[pkg-lighttpd] r568 - lighttpd/trunk/debian
Arno Töll
atoell-guest at alioth.debian.org
Tue Dec 20 01:05:43 UTC 2011
Author: atoell-guest
Date: 2011-12-20 01:05:43 +0000 (Tue, 20 Dec 2011)
New Revision: 568
Added:
lighttpd/trunk/debian/lighttpd.service
lighttpd/trunk/debian/lighttpd.tmpfile.conf
Modified:
lighttpd/trunk/debian/changelog
lighttpd/trunk/debian/control
lighttpd/trunk/debian/lighttpd.init
lighttpd/trunk/debian/lighttpd.install
lighttpd/trunk/debian/lighttpd.postrm
Log:
Protect dangling symlink script by a check; integrate with systemd initialization; gracefully create /var/run/lighttpd in initscript
Modified: lighttpd/trunk/debian/changelog
===================================================================
--- lighttpd/trunk/debian/changelog 2011-12-19 00:28:43 UTC (rev 567)
+++ lighttpd/trunk/debian/changelog 2011-12-20 01:05:43 UTC (rev 568)
@@ -7,6 +7,7 @@
to change your configuration to mitigate effects of the attack. See the
corresponding NEWS file for details.
+ Count SSL renegotiations to prevent client renegotiations
+ * Urgency set to medium due to security updates.
* Adapt to dpkg 1.16.1 API changes regarding build flags. This enables
hardening build flags. This means, lighttpd is now being built with
-fstack-protector and other security related build flags.
@@ -17,8 +18,11 @@
/only/. This does not entirely fix the problem of the maintainer, but we can
not simply remove all files in /etc/lighttpd as other packages or the user
himself might have left configuration files back (Closes: #642494)
+ * Fix "please include systemd service file" Support systemd as alternative to
+ sysvinit, ship systemd and tempfiles.d configuration files. Thanks to
+ Michael Stapelberg for providing the required files (Closes: #652442)
- -- Arno Töll <debian at toell.net> Mon, 19 Dec 2011 01:28:10 +0100
+ -- Arno Töll <debian at toell.net> Tue, 20 Dec 2011 01:56:59 +0100
lighttpd (1.4.29-1) unstable; urgency=low
Modified: lighttpd/trunk/debian/control
===================================================================
--- lighttpd/trunk/debian/control 2011-12-19 00:28:43 UTC (rev 567)
+++ lighttpd/trunk/debian/control 2011-12-20 01:05:43 UTC (rev 568)
@@ -18,7 +18,8 @@
Package: lighttpd
Architecture: any
Depends: ${shlibs:Depends}, ${misc:Depends}, ${perl:Depends},
- lsb-base (>= 3.2-14), mime-support, libterm-readline-perl-perl
+ lsb-base (>= 3.2-14) | systemd (>= 29.1), mime-support,
+ libterm-readline-perl-perl
Provides: httpd, httpd-cgi
Suggests: openssl, rrdtool, apache2-utils
Recommends: spawn-fcgi
Modified: lighttpd/trunk/debian/lighttpd.init
===================================================================
--- lighttpd/trunk/debian/lighttpd.init 2011-12-19 00:28:43 UTC (rev 567)
+++ lighttpd/trunk/debian/lighttpd.init 2011-12-20 01:05:43 UTC (rev 568)
@@ -8,6 +8,9 @@
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: Start the lighttpd web server.
+# Description: Fast and smalle webserver with minimal memory footprint
+# developed with security in mind HTTP/1.1 compliant caching
+# proxy server.
### END INIT INFO
@@ -31,8 +34,11 @@
if [ "$1" != status ]; then
# be sure there is a /var/run/lighttpd, even with tmpfs
- mkdir --mode 750 --parents /var/run/lighttpd
- chown www-data:www-data /var/run/lighttpd
+ # The directory is defined as volatile and may thus be non-existing
+ # after a boot (DPM §9.3.2)
+ if ! dpkg-statoverride --list /var/run/lighttpd >/dev/null 2>&1; then
+ install -d -o www-data -g www-data -m 0750 "/var/run/lighttpd"
+ fi
fi
. /lib/lsb/init-functions
Modified: lighttpd/trunk/debian/lighttpd.install
===================================================================
--- lighttpd/trunk/debian/lighttpd.install 2011-12-19 00:28:43 UTC (rev 567)
+++ lighttpd/trunk/debian/lighttpd.install 2011-12-20 01:05:43 UTC (rev 568)
@@ -34,3 +34,5 @@
debian/use-ipv6.pl /usr/share/lighttpd/
debian/lighty-enable-mod /usr/sbin/
debian/index.html /usr/share/lighttpd/
+debian/lighttpd.service /lib/systemd/system/
+debian/lighttpd.tmpfile.conf /usr/lib/tmpfiles.d/
Modified: lighttpd/trunk/debian/lighttpd.postrm
===================================================================
--- lighttpd/trunk/debian/lighttpd.postrm 2011-12-19 00:28:43 UTC (rev 567)
+++ lighttpd/trunk/debian/lighttpd.postrm 2011-12-20 01:05:43 UTC (rev 568)
@@ -6,14 +6,17 @@
if [ "$1" = "purge" ]; then
rm -rf /var/log/lighttpd /var/run/lighttpd /var/cache/lighttpd
- # The loop below fixes #642494 (mostly)
- for link in /etc/lighttpd/conf-enabled/*.conf ; do
- target=$(readlink "$link")
- if [ ! -e "/etc/lighttpd/conf-enabled/$target" ] ; then
- echo "removing dangling symlink $link ..."
- rm -f $link
- fi
- done
+
+ if [ -d /etc/lighttpd/conf-enabled/ ] ; then
+ # The loop below fixes #642494 (mostly)
+ for link in /etc/lighttpd/conf-enabled/*.conf ; do
+ target=$(readlink "$link")
+ if [ ! -e "/etc/lighttpd/conf-enabled/$target" ] ; then
+ echo "removing dangling symlink $link ..."
+ rm -f $link
+ fi
+ done
+ fi
fi
#DEBHELPER#
Added: lighttpd/trunk/debian/lighttpd.service
===================================================================
--- lighttpd/trunk/debian/lighttpd.service (rev 0)
+++ lighttpd/trunk/debian/lighttpd.service 2011-12-20 01:05:43 UTC (rev 568)
@@ -0,0 +1,10 @@
+[Unit]
+Description=Lighttpd Daemon
+After=network.target
+
+[Service]
+ExecStartPre=/usr/sbin/lighttpd -t -f /etc/lighttpd/lighttpd.conf
+ExecStart=/usr/sbin/lighttpd -D -f /etc/lighttpd/lighttpd.conf
+
+[Install]
+WantedBy=multi-user.target
Added: lighttpd/trunk/debian/lighttpd.tmpfile.conf
===================================================================
--- lighttpd/trunk/debian/lighttpd.tmpfile.conf (rev 0)
+++ lighttpd/trunk/debian/lighttpd.tmpfile.conf 2011-12-20 01:05:43 UTC (rev 568)
@@ -0,0 +1 @@
+d /var/run/lighttpd 0750 www-data www-data -
More information about the pkg-lighttpd-maintainers
mailing list