[Pkg-drupal-commits] r2241 - in /branches/drupal7/debian: README.Debian changelog cron.sh etc/settings.php

luigi at users.alioth.debian.org luigi at users.alioth.debian.org
Wed Nov 2 18:17:47 UTC 2011 

Author: luigi
Date: Wed Nov  2 18:17:46 2011
New Revision: 2241

URL: http://svn.debian.org/wsvn/pkg-drupal/?sc=1&rev=2241
Log:
Added secret key in cron job (Closes: 639387, thanks to  Christoph Schindler)

Modified:
    branches/drupal7/debian/README.Debian
    branches/drupal7/debian/changelog
    branches/drupal7/debian/cron.sh
    branches/drupal7/debian/etc/settings.php

Modified: branches/drupal7/debian/README.Debian
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal7/debian/README.Debian?rev=2241&op=diff
==============================================================================
--- branches/drupal7/debian/README.Debian (original)
+++ branches/drupal7/debian/README.Debian Wed Nov  2 18:17:46 2011
@@ -8,10 +8,11 @@
 5.  Deleting the Drupal database
 6.  Changes to Apache 2 configuration
 7.  Securing your portal
-8.  Upgrading database from previous versions
-9.  Virtual hosts
-10. Additional themes and modules
-11. Privacy of session cookies
+8.  Set up independent "cron" maintenance jobs
+9.  Upgrading database from previous versions
+10.  Virtual hosts
+11. Additional themes and modules
+12. Privacy of session cookies
 
 A.  Customizing themes
 B.  Links for more support
@@ -112,7 +113,36 @@
 WARNING: be sure to _NOT_ remove the old package's database.
 
 
-8. Virtual hosts
+8. Set up independent "cron" maintenance jobs
+---------------------------------------------
+
+Many Drupal modules have tasks that must be run periodically, including the
+Search module (building and updating the index used for keyword searching), the
+Aggregator module (retrieving feeds from other sites), and the System module
+(performing routine maintenance and pruning of database tables). These tasks are
+known as "cron maintenance tasks", named after the Unix/Linux "cron" utility.
+
+When you install Drupal, its built-in cron feature is enabled, which automatically
+runs the cron tasks periodically, triggered by people visiting pages of your site.
+You can configure the built-in cron feature by navigating to
+
+  Administration > Configuration > System > Cron.
+
+It is also possible to run the cron tasks independent of site visits; this is
+recommended for most sites. To do this, you will need to set up an automated process
+to visit the page cron.php on your site, which executes the cron tasks.
+
+The URL of the cron.php page requires a "cron key" to protect against unauthorized access.
+Your site's cron key is automatically generated during installation and is specific to
+your site. The full URL of the page, with the cron key, is available in the "Cron
+maintenance tasks" section of the Status report page at Administration > Reports > Status
+report.
+
+To complete setup, add the cron key from the report above to the $cron_key variable
+in site's settings.php or cronkey.php under /etc/drupal/7/sites/<SITENAME>.
+
+
+9. Virtual hosts
 ----------------
 Drupal supports a setup with multiple virtual hosts. Each virtual host
 has its own configuration directory in /etc/drupal/7/sites/_virtualhost_.
@@ -127,8 +157,8 @@
 file.
 
 
-9. Additional modules and themes
---------------------------------
+10. Additional modules and themes
+---------------------------------
 
 Drupal looks for modules and themes in the modules/ and themes/
 subdirectories, respectively. However, it would be a bad idea to put
@@ -141,7 +171,7 @@
  # ln -s /usr/local/share/drupal/themes /usr/share/drupal7/themes/local
 
 
-10. Privacy of session cookies
+11. Privacy of session cookies
 ------------------------------
 
 Drupal does not set the secure flag for the session cookie in an https

Modified: branches/drupal7/debian/changelog
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal7/debian/changelog?rev=2241&op=diff
==============================================================================
--- branches/drupal7/debian/changelog (original)
+++ branches/drupal7/debian/changelog Wed Nov  2 18:17:46 2011
@@ -1,6 +1,9 @@
 drupal7 (7.9-1) UNRELEASED; urgency=low
 
   * New upstream release (Closes: #647168)
+
+  * debian/{cron.sh,README.Debian,etc/settings.php}
+    - Added secret key in cron job (Closes: 639387, thanks to  Christoph Schindler)
 
  -- Luigi Gangitano <luigi at debian.org>  Wed, 02 Nov 2011 18:48:16 +0100
 

Modified: branches/drupal7/debian/cron.sh
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal7/debian/cron.sh?rev=2241&op=diff
==============================================================================
--- branches/drupal7/debian/cron.sh (original)
+++ branches/drupal7/debian/cron.sh Wed Nov  2 18:17:46 2011
@@ -1,5 +1,4 @@
 #!/bin/sh
-# $Id: cron.sh 1878 2008-02-12 10:56:45Z luigi $
 
 for site in /etc/drupal/7/sites/* ; do
 	BASE_URL=""
@@ -10,10 +9,19 @@
 			[ "X$BASE_URL" != "X" ] && break
 		done
 
+		for file in $site/cronkey.php $site/settings.php; do
+			[ -f "$file" ] && CRON_KEY=`grep '^$cron_key' $file | cut -d"'" -f2`
+			[ "X$CRON_KEY" != "X" ] && break
+		done
+
 		if [ "X$BASE_URL" = "X" ] ; then
 			BASE_URL='http://localhost/drupal7'
 		fi
 
-		curl --fail --silent --compressed --location $BASE_URL/cron.php
+		if [ "X$CRON_KEY" = "X" ] ; then
+			curl --fail --silent --compressed --location $BASE_URL/cron.php
+		else
+			curl --fail --silent --compressed --location $BASE_URL/cron.php?cron_key=$CRON_KEY
+		fi
 	fi
 done

Modified: branches/drupal7/debian/etc/settings.php
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal7/debian/etc/settings.php?rev=2241&op=diff
==============================================================================
--- branches/drupal7/debian/etc/settings.php (original)
+++ branches/drupal7/debian/etc/settings.php Wed Nov  2 18:17:46 2011
@@ -238,6 +238,20 @@
 	include_once('baseurl.php');
 
 /**
+ * Cron Key (optional).
+ *
+ * A cron key is generated at installation time to secure access to the cron.php
+ * maintenance script. Debian package automatically executes the cron script for
+ * each installed sites in drupal7. To complete setup a $cron_key variable must be
+ * defined here or in a cronkey.php file.
+ *
+ * Example:
+ *   $cron_key = '<cron_key>';
+ *
+ */
+# $cron_key = '<cron_key>';
+
+/**
  * PHP settings:
  *
  * To see what PHP settings are possible, including whether they can be set at

More information about the Pkg-drupal-commits mailing list