svn commit: r399688 - in head: . www/varnish4 www/varnish4/files

[Mark Felder]

Author: feld
Date: Mon Oct 19 15:04:31 2015
New Revision: 399688
URL: https://svnweb.freebsd.org/changeset/ports/399688

Log:
  www/varnish4: Update to 4.1.0
  
  - Add varnish and varnishlog UIDs
  - Add varnish GID
  - varnishd, varnishncsa, and varnishlog no longer run as root
  
  Users upgrading may see permissions errors on start due to change in
  uid running the processes. Please see the UPDATING entry for more
  details.
  
  Changelog:	https://github.com/varnish/Varnish-Cache/blob/varnish-4.1.0/doc/sphinx/whats-new/changes.rst
  
  Differential Revision:	https://reviews.freebsd.org/D3878

Modified:
  head/GIDs
  head/UIDs
  head/www/varnish4/Makefile
  head/www/varnish4/distinfo
  head/www/varnish4/files/varnishd.in
  head/www/varnish4/files/varnishlog.in
  head/www/varnish4/files/varnishncsa.in
  head/www/varnish4/pkg-plist

Modified: head/GIDs
==============================================================================
--- head/GIDs	Mon Oct 19 14:57:28 2015	(r399687)
+++ head/GIDs	Mon Oct 19 15:04:31 2015	(r399688)
@@ -175,6 +175,7 @@ ldap:*:389:
 tiarra:*:398:
 uhub:*:411:
 drweb:*:426:
+varnish:*:429:
 quasselcore:*:442:
 callweaver:*:444:
 ecartis:*:450:

Modified: head/UIDs
==============================================================================
--- head/UIDs	Mon Oct 19 14:57:28 2015	(r399687)
+++ head/UIDs	Mon Oct 19 15:04:31 2015	(r399688)
@@ -181,6 +181,8 @@ ldap:*:389:389::0:0:OpenLDAP Server:/non
 tiarra:*:398:398::0:0:Tiarra IRC Proxy:/nonexistent:/usr/sbin/nologin
 uhub:*:411:411::0:0:uHub ADC Daemon:/nonexistent:/usr/sbin/nologin
 drweb:*:426:426::0:0:Dr.Web Mail Scanner:/nonexistent:/usr/sbin/nologin
+varnish:*:429:429::0:0:Varnish Cache User:/nonexistent:/usr/sbin/nologin
+varnishlog:*:430:429::0:0:Varnish Log User:/nonexistent:/usr/sbin/nologin
 quasselcore:*:442:442::0:0:Quassel IRC User:/nonexistent:/usr/sbin/nologin
 callweaver:*:444:444::0:0:Callweaver account:/var/lib/callweaver:/usr/sbin/nologin
 ecartis:*:450:450::0:0:Ecartis Listserver:/usr/local/ecartis:/usr/sbin/nologin

Modified: head/www/varnish4/Makefile
==============================================================================
--- head/www/varnish4/Makefile	Mon Oct 19 14:57:28 2015	(r399687)
+++ head/www/varnish4/Makefile	Mon Oct 19 15:04:31 2015	(r399688)
@@ -1,8 +1,8 @@
 # $FreeBSD$
 
 PORTNAME=	varnish
-PORTVERSION=	4.0.3
-PORTREVISION=	7
+PORTVERSION=	4.1.0
+PORTREVISION=	0
 CATEGORIES=	www
 MASTER_SITES=	http://repo.varnish-cache.org/source/
 PKGNAMESUFFIX=	4
@@ -27,6 +27,9 @@ CONFIGURE_ENV=	RST2MAN=true
 USE_LDCONFIG=	yes
 INSTALL_TARGET=	install-strip
 
+USERS=		varnish varnishlog
+GROUPS=		varnish
+
 USE_RC_SUBR=	varnishd varnishlog varnishncsa
 SUB_FILES=	pkg-message
 .if defined(NO_INET6) || defined(WITHOUT_INET6)

Modified: head/www/varnish4/distinfo
==============================================================================
--- head/www/varnish4/distinfo	Mon Oct 19 14:57:28 2015	(r399687)
+++ head/www/varnish4/distinfo	Mon Oct 19 15:04:31 2015	(r399688)
@@ -1,2 +1,2 @@
-SHA256 (varnish-4.0.3.tar.gz) = 94b9a174097f47db2286acd2c35f235e49a2b7a9ddfdbd6eb7aa4da9ae8f8206
-SIZE (varnish-4.0.3.tar.gz) = 1866760
+SHA256 (varnish-4.1.0.tar.gz) = 4a6ea08e30b62fbf25f884a65f0d8af42e9cc9d25bf70f45ae4417c4f1c99017
+SIZE (varnish-4.1.0.tar.gz) = 1990932

Modified: head/www/varnish4/files/varnishd.in
==============================================================================
--- head/www/varnish4/files/varnishd.in	Mon Oct 19 14:57:28 2015	(r399687)
+++ head/www/varnish4/files/varnishd.in	Mon Oct 19 15:04:31 2015	(r399688)
@@ -37,15 +37,12 @@
 # varnishd_storage - storage method and parameters.
 #	default: "file,/tmp,100M"
 #
-# varnishd_user - unprivileged user for the child process.
-#	default: "www"
-#
-# varnishd_group - unprivileged group for the child process.
-#	default: "www"
+# varnishd_jailuser - unprivileged user for the child process.
+#	default: "varnish"
 #
 # varnishd_flags - complete command line arguments.
-#	default if varnishd_config is unset: "-P ${varnishd_pidfile} -a ${varnishd_listen} -T ${varnishd_admin} -b ${varnishd_backend} -s ${varnishd_storage} -h ${varnishd_hash} -u ${varnishd_user} -g ${varnishd_group}"
-#	default if varnishd_config is set: "-P ${varnishd_pidfile} -a ${varnishd_listen} -T ${varnishd_admin} -f ${varnishd_config} -s ${varnishd_storage} -h ${varnishd_hash} -u ${varnishd_user} -g ${varnishd_group}"
+#	default if varnishd_config is unset: "-j unix,user=${varnishd_jailuser} -P ${varnishd_pidfile} -a ${varnishd_listen} -T ${varnishd_admin} -b ${varnishd_backend} -s ${varnishd_storage} -h ${varnishd_hash} ${varnishd_extra_flags}"
+#	default if varnishd_config is set: "-j unix,user=${varnishd_jailuser} -P ${varnishd_pidfile} -a ${varnishd_listen} -T ${varnishd_admin} -f ${varnishd_config} -s ${varnishd_storage} -h ${varnishd_hash} ${varnishd_extra_flags}"
 #
 # See varnishd(1) for a detailed overview of command-line options.
 #
@@ -64,21 +61,15 @@ load_rc_config ${name}
 : ${varnishd_backend=localhost:8080}
 : ${varnishd_storage=file,/tmp,100M}
 : ${varnishd_hash=classic,16383}
-: ${varnishd_user=www}
-: ${varnishd_group=www}
+: ${varnishd_jailuser=varnish}
 
 command="%%PREFIX%%/sbin/${name}"
 pidfile="${varnishd_pidfile}"
 
 if [ -n "${varnishd_config}" ] ; then
-	: ${varnishd_flags:="-P ${varnishd_pidfile} -a ${varnishd_listen} -T ${varnishd_admin} -f ${varnishd_config} -s ${varnishd_storage} -h ${varnishd_hash} -u ${varnishd_user} -g ${varnishd_group} ${varnishd_extra_flags}"}
+	: ${varnishd_flags:="-j unix,user=${varnishd_jailuser} -P ${varnishd_pidfile} -a ${varnishd_listen} -T ${varnishd_admin} -f ${varnishd_config} -s ${varnishd_storage} -h ${varnishd_hash} ${varnishd_extra_flags}"}
 else
-	: ${varnishd_flags:="-P ${varnishd_pidfile} -a ${varnishd_listen} -T ${varnishd_admin} -b ${varnishd_backend} -s ${varnishd_storage} -h ${varnishd_hash} -u ${varnishd_user} -g ${varnishd_group} ${varnishd_extra_flags}"}
+	: ${varnishd_flags:="-j unix,user=${varnishd_jailuser} -P ${varnishd_pidfile} -a ${varnishd_listen} -T ${varnishd_admin} -b ${varnishd_backend} -s ${varnishd_storage} -h ${varnishd_hash} ${varnishd_extra_flags}"}
 fi
 
-# If we leave these set, rc.subr will su to them before starting
-# varnishd, which is not what we want.
-unset varnishd_user
-unset varnishd_group
-
 run_rc_command "$1"

Modified: head/www/varnish4/files/varnishlog.in
==============================================================================
--- head/www/varnish4/files/varnishlog.in	Mon Oct 19 14:57:28 2015	(r399687)
+++ head/www/varnish4/files/varnishlog.in	Mon Oct 19 15:04:31 2015	(r399688)
@@ -41,6 +41,7 @@ load_rc_config ${name}
 : ${varnishlog_pidfile=/var/run/${name}.pid}
 : ${varnishlog_file=/var/log/varnish.log}
 : ${varnishlog_flags="-P ${varnishlog_pidfile} -D -a -w ${varnishlog_file}"}
+: ${varnishlog_user=varnishlog}
 
 command="%%PREFIX%%/bin/${name}"
 pidfile=${varnishlog_pidfile}
@@ -48,6 +49,14 @@ start_precmd=precmd
 
 precmd()
 {
+	if [ ! -e ${pidfile} ]; then
+		install -o ${varnishlog_user} -g varnish /dev/null ${pidfile};
+	fi
+
+	if [ ! -e ${varnishlog_file} ]; then
+		install -o ${varnishlog_user} -g varnish /dev/null ${varnishlog_file};
+	fi
+
 	waitcount=0
 	vsm=%%PREFIX%%/varnish/$(hostname)/_.vsm
 	

Modified: head/www/varnish4/files/varnishncsa.in
==============================================================================
--- head/www/varnish4/files/varnishncsa.in	Mon Oct 19 14:57:28 2015	(r399687)
+++ head/www/varnish4/files/varnishncsa.in	Mon Oct 19 15:04:31 2015	(r399688)
@@ -46,6 +46,7 @@ load_rc_config ${name}
 : ${varnishncsa_pidfile=/var/run/${name}.pid}
 : ${varnishncsa_file=/var/log/${name}.log}
 : ${varnishncsa_flags="-P ${varnishncsa_pidfile} -D -a -w ${varnishncsa_file}${varnishncsa_logformat:+ -F \"$varnishncsa_logformat\"}"}
+: ${varnishncsa_user=varnishlog}
 
 command="%%PREFIX%%/bin/${name}"
 pidfile=${varnishncsa_pidfile}
@@ -53,6 +54,14 @@ start_precmd=precmd
 
 precmd()
 {
+	if [ ! -e ${pidfile} ]; then
+		install -o ${varnishncsa_user} -g varnish /dev/null ${pidfile};
+	fi
+
+	if [ ! -e ${varnishncsa_file} ]; then
+		install -o ${varnishncsa_user} -g varnish /dev/null ${varnishncsa_file};
+	fi
+
 	waitcount=0
 	vsm=%%PREFIX%%/varnish/$(hostname)/_.vsm
 	

Modified: head/www/varnish4/pkg-plist
==============================================================================
--- head/www/varnish4/pkg-plist	Mon Oct 19 14:57:28 2015	(r399687)
+++ head/www/varnish4/pkg-plist	Mon Oct 19 15:04:31 2015	(r399688)
@@ -7,6 +7,8 @@ bin/varnishtest
 bin/varnishtop
 include/varnish/cache/cache.h
 include/varnish/cache/cache_backend.h
+include/varnish/cache/cache_director.h
+include/varnish/cache/cache_filter.h
 include/varnish/common/common.h
 include/varnish/common/params.h
 include/varnish/miniobj.h
@@ -21,7 +23,11 @@ include/varnish/tbl/feature_bits.h
 include/varnish/tbl/http_headers.h
 include/varnish/tbl/http_response.h
 include/varnish/tbl/locks.h
+include/varnish/tbl/obj_attr.h
+include/varnish/tbl/params.h
 include/varnish/tbl/req_body.h
+include/varnish/tbl/req_flags.h
+include/varnish/tbl/sess_attr.h
 include/varnish/tbl/sess_close.h
 include/varnish/tbl/steps.h
 include/varnish/tbl/symbol_kind.h
@@ -43,6 +49,7 @@ include/varnish/vapi/vsl.h
 include/varnish/vapi/vsl_int.h
 include/varnish/vapi/vsm.h
 include/varnish/vapi/vsm_int.h
+include/varnish/waiter/waiter.h
 include/varnish/vas.h
 include/varnish/vav.h
 include/varnish/vbm.h
@@ -51,6 +58,8 @@ include/varnish/vcli.h
 include/varnish/vcs.h
 include/varnish/vdef.h
 include/varnish/vmod_abi.h
+include/varnish/vtcp.h
+include/varnish/vtim.h
 include/varnish/vqueue.h
 include/varnish/vre.h
 include/varnish/vrt.h
@@ -60,7 +69,7 @@ include/varnish/vsb.h
 include/varnish/vsha256.h
 lib/libvarnishapi.so
 lib/libvarnishapi.so.1
-lib/libvarnishapi.so.1.0.0
+lib/libvarnishapi.so.1.0.4
 lib/varnish/libvarnish.so
 lib/varnish/libvarnishcompat.so
 lib/varnish/libvcc.so