Browse Source

fcgiwarp add

Signed-off-by: webbuilder_pel7ppc64lebuilder0 <webbuilder@powerel.org>
master
webbuilder_pel7ppc64lebuilder0 2 years ago
parent
commit
704ea125f5
  1. 8
      SOURCES/README.SELinux
  2. 19
      SOURCES/SETUP
  3. 8
      SOURCES/fcgiwrap
  4. 27
      SOURCES/fcgiwrap-1.1.0-declare_cgi_error_noreturn.patch
  5. 22
      SOURCES/fcgiwrap-1.1.0-fix_kill_param_sequence.patch
  6. 25
      SOURCES/fcgiwrap-1.1.0-use_pkg-config_libsystemd.patch
  7. 11
      SOURCES/fcgiwrap@.service
  8. 11
      SOURCES/fcgiwrap@.socket
  9. 160
      SPECS/fcgiwrap.spec

8
SOURCES/README.SELinux

@ -0,0 +1,8 @@
Until BZ #1655702 [1] is resolved and a new selinux-polcy is pushed out, the
local system administrator must apply the following command to avoid avc write
denials, if selinux security policies are being enforced:

semanage fcontext -a -t httpd_var_run_t '/var/run/fcgiwrap(/.*)?'


[1] https://bugzilla.redhat.com/show_bug.cgi?id=1655702

19
SOURCES/SETUP

@ -0,0 +1,19 @@
Perform these steps after package installation:

1. Inspect the environment file /etc/sysconfig/fcgiwrap. Set fcgiwrap daemon
parameters acording to your needs. See man fcgiwrap for details.

2. The systemd unit files provided with this package are instantiated and must
be started by specifiying the desired web server user account. For example,
when using nginx, the fgciwrap service is enabled then started like so:
systemctl enable fcgiwrap@nginx.socket
systemctl start fcgiwrap@nginx.socket

Note the socket name is used here rather than the service name. There is no
need to enable the service itself. Indeed one cannot enable the service on
older versions of systemd. This is by design.

See the systemd socket documentation for further details:
https://www.freedesktop.org/software/systemd/man/systemd.socket.html

8
SOURCES/fcgiwrap

@ -0,0 +1,8 @@
# fcgiwrap configuration parameters

# Specify the number of fcgiwrap processes to prefork
DAEMON_PROCS=1

# Specify additional daemon options. See man fcgiwrap.
DAEMON_OPTS=-f

27
SOURCES/fcgiwrap-1.1.0-declare_cgi_error_noreturn.patch

@ -0,0 +1,27 @@
From bd00af48ca0b0165eea66f47cd9556ac4cee7219 Mon Sep 17 00:00:00 2001
From: Peter Colberg <peter@colberg.org>
Date: Sat, 5 Aug 2017 11:58:26 -0400
Subject: [PATCH] Declare cgi_error noreturn

This declares the function cgi_error with the attribute __noreturn__ to
hint to GCC/Clang that the function exits the program and to prevent
implicit-fallthrough warnings in the function handle_fcgi_request.
---
fcgiwrap.c | 1 +
1 file changed, 1 insertion(+)

diff --git a/fcgiwrap.c b/fcgiwrap.c
index b44d8aa..751c100 100644
--- a/fcgiwrap.c
+++ b/fcgiwrap.c
@@ -500,6 +500,7 @@ static bool is_allowed_program(const char *program) {
return false;
}
+__attribute__((__noreturn__))
static void cgi_error(const char *message, const char *reason, const char *filename)
{
printf("Status: %s\r\nContent-Type: text/plain\r\n\r\n%s\r\n",
--
2.13.5

22
SOURCES/fcgiwrap-1.1.0-fix_kill_param_sequence.patch

@ -0,0 +1,22 @@
From dc0c3b14f0d7bb014a9a4c6c17eb55a123496365 Mon Sep 17 00:00:00 2001
From: "D.pz" <xpz91@126.me>
Date: Mon, 28 Aug 2017 23:54:08 +0800
Subject: [PATCH] 1.fix: kill() parameter sequence wrong

---
fcgiwrap.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/fcgiwrap.c b/fcgiwrap.c
index b44d8aa..bfd9a90 100644
--- a/fcgiwrap.c
+++ b/fcgiwrap.c
@@ -205,7 +205,7 @@ static void fcgi_finish(struct fcgi_context *fc, const char* msg)
if (fc->fd_stderr >= 0) close(fc->fd_stderr);
if (fc->cgi_pid)
- kill(SIGTERM, fc->cgi_pid);
+ kill(fc->cgi_pid, SIGTERM);
}
static const char * fcgi_pass_fd(struct fcgi_context *fc, int *fdp, FCGI_FILE *ffp, char *buf, size_t bufsize)

25
SOURCES/fcgiwrap-1.1.0-use_pkg-config_libsystemd.patch

@ -0,0 +1,25 @@
From 99e1976b5dbe8379457bd3cd3115208b688f0c9c Mon Sep 17 00:00:00 2001
From: Juan Orti Alcaine <j.orti.alcaine@gmail.com>
Date: Wed, 9 Nov 2016 16:29:10 +0100
Subject: [PATCH] pkg-config libsystemd-daemon has been renamed to libsystemd

---
configure.ac | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/configure.ac b/configure.ac
index bb3674e..2b02ef4 100644
--- a/configure.ac
+++ b/configure.ac
@@ -28,7 +28,7 @@ AC_ARG_WITH([systemd],
[], [with_systemd=check])
have_systemd=no
if test "x$with_systemd" != "xno"; then
- PKG_CHECK_MODULES(systemd, [libsystemd-daemon],
+ PKG_CHECK_MODULES(systemd, [libsystemd],
[AC_DEFINE(HAVE_SYSTEMD, 1, [Define if systemd is available])
have_systemd=yes],
have_systemd=no)
--
2.9.3

11
SOURCES/fcgiwrap@.service

@ -0,0 +1,11 @@
[Unit]
Description=Simple CGI Server
After=nss-user-lookup.target

[Service]
EnvironmentFile=/etc/sysconfig/fcgiwrap
ExecStart=/usr/sbin/fcgiwrap ${DAEMON_OPTS} -c ${DAEMON_PROCS}
User=%i

[Install]
Also=fcgiwrap@%i.socket

11
SOURCES/fcgiwrap@.socket

@ -0,0 +1,11 @@
[Unit]
Description=fcgiwrap Socket

[Socket]
ListenStream=/run/fcgiwrap/fcgiwrap-%i.sock
RuntimeDirectory=fcgiwrap
SocketUser=%i
SocketMode=0660

[Install]
WantedBy=sockets.target

160
SPECS/fcgiwrap.spec

@ -0,0 +1,160 @@
%global commit 99c942c90063c73734e56bacaa65f947772d9186
%global shortcommit %(c=%{commit}; echo ${c:0:7})
%global date 20181108

Name: fcgiwrap
Version: 1.1.0
Release: 18.%{date}git%{shortcommit}%{?dist}
Summary: Simple FastCGI wrapper for CGI scripts
License: MIT
URL: https://github.com/gnosek/fcgiwrap
Source0: https://github.com/gnosek/fcgiwrap/archive/%{commit}/%{name}-%{commit}.tar.gz
Source1: %{name}@.service
Source2: %{name}@.socket
Source3: %{name}
Source4: SETUP
Source5: README.SELinux

# https://github.com/gnosek/fcgiwrap/pull/39
Patch0: %{name}-1.1.0-use_pkg-config_libsystemd.patch
# https://github.com/gnosek/fcgiwrap/pull/43
Patch1: %{name}-1.1.0-declare_cgi_error_noreturn.patch
# https://github.com/gnosek/fcgiwrap/pull/44
Patch2: %{name}-1.1.0-fix_kill_param_sequence.patch

BuildRequires: coreutils
BuildRequires: gcc
BuildRequires: autoconf
BuildRequires: automake
BuildRequires: fcgi-devel
BuildRequires: systemd-devel
BuildRequires: make
%{?systemd_requires}

%description
This package provides a simple FastCGI wrapper for CGI scripts with/
following features:
- very lightweight (84KB of private memory per instance)
- fixes broken CR/LF in headers
- handles environment in a sane way (CGI scripts get HTTP-related environment
vars from FastCGI parameters and inherit all the others from
environment of fcgiwrap )
- no configuration, so you can run several sites off the same
fcgiwrap pool
- passes CGI std error output to std error stream of cgiwrap or FastCGI
- support systemd socket activation, launcher program like spawn-fcgi
is no longer required on systemd-enabled distributions

%prep
%autosetup -n %{name}-%{commit}
install -pm 0644 %{SOURCE4} .
install -pm 0644 %{SOURCE5} .

%build
autoreconf -i
%configure --prefix="" --with-systemd
%make_build

%install
%make_install

# Remove the default systemd files
rm -f %{buildroot}%{_unitdir}/fcgiwrap.service
rm -f %{buildroot}%{_unitdir}/fcgiwrap.socket

# Install our own systemd config files
install -Dm 644 %{SOURCE1} %{buildroot}%{_unitdir}/%{name}@.service
install -Dm 644 %{SOURCE2} %{buildroot}%{_unitdir}/%{name}@.socket
install -Dm 644 %{SOURCE3} %{buildroot}%{_sysconfdir}/sysconfig/%{name}

%post
%systemd_post %{name}@.service %{name}@.socket

%preun
%systemd_preun %{name}@.service %{name}@.socket

%postun
%systemd_postun_with_restart %{name}@.service %{name}@.socket

%files
%doc README.rst README.SELinux SETUP
%license COPYING
%{_sbindir}/%{name}
%{_mandir}/man8/%{name}.8*
%{_unitdir}/%{name}@.service
%{_unitdir}/%{name}@.socket
%config(noreplace) %{_sysconfdir}/sysconfig/%{name}

%changelog
* Thu Jan 20 2022 Fedora Release Engineering <releng@fedoraproject.org> - 1.1.0-18.20181108git99c942c
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild

* Wed Jul 21 2021 Fedora Release Engineering <releng@fedoraproject.org> - 1.1.0-17.20181108git99c942c
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild

* Tue Mar 02 2021 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 1.1.0-16.20181108git99c942c
- Rebuilt for updated systemd-rpm-macros
See https://pagure.io/fesco/issue/2583.

* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 1.1.0-15.20181108git99c942c
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild

* Mon Jul 27 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.1.0-14.20181108git99c942c
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild

* Tue Jan 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.1.0-13.20181108git99c942c
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild

* Sun Oct 06 2019 Andrew Bauer <zonexpertconsulting@outlook.com> - 1.1.0-12.20181108git99c942c
- Update SETUP instructions. Fixes RHBZ 1740030.

* Thu Jul 25 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.1.0-11.20181108git99c942c
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild

* Thu Jan 31 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.1.0-10.20181108git99c942c
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild

* Fri Dec 14 2018 Andrew Bauer <zonexpertconsulting@outlook.com> - 1.1.0-9.20181108git99c942c
- fix typo in fcgiwrap socket file

* Tue Dec 04 2018 Andrew Bauer <zonexpertconsulting@outlook.com> - 1.1.0-8.20181108git99c942c
- Modify socket file based on feedback in BZ 1655281
- Add README.SELinux

* Thu Nov 08 2018 Andrew Bauer <zonexpertconsulting@outlook.com> - 1.1.0-7.20181108git99c942c
- Feedback from fedora package review
- Remove Group from unit file
- Set date to snapshot date, not commit date

* Sat Nov 03 2018 Andrew Bauer <zonexpertconsulting@outlook.com> - 1.1.0-6.20150530git99c942c
- Supply our own systemd service, socket, and environment files
- Add Patch2 to fix kill parameter sequence

* Wed Aug 30 2017 Juan Orti Alcaine <jorti@fedoraproject.org> - 1.1.0-5.20150530git99c942c
- Add license
- Use systemd_requires macro
- Update URL
- Add Patch1 to fix compilation with gcc 7

* Wed Nov 09 2016 Juan Orti Alcaine <jorti@fedoraproject.org> - 1.1.0-4.20150530git99c942c
- Patch0 to rename pkg-config libsystemd-daemon to libsystemd

* Thu Feb 04 2016 Juan Orti Alcaine <jorti@fedoraproject.org> - 1.1.0-3.20150530git99c942c
- Use %%make_build macro

* Sat May 30 2015 Juan Orti Alcaine <jorti@fedoraproject.org> - 1.1.0-2.20150530git99c942c
- Update to commit 99c942c

* Fri Feb 08 2013 Hiroaki Nakamura <hnakamur@gmail.com> - 1.1.0-1
- new upstream release.

* Fri Jan 11 2013 Hiroaki Nakamura <hnakamur@gmail.com> - 1.0.3.20120908-1
- Change version to increase monotonously.

* Wed Jan 9 2013 Hiroaki Nakamura <hnakamur@gmail.com> - 1.0.3-3.gitb9f03e6377
- Make the rpm relocatable.

* Tue Dec 25 2012 Hiroaki Nakamura <hnakamur@gmail.com> - 1.0.3-2.gitb9f03e6377

* Tue Jan 31 2012 Craig Barnes <cr@igbarn.es> - 1.0.3-1.git1328862
- Initial package
Loading…
Cancel
Save