[gentoo-commits] repo/gentoo:master commit in: www-servers/nginx/, eclass/

Thu, 02 Oct 2025 21:52:24 -0700 

commit:     90988a3d0b1b7f3a12f0df6437cfcbae4e78b83d
Author:     Zurab Kvachadze <zurabid2016 <AT> gmail <DOT> com>
AuthorDate: Wed Sep 17 10:42:51 2025 +0000
Commit:     Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Fri Oct  3 04:51:33 2025 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=90988a3d

eclass/nginx.eclass: change /var/tmp -> /var/cache + use new tmpfiles

This commit changes of the default location of NGINX temporary files
from /var/tmp/nginx (world-writable) to /var/cache/nginx
(root-writable).

Additionally, this revbumps all www-servers/nginx
consumers of nginx.eclass to use the new nginx-r1.tmpfiles, where the
path is updated accordingly.

This fixes 962961 by specifying that the cache directory should only be
pruned on boot, i.e. tmpfiles (even with --remove option) will not
delete the temporary files of *running* NGINX.

Closes: https://bugs.gentoo.org/962961
Signed-off-by: Zurab Kvachadze <zurabid2016 <AT> gmail.com>
Part-of: https://github.com/gentoo/gentoo/pull/43823
Closes: https://github.com/gentoo/gentoo/pull/43823
Signed-off-by: Sam James <sam <AT> gentoo.org>

 eclass/nginx.eclass                                               | 8 ++------
 .../nginx/{nginx-1.28.0-r1.ebuild => nginx-1.28.0-r2.ebuild}      | 3 +--
 .../nginx/{nginx-1.29.0-r3.ebuild => nginx-1.29.0-r4.ebuild}      | 3 +--
 .../nginx/{nginx-1.29.1-r1.ebuild => nginx-1.29.1-r2.ebuild}      | 3 +--
 www-servers/nginx/nginx-9999.ebuild                               | 3 +--
 5 files changed, 6 insertions(+), 14 deletions(-)

diff --git a/eclass/nginx.eclass b/eclass/nginx.eclass
index b8992d32875a..8d5272f3acdc 100644
--- a/eclass/nginx.eclass
+++ b/eclass/nginx.eclass
@@ -612,7 +612,7 @@ nginx_src_configure() {
                conf="${conf%%-temp-path*}"
                conf="${conf#--http-}"
                nginx_flags+=(
-                       
"--http-${conf}-temp-path=${EPREFIX}/var/tmp/nginx/${conf//-/_}_temp"
+                       
"--http-${conf}-temp-path=${EPREFIX}/var/cache/nginx/${conf//-/_}_temp"
                )
        done < <(econf_ngx --help 2>/dev/null | grep -E -- 
'--http-([A-Za-z]+-?)+-temp-path')
        unset conf _txt
@@ -939,11 +939,7 @@ nginx_pkg_postinst() {
        local file
        for file in "${NGINX_MISC_FILES[@]}"; do
                if [[ ${file} == *.tmpfiles ]]; then
-                       # NGINX wrtites to /var/tmp/nginx as root during 
startup, therefore
-                       # we abuse tmpfiles_process to pass the '--remove' 
option.
-                       # This is done in order to clean possibly non-empty 
/var/tmp/nginx
-                       # directory in world-writable /var/tmp.
-                       tmpfiles_process --remove "${PN}-tmp.conf"
+                       tmpfiles_process "${PN}-tmp.conf"
                        break
                fi
        done

diff --git a/www-servers/nginx/nginx-1.28.0-r1.ebuild 
b/www-servers/nginx/nginx-1.28.0-r2.ebuild
similarity index 93%
rename from www-servers/nginx/nginx-1.28.0-r1.ebuild
rename to www-servers/nginx/nginx-1.28.0-r2.ebuild
index fdf6369c9c0d..f5bb6269ab24 100644
--- a/www-servers/nginx/nginx-1.28.0-r1.ebuild
+++ b/www-servers/nginx/nginx-1.28.0-r2.ebuild
@@ -22,8 +22,7 @@ NGINX_MODULES=(
 NGINX_UPDATE_STREAM=stable
 NGINX_TESTS_COMMIT=06a36245e134eac985cdfc5fac982cb149f61412
 NGINX_MISC_FILES=(
-       nginx-{r2.logrotate,r2.service,r4.conf,r6.initd,r1.confd}
-       nginx.tmpfiles
+       nginx-{r2.logrotate,r2.service,r4.conf,r6.initd,r1.confd,r1.tmpfiles}
 )
 
 inherit nginx

diff --git a/www-servers/nginx/nginx-1.29.0-r3.ebuild 
b/www-servers/nginx/nginx-1.29.0-r4.ebuild
similarity index 93%
rename from www-servers/nginx/nginx-1.29.0-r3.ebuild
rename to www-servers/nginx/nginx-1.29.0-r4.ebuild
index c8c26b2c1040..142e90ee2258 100644
--- a/www-servers/nginx/nginx-1.29.0-r3.ebuild
+++ b/www-servers/nginx/nginx-1.29.0-r4.ebuild
@@ -22,8 +22,7 @@ NGINX_MODULES=(
 NGINX_UPDATE_STREAM=mainline
 NGINX_TESTS_COMMIT=7f1e88e10dca8e4c135ab9e688df0c2484091125
 NGINX_MISC_FILES=(
-       nginx-{r2.logrotate,r2.service,r4.conf,r6.initd,r1.confd}
-       nginx.tmpfiles
+       nginx-{r2.logrotate,r2.service,r4.conf,r6.initd,r1.confd,r1.tmpfiles}
 )
 
 inherit nginx

diff --git a/www-servers/nginx/nginx-1.29.1-r1.ebuild 
b/www-servers/nginx/nginx-1.29.1-r2.ebuild
similarity index 93%
rename from www-servers/nginx/nginx-1.29.1-r1.ebuild
rename to www-servers/nginx/nginx-1.29.1-r2.ebuild
index f58e1c861227..ae0f6a6065a8 100644
--- a/www-servers/nginx/nginx-1.29.1-r1.ebuild
+++ b/www-servers/nginx/nginx-1.29.1-r2.ebuild
@@ -22,8 +22,7 @@ NGINX_MODULES=(
 NGINX_UPDATE_STREAM=mainline
 NGINX_TESTS_COMMIT=06a36245e134eac985cdfc5fac982cb149f61412
 NGINX_MISC_FILES=(
-       nginx-{r2.logrotate,r2.service,r4.conf,r6.initd,r1.confd}
-       nginx.tmpfiles
+       nginx-{r2.logrotate,r2.service,r4.conf,r6.initd,r1.confd,r1.tmpfiles}
 )
 
 inherit nginx

diff --git a/www-servers/nginx/nginx-9999.ebuild 
b/www-servers/nginx/nginx-9999.ebuild
index 7aa37d32b67c..20d76192d5e8 100644
--- a/www-servers/nginx/nginx-9999.ebuild
+++ b/www-servers/nginx/nginx-9999.ebuild
@@ -22,8 +22,7 @@ NGINX_MODULES=(
 NGINX_UPDATE_STREAM=live
 NGINX_TESTS_COMMIT=live
 NGINX_MISC_FILES=(
-       nginx-{r2.logrotate,r2.service,r4.conf,r6.initd,r1.confd}
-       nginx.tmpfiles
+       nginx-{r2.logrotate,r2.service,r4.conf,r6.initd,r1.confd,r1.tmpfiles}
 )
 
 inherit nginx

Reply via email to