Date: Mon, 19 Oct 2015 15:04:31 +0000 (UTC) From: Mark Felder <feld@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r399688 - in head: . www/varnish4 www/varnish4/files Message-ID: <201510191504.t9JF4V1r029513@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: feld Date: Mon Oct 19 15:04:31 2015 New Revision: 399688 URL: https://svnweb.freebsd.org/changeset/ports/399688 Log: www/varnish4: Update to 4.1.0 - Add varnish and varnishlog UIDs - Add varnish GID - varnishd, varnishncsa, and varnishlog no longer run as root Users upgrading may see permissions errors on start due to change in uid running the processes. Please see the UPDATING entry for more details. Changelog: https://github.com/varnish/Varnish-Cache/blob/varnish-4.1.0/doc/sphinx/whats-new/changes.rst Differential Revision: https://reviews.freebsd.org/D3878 Modified: head/GIDs head/UIDs head/www/varnish4/Makefile head/www/varnish4/distinfo head/www/varnish4/files/varnishd.in head/www/varnish4/files/varnishlog.in head/www/varnish4/files/varnishncsa.in head/www/varnish4/pkg-plist Modified: head/GIDs ============================================================================== --- head/GIDs Mon Oct 19 14:57:28 2015 (r399687) +++ head/GIDs Mon Oct 19 15:04:31 2015 (r399688) @@ -175,6 +175,7 @@ ldap:*:389: tiarra:*:398: uhub:*:411: drweb:*:426: +varnish:*:429: quasselcore:*:442: callweaver:*:444: ecartis:*:450: Modified: head/UIDs ============================================================================== --- head/UIDs Mon Oct 19 14:57:28 2015 (r399687) +++ head/UIDs Mon Oct 19 15:04:31 2015 (r399688) @@ -181,6 +181,8 @@ ldap:*:389:389::0:0:OpenLDAP Server:/non tiarra:*:398:398::0:0:Tiarra IRC Proxy:/nonexistent:/usr/sbin/nologin uhub:*:411:411::0:0:uHub ADC Daemon:/nonexistent:/usr/sbin/nologin drweb:*:426:426::0:0:Dr.Web Mail Scanner:/nonexistent:/usr/sbin/nologin +varnish:*:429:429::0:0:Varnish Cache User:/nonexistent:/usr/sbin/nologin +varnishlog:*:430:429::0:0:Varnish Log User:/nonexistent:/usr/sbin/nologin quasselcore:*:442:442::0:0:Quassel IRC User:/nonexistent:/usr/sbin/nologin callweaver:*:444:444::0:0:Callweaver account:/var/lib/callweaver:/usr/sbin/nologin ecartis:*:450:450::0:0:Ecartis Listserver:/usr/local/ecartis:/usr/sbin/nologin Modified: head/www/varnish4/Makefile ============================================================================== --- head/www/varnish4/Makefile Mon Oct 19 14:57:28 2015 (r399687) +++ head/www/varnish4/Makefile Mon Oct 19 15:04:31 2015 (r399688) @@ -1,8 +1,8 @@ # $FreeBSD$ PORTNAME= varnish -PORTVERSION= 4.0.3 -PORTREVISION= 7 +PORTVERSION= 4.1.0 +PORTREVISION= 0 CATEGORIES= www MASTER_SITES= http://repo.varnish-cache.org/source/ PKGNAMESUFFIX= 4 @@ -27,6 +27,9 @@ CONFIGURE_ENV= RST2MAN=true USE_LDCONFIG= yes INSTALL_TARGET= install-strip +USERS= varnish varnishlog +GROUPS= varnish + USE_RC_SUBR= varnishd varnishlog varnishncsa SUB_FILES= pkg-message .if defined(NO_INET6) || defined(WITHOUT_INET6) Modified: head/www/varnish4/distinfo ============================================================================== --- head/www/varnish4/distinfo Mon Oct 19 14:57:28 2015 (r399687) +++ head/www/varnish4/distinfo Mon Oct 19 15:04:31 2015 (r399688) @@ -1,2 +1,2 @@ -SHA256 (varnish-4.0.3.tar.gz) = 94b9a174097f47db2286acd2c35f235e49a2b7a9ddfdbd6eb7aa4da9ae8f8206 -SIZE (varnish-4.0.3.tar.gz) = 1866760 +SHA256 (varnish-4.1.0.tar.gz) = 4a6ea08e30b62fbf25f884a65f0d8af42e9cc9d25bf70f45ae4417c4f1c99017 +SIZE (varnish-4.1.0.tar.gz) = 1990932 Modified: head/www/varnish4/files/varnishd.in ============================================================================== --- head/www/varnish4/files/varnishd.in Mon Oct 19 14:57:28 2015 (r399687) +++ head/www/varnish4/files/varnishd.in Mon Oct 19 15:04:31 2015 (r399688) @@ -37,15 +37,12 @@ # varnishd_storage - storage method and parameters. # default: "file,/tmp,100M" # -# varnishd_user - unprivileged user for the child process. -# default: "www" -# -# varnishd_group - unprivileged group for the child process. -# default: "www" +# varnishd_jailuser - unprivileged user for the child process. +# default: "varnish" # # varnishd_flags - complete command line arguments. -# default if varnishd_config is unset: "-P ${varnishd_pidfile} -a ${varnishd_listen} -T ${varnishd_admin} -b ${varnishd_backend} -s ${varnishd_storage} -h ${varnishd_hash} -u ${varnishd_user} -g ${varnishd_group}" -# default if varnishd_config is set: "-P ${varnishd_pidfile} -a ${varnishd_listen} -T ${varnishd_admin} -f ${varnishd_config} -s ${varnishd_storage} -h ${varnishd_hash} -u ${varnishd_user} -g ${varnishd_group}" +# default if varnishd_config is unset: "-j unix,user=${varnishd_jailuser} -P ${varnishd_pidfile} -a ${varnishd_listen} -T ${varnishd_admin} -b ${varnishd_backend} -s ${varnishd_storage} -h ${varnishd_hash} ${varnishd_extra_flags}" +# default if varnishd_config is set: "-j unix,user=${varnishd_jailuser} -P ${varnishd_pidfile} -a ${varnishd_listen} -T ${varnishd_admin} -f ${varnishd_config} -s ${varnishd_storage} -h ${varnishd_hash} ${varnishd_extra_flags}" # # See varnishd(1) for a detailed overview of command-line options. # @@ -64,21 +61,15 @@ load_rc_config ${name} : ${varnishd_backend=localhost:8080} : ${varnishd_storage=file,/tmp,100M} : ${varnishd_hash=classic,16383} -: ${varnishd_user=www} -: ${varnishd_group=www} +: ${varnishd_jailuser=varnish} command="%%PREFIX%%/sbin/${name}" pidfile="${varnishd_pidfile}" if [ -n "${varnishd_config}" ] ; then - : ${varnishd_flags:="-P ${varnishd_pidfile} -a ${varnishd_listen} -T ${varnishd_admin} -f ${varnishd_config} -s ${varnishd_storage} -h ${varnishd_hash} -u ${varnishd_user} -g ${varnishd_group} ${varnishd_extra_flags}"} + : ${varnishd_flags:="-j unix,user=${varnishd_jailuser} -P ${varnishd_pidfile} -a ${varnishd_listen} -T ${varnishd_admin} -f ${varnishd_config} -s ${varnishd_storage} -h ${varnishd_hash} ${varnishd_extra_flags}"} else - : ${varnishd_flags:="-P ${varnishd_pidfile} -a ${varnishd_listen} -T ${varnishd_admin} -b ${varnishd_backend} -s ${varnishd_storage} -h ${varnishd_hash} -u ${varnishd_user} -g ${varnishd_group} ${varnishd_extra_flags}"} + : ${varnishd_flags:="-j unix,user=${varnishd_jailuser} -P ${varnishd_pidfile} -a ${varnishd_listen} -T ${varnishd_admin} -b ${varnishd_backend} -s ${varnishd_storage} -h ${varnishd_hash} ${varnishd_extra_flags}"} fi -# If we leave these set, rc.subr will su to them before starting -# varnishd, which is not what we want. -unset varnishd_user -unset varnishd_group - run_rc_command "$1" Modified: head/www/varnish4/files/varnishlog.in ============================================================================== --- head/www/varnish4/files/varnishlog.in Mon Oct 19 14:57:28 2015 (r399687) +++ head/www/varnish4/files/varnishlog.in Mon Oct 19 15:04:31 2015 (r399688) @@ -41,6 +41,7 @@ load_rc_config ${name} : ${varnishlog_pidfile=/var/run/${name}.pid} : ${varnishlog_file=/var/log/varnish.log} : ${varnishlog_flags="-P ${varnishlog_pidfile} -D -a -w ${varnishlog_file}"} +: ${varnishlog_user=varnishlog} command="%%PREFIX%%/bin/${name}" pidfile=${varnishlog_pidfile} @@ -48,6 +49,14 @@ start_precmd=precmd precmd() { + if [ ! -e ${pidfile} ]; then + install -o ${varnishlog_user} -g varnish /dev/null ${pidfile}; + fi + + if [ ! -e ${varnishlog_file} ]; then + install -o ${varnishlog_user} -g varnish /dev/null ${varnishlog_file}; + fi + waitcount=0 vsm=%%PREFIX%%/varnish/$(hostname)/_.vsm Modified: head/www/varnish4/files/varnishncsa.in ============================================================================== --- head/www/varnish4/files/varnishncsa.in Mon Oct 19 14:57:28 2015 (r399687) +++ head/www/varnish4/files/varnishncsa.in Mon Oct 19 15:04:31 2015 (r399688) @@ -46,6 +46,7 @@ load_rc_config ${name} : ${varnishncsa_pidfile=/var/run/${name}.pid} : ${varnishncsa_file=/var/log/${name}.log} : ${varnishncsa_flags="-P ${varnishncsa_pidfile} -D -a -w ${varnishncsa_file}${varnishncsa_logformat:+ -F \"$varnishncsa_logformat\"}"} +: ${varnishncsa_user=varnishlog} command="%%PREFIX%%/bin/${name}" pidfile=${varnishncsa_pidfile} @@ -53,6 +54,14 @@ start_precmd=precmd precmd() { + if [ ! -e ${pidfile} ]; then + install -o ${varnishncsa_user} -g varnish /dev/null ${pidfile}; + fi + + if [ ! -e ${varnishncsa_file} ]; then + install -o ${varnishncsa_user} -g varnish /dev/null ${varnishncsa_file}; + fi + waitcount=0 vsm=%%PREFIX%%/varnish/$(hostname)/_.vsm Modified: head/www/varnish4/pkg-plist ============================================================================== --- head/www/varnish4/pkg-plist Mon Oct 19 14:57:28 2015 (r399687) +++ head/www/varnish4/pkg-plist Mon Oct 19 15:04:31 2015 (r399688) @@ -7,6 +7,8 @@ bin/varnishtest bin/varnishtop include/varnish/cache/cache.h include/varnish/cache/cache_backend.h +include/varnish/cache/cache_director.h +include/varnish/cache/cache_filter.h include/varnish/common/common.h include/varnish/common/params.h include/varnish/miniobj.h @@ -21,7 +23,11 @@ include/varnish/tbl/feature_bits.h include/varnish/tbl/http_headers.h include/varnish/tbl/http_response.h include/varnish/tbl/locks.h +include/varnish/tbl/obj_attr.h +include/varnish/tbl/params.h include/varnish/tbl/req_body.h +include/varnish/tbl/req_flags.h +include/varnish/tbl/sess_attr.h include/varnish/tbl/sess_close.h include/varnish/tbl/steps.h include/varnish/tbl/symbol_kind.h @@ -43,6 +49,7 @@ include/varnish/vapi/vsl.h include/varnish/vapi/vsl_int.h include/varnish/vapi/vsm.h include/varnish/vapi/vsm_int.h +include/varnish/waiter/waiter.h include/varnish/vas.h include/varnish/vav.h include/varnish/vbm.h @@ -51,6 +58,8 @@ include/varnish/vcli.h include/varnish/vcs.h include/varnish/vdef.h include/varnish/vmod_abi.h +include/varnish/vtcp.h +include/varnish/vtim.h include/varnish/vqueue.h include/varnish/vre.h include/varnish/vrt.h @@ -60,7 +69,7 @@ include/varnish/vsb.h include/varnish/vsha256.h lib/libvarnishapi.so lib/libvarnishapi.so.1 -lib/libvarnishapi.so.1.0.0 +lib/libvarnishapi.so.1.0.4 lib/varnish/libvarnish.so lib/varnish/libvarnishcompat.so lib/varnish/libvcc.so
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201510191504.t9JF4V1r029513>