ports/173698: www/p5-FCGI-Spawn update to v0.16.2

peter at vereshagin.org peter at vereshagin.org
Sun Nov 18 11:40:01 UTC 2012 

>Number:         173698
>Category:       ports
>Synopsis:       www/p5-FCGI-Spawn update to v0.16.2
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Sun Nov 18 11:40:00 UTC 2012
>Closed-Date:
>Last-Modified:
>Originator:     
>Release:        FreeBSD 7.4-STABLE i386
>Organization:
'
>Environment:
System: FreeBSD tehost 7.4-STABLE FreeBSD 7.4-STABLE #12: Wed Oct 5 05:49:39 MSK 2011 usr at tehost:/CONF i386


>Description:
	Security fix for www/p5-FCGI-Spawn users.

	Supplemental groups don't use to be dropped by bin/fcgi_spawn.

	This is not what bin/fcgi_spawn has the '-g' switch for.

	More info: https://rt.cpan.org/Ticket/Display.html?id=72408

	Thanks: John Lightsey <john at nixnuts.net>
>How-To-Repeat:
	If you 'print `/usr/bin/id`, "\n";' in your CGI program running with
	www/p5-FCGI-Spawn, you'll see supplemental groups in the output.
>Fix:

Update the port to v0.16.2. Shell archive of the port is supplied (follows).

--- p5-FCGI-Spawn.shar begins here ---
# This is a shell archive.  Save it in a file, remove anything before
# this line, and then unpack it by entering "sh file".  Note, it may
# create directories; files and directories will be owned by you and
# have default permissions.
#
# This archive contains:
#
#	p5-FCGI-Spawn
#	p5-FCGI-Spawn/Makefile
#	p5-FCGI-Spawn/distinfo
#	p5-FCGI-Spawn/files
#	p5-FCGI-Spawn/files/fcgi_spawn.in
#	p5-FCGI-Spawn/pkg-deinstall
#	p5-FCGI-Spawn/pkg-descr
#	p5-FCGI-Spawn/pkg-install
#	p5-FCGI-Spawn/pkg-message
#	p5-FCGI-Spawn/pkg-plist
#
echo c - p5-FCGI-Spawn
mkdir -p p5-FCGI-Spawn > /dev/null 2>&1
echo x - p5-FCGI-Spawn/Makefile
sed 's/^X//' >p5-FCGI-Spawn/Makefile << '78eca2bb13f9b634ff529efbf64534aa'
X# New ports collection makefile for:	p5-FCGI-Spawn
X# Date created:		2012-11-17
X# Whom:			Peter Vereshagin<peter at vereshagin.org>
X#
X# $FreeBSD: ports/www/p5-FCGI-Spawn/Makefile,v 1.6 2010/04/14 13:48:02 skreuzer Exp $
X#
X
XPORTNAME=	FCGI-Spawn
XPORTVERSION=	0.16.2
XCATEGORIES=	www perl5
XMASTER_SITES=	CPAN
XPKGNAMEPREFIX=	p5-
X
XMAINTAINER=	peter at vereshagin.org
XCOMMENT=	FastCGI server for CGI-like applications multiprocessing
X
XRUN_DEPENDS=	${SITE_PERL}/FCGI/ProcManager.pm:${PORTSDIR}/www/p5-FCGI-ProcManager
X
XPERL_CONFIGURE=	yes
X
XUSE_RC_SUBR+= fcgi_spawn
X
XMAN3=		FCGI::Spawn.3 \
X		FCGI::Spawn::BinUtils.3
XMAN1=		fcgi_spawn.1
X
XOPTIONS=  MYSQL   "MySQL dependency to run on RC start"         off \
X    PGSQL   "PgSQL dependency to run on RC start"         off
X
X.include <bsd.port.pre.mk>
X
X.if defined(WITH_MYSQL)
X# RUN_DEPENDS+=	mysql-server>=0:${PORTSDIR}/databases/mysql${MYSQL_VER}-server
XSUB_LIST+=	MYSQL=mysql
X.	else
XSUB_LIST+=	MYSQL=
X.endif
X
X.if defined(WITH_PGSQL)
X# RUN_DEPENDS+=	postgresql-server>=0:${PORTSDIR}/databases/postgresql${PGSQL_VER}-server
XSUB_LIST+=	PGSQL=postgresql
X.	else
XSUB_LIST+=	PGSQL=
X.endif
X
Xpost-install:
X	@${MKDIR} ${PREFIX}/etc/fcgi_spawn
X	@${INSTALL_DATA} ${WRKSRC}/fcgi_spawn.conf.sample ${PREFIX}/etc/fcgi_spawn
X	@${MKDIR} ${PREFIX}/share/doc/${PKGNAMEPREFIX}${PORTNAME}
X	@${INSTALL_DATA} ${WRKSRC}/README \
X		${PREFIX}/share/doc/${PKGNAMEPREFIX}${PORTNAME}
X	@${CAT} ${PKGMESSAGE}
X
X.include <bsd.port.post.mk>
78eca2bb13f9b634ff529efbf64534aa
echo x - p5-FCGI-Spawn/distinfo
sed 's/^X//' >p5-FCGI-Spawn/distinfo << 'f02bcba4c6a290527ae5b163e7ad9864'
XSHA256 (FCGI-Spawn-0.16.2.tar.gz) = 2880f26f229b37a674c07afceb9199fea1986d36c268bd71f9e19d710df9eef7
XSIZE (FCGI-Spawn-0.16.2.tar.gz) = 29443
f02bcba4c6a290527ae5b163e7ad9864
echo c - p5-FCGI-Spawn/files
mkdir -p p5-FCGI-Spawn/files > /dev/null 2>&1
echo x - p5-FCGI-Spawn/files/fcgi_spawn.in
sed 's/^X//' >p5-FCGI-Spawn/files/fcgi_spawn.in << '498aa025dce9fba92dc1292abab35f32'
X#!/bin/sh
X
X# PROVIDE: fcgi_spawn
X# REQUIRE: LOGIN %%MYSQL%% %%PGSQL%%
X# KEYWORD: shutdown
X
X. /etc/rc.subr
X
Xname="fcgi_spawn"
Xrcvar=${name}_enable
X
Xfcgi_spawn_enable=${fcgi_spawn_enable:-"NO"}
Xpidfile=${fcgi_spawn_pid:-"/var/run/${name}.pid"}
X
Xload_rc_config ${name}
X
Xfcgi_spawn_config_path=${fcgi_spawn_config_path:-"/usr/local/etc/${name}"}
Xfcgi_spawn_log=${fcgi_spawn_log:-"/var/log/${name}.log"}
Xfcgi_spawn_socket_path=${fcgi_spawn_socket_path:-"/tmp/spawner.sock"}
Xfcgi_spawn_redefine_exit=${fcgi_spawn_redefine_exit:-"0"}
Xfcgi_spawn_username=${fcgi_spawn_username:-"fcgi"}
Xfcgi_spawn_groupname=${fcgi_spawn_groupname:-"fcgi"}
Xfcgi_spawn_flags=${fcgi_spawn_flags:-""}
Xcommand="%%PREFIX%%/bin/${name}"
Xcommand_args="-l ${fcgi_spawn_log} -p ${pidfile} -c ${fcgi_spawn_config_path} -u ${fcgi_spawn_username} -g ${fcgi_spawn_groupname}  -s ${fcgi_spawn_socket_path}"
Xrequired_dirs=${fcgi_spawn_config_path}
X
Xrun_rc_command "$1"
498aa025dce9fba92dc1292abab35f32
echo x - p5-FCGI-Spawn/pkg-deinstall
sed 's/^X//' >p5-FCGI-Spawn/pkg-deinstall << 'dd48392362ec8cfd3a71c5b52dc384ea'
X#!/bin/sh
X#
X# $FreeBSD: ports/www/p5-FCGI-Spawn/pkg-deinstall,v 1.1 2010/04/14 13:58:52 skreuzer Exp $
X#
X
Xif [ "$2" != "POST-DEINSTALL" ]; then
X    exit 0
Xfi
X
XUSER=fcgi
X
Xif pw usershow "${USER}" 2>/dev/null 1>&2; then
X	echo "To delete user permanently, use 'pw userdel ${USER}'. Also, unused groups of that user should be deleted, too"
Xfi
X
Xexit 0
dd48392362ec8cfd3a71c5b52dc384ea
echo x - p5-FCGI-Spawn/pkg-descr
sed 's/^X//' >p5-FCGI-Spawn/pkg-descr << '81551c0d2f91cd075e018bf0588b30a3'
XFCGI::Spawn is used to serve CGI-like applications as a FastCGI process
Xmanager. Besides the features the FCGI::ProcManager posess itself, the
XFCGI::Spawn is targeted as web server admin understandable instance for
Xbuilding the own fastcgi server with copy-on-write memory sharing among
Xforks and with single input parameters like socket path and processes
Xnumber. Another thing to mention is that it is able to execute/do() any file
Xpointed by Web server. So we have the daemon that separates the task of
Xdevelopers (admins, users, etc.) within the same processes set making the
Xsoultion a memory-effective.
X
XWWW:	http://search.cpan.org/dist/FCGI-Spawn/
81551c0d2f91cd075e018bf0588b30a3
echo x - p5-FCGI-Spawn/pkg-install
sed 's/^X//' >p5-FCGI-Spawn/pkg-install << 'e2149dbcf96982c8ba6102bb711a810d'
X#!/bin/sh
X#
X# $FreeBSD: ports/www/p5-FCGI-Spawn/pkg-install,v 1.1 2010/04/14 13:58:52 skreuzer Exp $
X#
X
Xif [ "$2" != "PRE-INSTALL" ]; then
X    exit 0
Xfi
X
XUSER=fcgi
XGROUP=${USER}
X
Xif ! pw groupshow "${GROUP}" 2>/dev/null 1>&2; then
X	if pw groupadd ${GROUP} ; then
X		echo "Added group \"${GROUP}\"."
X	else
X		echo "Adding group \"${GROUP}\" failed..."
X		exit 1
X	fi
Xfi
X
Xif ! pw usershow "${USER}" 2>/dev/null 1>&2; then
X	if pw useradd ${USER} -g ${GROUP} -h - \
X		-s "/sbin/nologin" -d "/nonexistent" \
X		-c "FastCGI Spawner"; \
X	then
X		echo "Added user \"${USER}\"."
X	else
X		echo "Adding user \"${USER}\" failed..."
X		exit 1
X	fi
Xfi
X
Xexit 0
e2149dbcf96982c8ba6102bb711a810d
echo x - p5-FCGI-Spawn/pkg-message
sed 's/^X//' >p5-FCGI-Spawn/pkg-message << '3ce0816cea8492bc7e0b5a82e53fef17'
X-=*** FCGI::Spawn and fcgi_spawn are installed ***=-
X
XFor the first time, check all the docs supplied with the package.
X
XTo run the fcgi_spawn on boot time, create the system user for it, and group,
Xtoo. After that, assuming you name them "fcgi", add this to your rc.conf:
X
Xfcgi_spawn_enable="YES"
Xfcgi_spawn_username="fcgi"
Xfcgi_spawn_groupname="fcgi"
X
XYou may want to set fcgi_spawn_flags also according to taste.
3ce0816cea8492bc7e0b5a82e53fef17
echo x - p5-FCGI-Spawn/pkg-plist
sed 's/^X//' >p5-FCGI-Spawn/pkg-plist << '840fce8901f5b04ff59e2d2f7c825097'
X%%SITE_PERL%%/FCGI/Spawn/BinUtils.pm
X%%SITE_PERL%%/FCGI/Spawn.pm
X%%SITE_PERL%%/%%PERL_ARCH%%/auto/FCGI/Spawn/.packlist
Xbin/fcgi_spawn
Xetc/fcgi_spawn/fcgi_spawn.conf.sample
Xshare/doc/p5-FCGI-Spawn/README
X at dirrmtry %%SITE_PERL%%/%%PERL_ARCH%%/auto/FCGI/Spawn
X at dirrmtry %%SITE_PERL%%/%%PERL_ARCH%%/auto/FCGI
X at dirrmtry %%SITE_PERL%%/FCGI
X at dirrmtry share/doc/p5-FCGI-Spawn
X at dirrmtry etc/fcgi_spawn
840fce8901f5b04ff59e2d2f7c825097
exit
--- p5-FCGI-Spawn.shar ends here ---


>Release-Note:
>Audit-Trail:
>Unformatted:

More information about the freebsd-ports-bugs mailing list