← Back to branch summary

~ubuntu-branches/ubuntu/karmic/apache2/karmic-security 

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352

#! /usr/bin/make -f 

# Code for httpd 2.1, based on apache2 and others.
# Copyright (C) Canonical Ltd, 2005

export DEB_BUILD_HARDENING=1
export DEB_BUILD_OPTIONS
export DH_OPTIONS

SHELL := sh -e

#enable dpatch
include /usr/share/dpatch/dpatch.make

# These are used for cross-compiling and for saving the configure script
# # from having to guess our platform (since we know it already)
DEB_HOST_GNU_TYPE   ?= $(shell dpkg-architecture -qDEB_HOST_GNU_TYPE)
DEB_BUILD_GNU_TYPE  ?= $(shell dpkg-architecture -qDEB_BUILD_GNU_TYPE)

LSB_RELEASE := $(shell lsb_release -i -s)

CONFFLAGS += ac_cv_prog_AWK=mawk ac_cv_prog_LYNX_PATH=www-browser

AP2_COMMON_CONFARGS = --enable-layout=Debian --enable-so \
                      --with-program-name=apache2  \
		      --with-ldap=yes --with-ldap-include=/usr/include \
		      --with-ldap-lib=/usr/lib \
		      --with-suexec-caller=www-data \
		      --with-suexec-bin=/usr/lib/apache2/suexec \
	  	      --with-suexec-docroot=/var/www \
		      --with-suexec-userdir=public_html \
		      --with-suexec-logfile=/var/log/apache2/suexec.log \
		      --with-suexec-uidmin=100 \
		      --enable-suexec=shared \
		      --enable-log-config=static --enable-logio=static \
		      --with-apr=/usr/bin/apr-1-config \
		      --with-apr-util=/usr/bin/apu-1-config \
		      --with-pcre=yes

AP2_MODS_CONFARGS =   --enable-authn-alias=shared --enable-authnz-ldap=shared  \
		      --enable-disk-cache=shared --enable-cache=shared \
		      --enable-mem-cache=shared --enable-file-cache=shared \
		      --enable-cern-meta=shared --enable-dumpio=shared --enable-ext-filter=shared \
		      --enable-charset-lite=shared --enable-cgi=shared \
		      --enable-dav-lock=shared --enable-log-forensic=shared \
		      --enable-ldap=shared --enable-proxy=shared \
		      --enable-proxy-connect=shared --enable-proxy-ftp=shared \
		      --enable-proxy-http=shared --enable-proxy-ajp=shared \
		      --enable-proxy-balancer=shared --enable-ssl=shared \
		      --enable-authn-dbm=shared --enable-authn-anon=shared \
		      --enable-authn-dbd=shared --enable-authn-file=shared \
		      --enable-authn-default=shared --enable-authz-host=shared \
		      --enable-authz-groupfile=shared --enable-authz-user=shared \
		      --enable-authz-dbm=shared --enable-authz-owner=shared \
		      --enable-authnz-ldap=shared --enable-authz-default=shared \
		      --enable-auth-basic=shared --enable-auth-digest=shared \
		      --enable-dbd=shared --enable-deflate=shared \
		      --enable-include=shared --enable-filter=shared \
		      --enable-env=shared --enable-mime-magic=shared \
		      --enable-expires=shared --enable-headers=shared \
		      --enable-ident=shared --enable-usertrack=shared \
		      --enable-unique-id=shared --enable-setenvif=shared \
		      --enable-version=shared --enable-status=shared \
		      --enable-autoindex=shared --enable-asis=shared \
		      --enable-info=shared --enable-cgid=shared \
		      --enable-dav=shared --enable-dav-fs=shared \
		      --enable-vhost-alias=shared --enable-negotiation=shared \
		      --enable-dir=shared --enable-imagemap=shared \
		      --enable-actions=shared --enable-speling=shared \
		      --enable-userdir=shared --enable-alias=shared \
		      --enable-rewrite=shared --enable-mime=shared \
		      --enable-substitute=shared

AP2_CFLAGS = $(CFLAGS) -g -pipe -I/usr/include/xmltok -I/usr/include/openssl -Wall
AP2_LDFLAGS = -Wl,--as-needed

#support noopt building
ifneq (,$(findstring noopt,$(DEB_BUILD_OPTIONS)))
  AP2_CFLAGS += -O0
else
  AP2_CFLAGS += -O2
endif

ifeq (,$(findstring nostrip,$(DEB_BUILD_OPTIONS)))
DEB_BUILD_STRIP = yes
endif

ifneq (,$(filter parallel=%,$(DEB_BUILD_OPTIONS)))
  NUMJOBS = $(patsubst parallel=%,%,$(filter parallel=%,$(DEB_BUILD_OPTIONS)))
  MAKEFLAGS += -j$(NUMJOBS)
endif

BUILD=debian/build-tree
REALCURDIR=$(CURDIR)
INSTALL=/usr/bin/install

clean: unpatch
	dh_testdir
	dh_clean
	rm -rf $(BUILD) mpm-worker mpm-prefork mpm-event install build-mpms
	rm -f debian/apache2-mpm-worker.postinst debian/apache2-mpm-worker.preinst debian/apache2-mpm-worker.prerm
	rm -f debian/apache2-mpm-event.postinst debian/apache2-mpm-event.preinst debian/apache2-mpm-event.prerm
	rm -f debian/apache2-mpm-prefork.prerm
	for i in `ls debian/icons/ | cut -d. -f1,2`; do \
		rm -f debian/tmp/usr/share/apache2/icons/$$i; \
	done

build: patch-stamp build-mpms 
build-mpms: mpm-worker mpm-prefork mpm-event
	for mpm in prefork event ; do \
		if ! diff -u $(BUILD)/$$mpm/mods.list $(BUILD)/worker/mods.list ; then \
			echo Different modules built into httpd binaries, will not proceed ;\
			exit 1 ;\
		fi \
	done
	touch $@


mpm-worker: patch-stamp
	dh_testdir
	mkdir -p $(BUILD)/worker
	cd $(BUILD)/worker ;\
	CFLAGS="$(AP2_CFLAGS)" LDFLAGS="$(AP2_LDFLAGS)" $(CONFFLAGS) $(REALCURDIR)/configure --srcdir=$(REALCURDIR) $(AP2_COMMON_CONFARGS) $(AP2_MODS_CONFARGS) --with-mpm=worker  ;\
	$(MAKE) ;\
	./apache2 -l |grep -v worker > mods.list
	touch $@

mpm-%: patch-stamp
	dh_testdir
	mkdir -p $(BUILD)/$*
	cd $(BUILD)/$* ;\
	CFLAGS="$(AP2_CFLAGS)" LDFLAGS="$(AP2_LDFLAGS)" $(CONFFLAGS) $(REALCURDIR)/configure --srcdir=$(REALCURDIR) $(AP2_COMMON_CONFARGS) --enable-modules=none --with-mpm=$*  ;\
	$(MAKE) ;\
	./apache2 -l |grep -v $* > mods.list
	touch $@

install-%: mpm-%
	dh_testdir
	dh_testroot
	dh_installdirs
	cd $(BUILD)/$* ;\
	$(MAKE) DESTDIR=$(REALCURDIR)/debian/apache2-mpm-$* install

install-common: install-worker
	dh_testdir
	dh_testroot
	dh_installdirs
	cd $(BUILD)/worker ;\
	$(MAKE) DESTDIR=$(REALCURDIR)/debian/tmp install

install-dev: install-worker install-prefork
	dh_testdir
	dh_testroot
	dh_installdirs

	for i in worker prefork; do \
		if [ "$$i" = "prefork" ]; then \
			TARGET=prefork ;\
		else \
			TARGET=threaded ;\
		fi ;\
		cp debian/apache2-mpm-$$i/usr/include/apache2/* debian/apache2-$$TARGET-dev/usr/include/apache2/ ;\
		cp debian/apache2-mpm-$$i/usr/share/apache2/build/* debian/apache2-$$TARGET-dev/usr/share/apache2/build/ ;\
		cp $(BUILD)/$$i/support/apxs debian/apache2-$$TARGET-dev/usr/bin/apxs2 ;\
	done
# Clean up config_vars.mk
	set -x ; for i in threaded prefork; do \
		( cd debian/apache2-$$i-dev/usr/share/apache2/build/ ; \
		grep -v -E '(^|_)(CPP|C)FLAGS' config_vars.mk > tmp_config_vars.mk ; \
		printf "CPPFLAGS = %s\n" "`grep -E '(^|_)(CPPFLAGS|INCLUDES)' config_vars.mk | cut -d= -f 2- | tr ' ' '\n' | grep -E '^-([DI]|pthread)' | sort | uniq | tr '\n' ' '`" >> tmp_config_vars.mk ; \
		printf "CFLAGS = %s\n" "`grep -E '(^|_)(CPPFLAGS|CFLAGS|INCLUDES)' config_vars.mk | cut -d= -f 2- | tr ' ' '\n' | grep -E '^-(D|I/|pthread)'  | sort | uniq | tr '\n' ' '`" >> tmp_config_vars.mk ; \
		printf "NOTEST_CPPFLAGS = \n" >> tmp_config_vars.mk ; \
		printf "EXTRA_CPPFLAGS = \n" >> tmp_config_vars.mk ; \
		printf "EXTRA_CFLAGS = \n" >> tmp_config_vars.mk ; \
		mv tmp_config_vars.mk config_vars.mk ) ; \
	done

install-src: build-mpms
	dh_testdir
	dh_testroot
	dh_installdirs
	mkdir -p debian/apache2-src/tmp/apache2
	find -mindepth 1 -maxdepth 1 -not -name debian -print0 | tar cf - --null -T - | (cd debian/apache2-src/tmp/apache2 && tar xf -)
	for i in prefork worker event; do \
	  cp debian/build-tree/$$i/config.nice debian/apache2-src/tmp/apache2/config.nice.$$i ; \
	done
	cd debian/apache2-src/tmp/ && tar czf ../usr/src/apache2.tar.gz apache2
	rm -rf debian/apache2-src/tmp

install: build install-worker install-prefork install-common install-dev install-src
	dh_testroot
	dh_testdir

	#cleanup of death
	rm -rf debian/tmp/etc/apache2/original
	rm -rf debian/tmp/usr/include
	rm -rf debian/tmp/usr/share/apache2/build
	rm -f debian/tmp/usr/share/man/man8/httpd.8 # We install our own
	rm -f debian/tmp/usr/sbin/apxs debian/tmp/usr/sbin/apache2

	# DO NOT FALL FOR THE TEMPTATION TO MV INTO PACKAGES OR DOOM
	# WILL FIND YOU.  Use dh_install, this is just because dh_install
	# can't rename files

	mv debian/tmp/usr/share/man/man8/apxs.8 debian/tmp/usr/share/man/man8/apxs2.8
	mv debian/tmp/usr/sbin/apachectl debian/tmp/usr/sbin/apache2ctl
	mv debian/tmp/usr/share/man/man8/apachectl.8 debian/tmp/usr/share/man/man8/apache2ctl.8
	mkdir -p debian/tmp/usr/share/apache2/icons/
	for i in `ls debian/icons/ | cut -d. -f1,2`; do \
		uudecode -o debian/tmp/usr/share/apache2/icons/$$i debian/icons/$$i".uue"; \
	done

	dh_install --list-missing --sourcedir=debian/tmp
# --sourcedir=$(REALCURDIR)/debian/apache2.2-common

	cp debian/bash_completion debian/apache2.2-common/etc/bash_completion.d/apache2.2-common
	install -m755 debian/apache2.2-common.bug.script debian/apache2.2-common/usr/share/bug/apache2.2-common/script
	install -m644 debian/apache2.2-common.bug.control debian/apache2.2-common/usr/share/bug/apache2.2-common/control
	install -m644 debian/apache2.2-common.ufw.profile debian/apache2.2-common/etc/ufw/applications.d/apache2.2-common

	# standard suexec
	chmod 4754 debian/apache2-suexec/usr/lib/apache2/suexec 
	chgrp www-data debian/apache2-suexec/usr/lib/apache2/suexec

	chmod 644 debian/apache2.2-common/usr/lib/apache2/modules/mod_suexec.so

	# configurable suexec
	mkdir -p debian/apache2-suexec-custom/usr/lib/apache2 debian/apache2-suexec-custom/etc/apache2/suexec
	cp debian/build-tree/worker/support/suexec-custom debian/apache2-suexec-custom/usr/lib/apache2/suexec
	cp debian/suexec-custom.config debian/apache2-suexec-custom/etc/apache2/suexec/www-data
	chmod 4754 debian/apache2-suexec-custom/usr/lib/apache2/suexec 
	chgrp www-data debian/apache2-suexec-custom/usr/lib/apache2/suexec

	cp debian/apache2-doc.conf debian/apache2-doc/etc/apache2/conf.d/apache2-doc
	grep -rl apachectl debian/apache2-doc/usr/share/doc/apache2-doc/manual | xargs perl -p -i -e 's/apachectl(?!\.html)/apache2ctl/g'
	# remove content negotiation
	mv debian/apache2-doc/usr/share/doc/apache2-doc/manual \
		debian/apache2-doc/usr/share/doc/apache2-doc/manual.orig
	perl debian/convert_docs debian/apache2-doc/usr/share/doc/apache2-doc/manual.orig \
		debian/apache2-doc/usr/share/doc/apache2-doc/manual
	mv debian/apache2-doc/usr/share/doc/apache2-doc/manual.orig/images \
		debian/apache2-doc/usr/share/doc/apache2-doc/manual.orig/style \
		debian/apache2-doc/usr/share/doc/apache2-doc/manual
	rmdir debian/apache2-doc/usr/share/doc/apache2-doc/manual/style/lang
	rmdir debian/apache2-doc/usr/share/doc/apache2-doc/manual/style/xsl/util
	rmdir debian/apache2-doc/usr/share/doc/apache2-doc/manual/style/xsl
	rm -r debian/apache2-doc/usr/share/doc/apache2-doc/manual.orig

	#apache2-utils extras
	cp support/check_forensic debian/apache2-utils/usr/sbin/check_forensic
	cp debian/check_forensic.8 debian/apache2-utils/usr/share/man/man8/check_forensic.8
	cp debian/checkgid.8 debian/apache2-utils/usr/share/man/man8/checkgid.8
	cp $(BUILD)/worker/support/split-logfile debian/apache2-utils/usr/sbin/split-logfile
	chmod 755 debian/apache2-utils/usr/sbin/split-logfile

	cp -a debian/config-dir/* debian/apache2.2-common/etc/apache2
	cp debian/logrotate debian/apache2.2-common/etc/logrotate.d/apache2
	
	install -m755 debian/a2enmod debian/apache2.2-common/usr/sbin
	ln -s a2enmod debian/apache2.2-common/usr/sbin/a2dismod
	ln -s a2enmod debian/apache2.2-common/usr/sbin/a2ensite
	ln -s a2enmod debian/apache2.2-common/usr/sbin/a2dissite
	cp debian/default-index.html debian/apache2.2-common/usr/share/apache2/default-site/index.html
	for i in worker event; do \
		install -m755 debian/mpm-postinst-threaded debian/apache2-mpm-$$i.postinst ;\
		install -m755 debian/mpm-preinst-threaded debian/apache2-mpm-$$i.preinst;\
		install -m755 debian/mpms.prerm debian/apache2-mpm-$$i.prerm ;\
	done
	install -m755 debian/mpms.prerm debian/apache2-mpm-prefork.prerm

	for i in worker prefork event; do \
		rm -rf debian/apache2-mpm-$$i/ ;\
		mkdir -p debian/apache2-mpm-$$i/usr/sbin ;\
		mkdir -p debian/apache2-mpm-$$i/usr/share/lintian/overrides ;\
		mkdir -p debian/apache2-mpm-$$i/usr/share/bug/apache2-mpm-$$i ;\
		install -m 755 $(BUILD)/$$i/apache2 debian/apache2-mpm-$$i/usr/sbin/apache2 ;\
		if [ "$(LSB_RELEASE)" != "Ubuntu" ] && [ -n "$(DEB_BUILD_STRIP)" ] ; then \
			objcopy --only-keep-debug debian/apache2-mpm-$$i/usr/sbin/apache2 debian/apache2-dbg/usr/lib/debug/usr/sbin/apache2-mpm-$$i ;\
			chmod 644 debian/apache2-dbg/usr/lib/debug/usr/sbin/apache2-mpm-$$i ;\
			dh_strip -papache2-mpm-$$i ;\
			objcopy --add-gnu-debuglink=debian/apache2-dbg/usr/lib/debug/usr/sbin/apache2-mpm-$$i debian/apache2-mpm-$$i/usr/sbin/apache2 ;\
		fi ;\
		perl -p -e "s/^/apache2-mpm-$$i: /" < debian/mpms.lintian-overrides > debian/apache2-mpm-$$i/usr/share/lintian/overrides/apache2-mpm-$$i ;\
		ln -s ../apache2.2-common/script debian/apache2-mpm-$$i/usr/share/bug/apache2-mpm-$$i ;\
	done

	for pkg in `awk '/^Package:/ { print $$2 }' debian/control`; do \
		find debian/$$pkg/ -name .svn -exec rm -rf {} + ; \
	done

	touch $@

binary-indep: install
	dh_testdir -i
	dh_testroot -i 
	dh_installdirs -i
	dh_installdocs -i
	ln -sf ../apache2.2-common/README.Debian.gz debian/apache2/usr/share/doc/apache2/
	mkdir -p debian/apache2/usr/share/bug/apache2
	ln -sf ../apache2.2-common/script debian/apache2/usr/share/bug/apache2
	install -m644 debian/apache2.bug.control debian/apache2/usr/share/bug/apache2/control
	cp debian/README.Debian debian/apache2-doc/usr/share/doc/apache2-doc/
	dh_installchangelogs -i CHANGES -Napache2 -Napache2-suexec -Napache2-suexec-custom
	dh_installchangelogs -papache2 -papache2-suexec -papache2-suexec-custom
	dh_lintian -i
	dh_compress -i
	dh_fixperms -i -Xsuexec
	dh_installdeb -i
	dh_gencontrol -i
	dh_md5sums -i
	dh_builddeb -i

binary-arch: install
	dh_testdir -a
	dh_testroot -a 
	dh_installdirs -a
	dh_installdocs -a debian/README.backtrace
	# always compress to make the symlink work
	gzip -9 debian/apache2.2-common/usr/share/doc/apache2.2-common/README.Debian
	dh_installman -a
	dh_installchangelogs -a CHANGES
	dh_lintian -a
	rm -f debian/apache2-dbg/usr/share/doc/apache2-dbg/changelog
	rm -f debian/apache2-dbg/usr/share/doc/apache2-dbg/NEWS.Debian
	rm -f debian/apache2-utils/usr/share/doc/apache2-utils/NEWS.Debian
	dh_installinit -a --no-start -r --name=apache2 -- defaults 91 09
	dh_installcron -a -r --name=apache2
	if [ "$(LSB_RELEASE)" = "Ubuntu" ]; then \
		dh_strip -a; \
	else \
		dh_strip -a --dbg-package=apache2-dbg -Napache2-mpm-worker -Napache2-mpm-event -Napache2-mpm-prefork -Napache2-dbg; \
	fi
	dh_link -a
	dh_compress -a
	dh_fixperms -a -Xsuexec
	chown -R www-data:www-data debian/apache2.2-common/var/cache/apache2
	chown root:adm debian/apache2.2-common/var/log/apache2
	chmod o-rx debian/apache2.2-common/var/log/apache2
	dh_makeshlibs -a -V
	dh_installdeb -a
	dh_shlibdeps -a
	dh_gencontrol -a
	dh_md5sums -a
	if [ "$(LSB_RELEASE)" = "Ubuntu" ]; then \
		rm -rf debian/apache2-dbg; \
		sed -i '/apache2-dbg/d' debian/files; \
		dh_builddeb -a -Napache2-dbg; \
	else \
		dh_builddeb -a; \
	fi

binary: binary-arch binary-indep