxy_balancer
lbmethod_bybusyness:proxy_balancer
lbmethod_heartbeat:proxy_balancer
log_forensic:log_config
logio:log_config
cache_disk:cache
cache_socache:cache
md:watchdog
mime_magic:mime
proxy_ajp:proxy
proxy_balancer:proxy
proxy_balancer:slotmem_shm
proxy_connect:proxy
proxy_ftp:proxy
proxy_html:proxy
proxy_html:xml2enc
proxy_http:proxy
proxy_http2:proxy
proxy_scgi:proxy
proxy_uwsgi:proxy
proxy_fcgi:proxy
proxy_wstunnel:proxy
session_cookie:session
session_dbd:dbd
session_dbd:session
socache_memcache:cache
substitute:filter
"
# module<->define mappings
MODULE_DEFINES="
auth_digest:AUTH_DIGEST
authnz_ldap:AUTHNZ_LDAP
cache:CACHE
cache_disk:CACHE
cache_socache:CACHE
dav:DAV
dav_fs:DAV
dav_lock:DAV
file_cache:CACHE
http2:HTTP2
info:INFO
ldap:LDAP
lua:LUA
md:SSL
proxy:PROXY
proxy_ajp:PROXY
proxy_balancer:PROXY
proxy_connect:PROXY
proxy_ftp:PROXY
proxy_html:PROXY
proxy_http:PROXY
proxy_fcgi:PROXY
proxy_scgi:PROXY
proxy_wstunnel:PROXY
socache_shmcb:SSL
socache_memcache:CACHE
ssl:SSL
status:STATUS
suexec:SUEXEC
userdir:USERDIR
"
# critical modules for the default config
MODULE_CRITICAL="
authn_core
authz_core
authz_host
dir
mime
unixd
"
inherit apache-2 systemd tmpfiles toolchain-funcs
DESCRIPTION="The Apache Web Server"
HOMEPAGE="https://httpd.apache.org/"
# some helper scripts are Apache-1.1, thus both are here
LICENSE="Apache-2.0 Apache-1.1"
SLOT="2"
KEYWORDS="~alpha amd64 ~arm arm64 ~hppa ~ia64 ~mips ppc ~ppc64 ~riscv ~s390 sparc x86 ~amd64-linux ~x64-macos ~sparc64-solaris ~x64-solaris"
# FIXME! Move this to eclass once all ebuilds are EAPI-7
RDEPEND+=" apache2_modules_lua? ( ${LUA_DEPS} )"
REQUIRED_USE+=" apache2_modules_lua? ( ${LUA_REQUIRED_USE} )"
pkg_setup() {
# dependend critical modules which are not allowed in global scope due
# to USE flag conditionals (bug #499260)
use ssl && MODULE_CRITICAL+=" socache_shmcb"
use doc && MODULE_CRITICAL+=" alias negotiation setenvif"
apache-2_pkg_setup
}
src_configure() {
# Brain dead check.
tc-is-cross-compiler && export ap_cv_void_ptr_lt_long="no"
apache-2_src_configure
}
src_compile() {
if tc-is-cross-compiler ; then
# This header is the same across targets, so use the build compiler.
pushd server >/dev/null
emake gen_test_char
tc-export_build_env BUILD_CC
${BUILD_CC} ${BUILD_CFLAGS} ${BUILD_CPPFLAGS} ${BUILD_LDFLAGS} \
gen_test_char.c -o gen_test_char $(apr-1-config --includes) || die
popd >/dev/null
fi
default
}
src_install() {
apache-2_src_install
local i
local apache_tools_prune_list=(
/usr/bin/{htdigest,logresolve,htpasswd,htdbm,ab,httxt2dbm}
/usr/sbin/{checkgid,fcgistarter,htcacheclean,rotatelogs}
/usr/share/man/man1/{logresolve.1,htdbm.1,htdigest.1,htpasswd.1,dbmmanage.1,ab.1}
/usr/share/man/man8/{rotatelogs.8,htcacheclean.8}
)
for i in ${apache_tools_prune_list[@]} ; do
rm "${ED}"/${i} || die "Failed to prune apache-tools bits"
done
# install apxs in /usr/bin (bug #502384) and put a symlink into the
# old location until all ebuilds and eclasses have been modified to
# use the new location.
dobin support/apxs
use split-usr && dosym ../bin/apxs /usr/sbin/apxs
# Note: wait for mod_systemd to be included in some forthcoming release,
# Then apache2.4.service can be used and systemd support controlled
# through --enable-systemd
systemd_newunit "${FILESDIR}/apache2.2-hardened.service" "apache2.service"
dotmpfiles "${FILESDIR}/apache.conf"
#insinto /etc/apache2/modules.d
#doins "${FILESDIR}/00_systemd.conf"
# Install http2 module config
insinto /etc/apache2/modules.d
doins "${FILESDIR}"/41_mod_http2.conf
# Fix path to apache libdir
sed "s|@LIBDIR@|$(get_libdir)|" -i "${ED}"/usr/sbin/apache2ctl || die
}
pkg_postinst() {
echo
ewarn "Downgrading to pre-GLEP 81 user for now."
ewarn "See bug #802495 and bug #803500 for more information."
ewarn ""
ewarn "You will need to run the following command to unlock the user:"
ewarn "usermod -e '' -U apache 2>/dev/null"
echo
apache-2_pkg_postinst || die "apache-2_pkg_postinst failed"
tmpfiles_process apache.conf #662544
# warnings that default config might not work out of the box
local mod cmod
for mod in ${MODULE_CRITICAL} ; do
if ! use "apache2_modules_${mod}"; then
echo
ewarn "Warning: Critical module not installed!"
ewarn "Modules 'authn_core', 'authz_core' and 'unixd'"
ewarn "are highly recomended but might not be in the base profile yet."
ewarn "Default config for ssl needs module 'socache_shmcb'."
ewarn "Enabling the following flags is highly recommended:"
for cmod in ${MODULE_CRITICAL} ; do
use "apache2_modules_${cmod}" || \
ewarn "+ apache2_modules_${cmod}"
done
echo
break
fi
done
# warning for proxy_balancer and missing load balancing scheduler
if use apache2_modules_proxy_balancer; then
local lbset=
for mod in lbmethod_byrequests lbmethod_bytraffic lbmethod_bybusyness lbmethod_heartbeat; do
if use "apache2_modules_${mod}"; then
lbset=1 && break
fi
done
if [[ ! ${lbset} ]] ; then
echo
ewarn "Info: Missing load balancing scheduler algorithm module"
ewarn "(They were split off from proxy_balancer in 2.3)"
ewarn "In order to get the ability of load balancing, at least"
ewarn "one of these modules has to be present:"
ewarn "lbmethod_byrequests lbmethod_bytraffic lbmethod_bybusyness lbmethod_heartbeat"
echo
fi
fi
}
|