Added the proposed changes by Marc. The rule $(STATEDIR)/boa.install cannot be removed because boa has no install rule in it's Makefile
Alexander --- generic/etc/boa/boa.conf | 183 ++++++++++++++++++++++++++++ generic/etc/init.d/boa | 23 ++++ patches/boa-0.94.13/drop-privilege.patch | 23 ++++ patches/boa-0.94.13/fix-preprocessor.patch | 30 +++++ patches/boa-0.94.13/series | 2 + rules/boa.in | 22 ++++ rules/boa.make | 93 ++++++++++++++ 7 files changed, 376 insertions(+), 0 deletions(-) create mode 100644 generic/etc/boa/boa.conf create mode 100644 generic/etc/init.d/boa create mode 100644 patches/boa-0.94.13/drop-privilege.patch create mode 100644 patches/boa-0.94.13/fix-preprocessor.patch create mode 100644 patches/boa-0.94.13/series create mode 100644 rules/boa.in create mode 100644 rules/boa.make diff --git a/generic/etc/boa/boa.conf b/generic/etc/boa/boa.conf new file mode 100644 index 0000000..8e4b050 --- /dev/null +++ b/generic/etc/boa/boa.conf @@ -0,0 +1,183 @@ +# Boa v0.94 configuration file +# File format has not changed from 0.93 +# File format has changed little from 0.92 +# version changes are noted in the comments +# +# The Boa configuration file is parsed with a lex/yacc or flex/bison +# generated parser. If it reports an error, the line number will be +# provided; it should be easy to spot. The syntax of each of these +# rules is very simple, and they can occur in any order. Where possible +# these directives mimic those of NCSA httpd 1.3; I saw no reason to +# introduce gratuitous differences. + +# $Id: boa.conf,v 1.2 2001/09/25 03:28:31 jnelson Exp $ + +# The "ServerRoot" is not in this configuration file. It can be compiled +# into the server (see defines.h) or specified on the command line with +# the -c option, for example: +# +# boa -c /usr/local/boa + + +# Port: The port Boa runs on. The default port for http servers is 80. +# If it is less than 1024, the server must be started as root. + +Port 80 + +# Listen: the Internet address to bind(2) to. If you leave it out, +# it takes the behavior before 0.93.17.2, which is to bind to all +# addresses (INADDR_ANY). You only get one "Listen" directive, +# if you want service on multiple IP addresses, you have three choices: +# 1. Run boa without a "Listen" directive +# a. All addresses are treated the same; makes sense if the addresses +# are localhost, ppp, and eth0. +# b. Use the VirtualHost directive below to point requests to different +# files. Should be good for a very large number of addresses (web +# hosting clients). +# 2. Run one copy of boa per IP address, each has its own configuration +# with a "Listen" directive. No big deal up to a few tens of addresses. +# Nice separation between clients. +# The name you provide gets run through inet_aton(3), so you have to use dotted +# quad notation. This configuration is too important to trust some DNS. + +#Listen 192.68.0.5 + +# User: The name or UID the server should run as. +# Group: The group name or GID the server should run as. + +User nobody +Group nobody + +# ServerAdmin: The email address where server problems should be sent. +# Note: this is not currently used, except as an environment variable +# for CGIs. + +#ServerAdmin r...@localhost + +# ErrorLog: The location of the error log file. If this does not start +# with /, it is considered relative to the server root. +# Set to /dev/null if you don't want errors logged. +# If unset, defaults to /dev/stderr + +ErrorLog /var/log/boa/error_log +# Please NOTE: Sending the logs to a pipe ('|'), as shown below, +# is somewhat experimental and might fail under heavy load. +# "Usual libc implementations of printf will stall the whole +# process if the receiving end of a pipe stops reading." +#ErrorLog "|/usr/sbin/cronolog --symlink=/var/log/boa/error_log /var/log/boa/error-%Y%m%d.log" + +# AccessLog: The location of the access log file. If this does not +# start with /, it is considered relative to the server root. +# Comment out or set to /dev/null (less effective) to disable +# Access logging. + +AccessLog /var/log/boa/access_log +# Please NOTE: Sending the logs to a pipe ('|'), as shown below, +# is somewhat experimental and might fail under heavy load. +# "Usual libc implementations of printf will stall the whole +# process if the receiving end of a pipe stops reading." +#AccessLog "|/usr/sbin/cronolog --symlink=/var/log/boa/access_log /var/log/boa/access-%Y%m%d.log" + +# VerboseCGILogs: this is just a logical switch. +# It simply notes the start and stop times of cgis in the error log +# Comment out to disable. + +#VerboseCGILogs + +# ServerName: the name of this server that should be sent back to +# clients if different than that returned by gethostname + gethostbyname + +#ServerName www.your.org.here + +# VirtualHost: a logical switch. +# Comment out to disable. +# Given DocumentRoot /var/www, requests on interface 'A' or IP 'IP-A' +# become /var/www/IP-A. +# Example: http://localhost/ becomes /var/www/127.0.0.1 +# +# Not used until version 0.93.17.2. This "feature" also breaks commonlog +# output rules, it prepends the interface number to each access_log line. +# You are expected to fix that problem with a postprocessing script. + +#VirtualHost + +# DocumentRoot: The root directory of the HTML documents. +# Comment out to disable server non user files. + +DocumentRoot /home/httpd/html + +# UserDir: The name of the directory which is appended onto a user's home +# directory if a ~user request is recieved. + +UserDir public_html + +# DirectoryIndex: Name of the file to use as a pre-written HTML +# directory index. Please MAKE AND USE THESE FILES. On the +# fly creation of directory indexes can be _slow_. +# Comment out to always use DirectoryMaker + +DirectoryIndex index.html + +# DirectoryMaker: Name of program used to create a directory listing. +# Comment out to disable directory listings. If both this and +# DirectoryIndex are commented out, accessing a directory will give +# an error (though accessing files in the directory are still ok). + +DirectoryMaker /usr/lib/boa/boa_indexer + +# DirectoryCache: If DirectoryIndex doesn't exist, and DirectoryMaker +# has been commented out, the the on-the-fly indexing of Boa can be used +# to generate indexes of directories. Be warned that the output is +# extremely minimal and can cause delays when slow disks are used. +# Note: The DirectoryCache must be writable by the same user/group that +# Boa runs as. + +# DirectoryCache /var/spool/boa/dircache + +# KeepAliveMax: Number of KeepAlive requests to allow per connection +# Comment out, or set to 0 to disable keepalive processing + +KeepAliveMax 1000 + +# KeepAliveTimeout: seconds to wait before keepalive connection times out + +KeepAliveTimeout 10 + +# MimeTypes: This is the file that is used to generate mime type pairs +# and Content-Type fields for boa. +# Set to /dev/null if you do not want to load a mime types file. +# Do *not* comment out (better use AddType!) + +MimeTypes /etc/mime.types + +# DefaultType: MIME type used if the file extension is unknown, or there +# is no file extension. + +DefaultType text/plain + +# AddType: adds types without editing mime.types +# Example: AddType type extension [extension ...] + +# Uncomment the next line if you want .cgi files to execute from anywhere +#AddType application/x-httpd-cgi cgi + +# Redirect, Alias, and ScriptAlias all have the same semantics -- they +# match the beginning of a request and take appropriate action. Use +# Redirect for other servers, Alias for the same server, and ScriptAlias +# to enable directories for script execution. + +# Redirect allows you to tell clients about documents which used to exist in +# your server's namespace, but do not anymore. This allows you to tell the +# clients where to look for the relocated document. +# Example: Redirect /bar http://elsewhere/feh/bar + +# Aliases: Aliases one path to another. +# Example: Alias /path1/bar /path2/foo + +Alias /doc /usr/doc + +# ScriptAlias: Maps a virtual path to a directory for serving scripts +# Example: ScriptAlias /htbin/ /www/htbin/ + +ScriptAlias /cgi-bin/ /home/httpd/cgi-bin/ + diff --git a/generic/etc/init.d/boa b/generic/etc/init.d/boa new file mode 100644 index 0000000..53c28d7 --- /dev/null +++ b/generic/etc/init.d/boa @@ -0,0 +1,23 @@ +#!/bin/sh + +# See how we were called. +case "$1" in + start) + echo -n "Starting boa: " + /usr/sbin/boa + echo + ;; + stop) + echo -n "Shutting down boa: " + killall boa + ;; + restart) + $0 stop + $0 start + ;; + *) + echo "Usage: $0 {start|stop|restart}" + exit 1 +esac + +exit 0 diff --git a/patches/boa-0.94.13/drop-privilege.patch b/patches/boa-0.94.13/drop-privilege.patch new file mode 100644 index 0000000..7c93815 --- /dev/null +++ b/patches/boa-0.94.13/drop-privilege.patch @@ -0,0 +1,23 @@ +From: Alexander Stein <alexander.st...@systec-electronic.com> +Subject: Fix dropping privilege error if dropping to root + +If privileges are to be "dropped" to root instead of another non-root user +setuid(0) doesn't fail like it is checked. + +So don't do this check, if server_uid should be 0. + +Signed-off-by: Alexander Stein <alexander.st...@systec-electronic.com> + +Index: boa-0.94.13/src/boa.c +=================================================================== +--- boa-0.94.13.orig/src/boa.c ++++ boa-0.94.13/src/boa.c +@@ -222,7 +222,7 @@ static void drop_privs(void) + /* test for failed-but-return-was-successful setuid + * http://www.securityportal.com/list-archive/bugtraq/2000/Jun/0101.html + */ +- if (setuid(0) != -1) { ++ if (server_uid != 0 && setuid(0) != -1) { + DIE("icky Linux kernel bug!"); + } + } else { diff --git a/patches/boa-0.94.13/fix-preprocessor.patch b/patches/boa-0.94.13/fix-preprocessor.patch new file mode 100644 index 0000000..91414aa --- /dev/null +++ b/patches/boa-0.94.13/fix-preprocessor.patch @@ -0,0 +1,30 @@ +From: Alexander Stein <alexander.st...@systec-electronic.com> +Subject: Fix preprocessor error + +util.c: In function 'get_commonlog_time': +util.c:100: error: pasting "t" and "->" does not give a valid preprocessing token + +Fix it by removing ## + +Signed-off-by: Alexander Stein <alexander.st...@systec-electronic.com> + +Index: boa-0.94.13/src/compat.h +=================================================================== +--- boa-0.94.13/src/compat.h ++++ boa-0.94.13/src/compat.h +@@ -117,13 +117,13 @@ char *strdup(char *s); + #endif + + #ifdef HAVE_TM_GMTOFF +-#define TIMEZONE_OFFSET(foo) foo##->tm_gmtoff ++#define TIMEZONE_OFFSET(foo) foo->tm_gmtoff + #else + #define TIMEZONE_OFFSET(foo) timezone + #endif + + #ifdef HAVE_TM_ZONE +-#define TIMEZONE(foo) foo##->tm_zone ++#define TIMEZONE(foo) foo->tm_zone + #else + #define TIMEZONE(foo) *tzname + #endif diff --git a/patches/boa-0.94.13/series b/patches/boa-0.94.13/series new file mode 100644 index 0000000..859963b --- /dev/null +++ b/patches/boa-0.94.13/series @@ -0,0 +1,2 @@ +fix-preprocessor.patch +drop-privilege.patch diff --git a/rules/boa.in b/rules/boa.in new file mode 100644 index 0000000..f6d689d --- /dev/null +++ b/rules/boa.in @@ -0,0 +1,22 @@ +## SECTION=networking + +menuconfig BOA + tristate + prompt "boa " + help + Boa is a single-tasking HTTP server. That means that + unlike traditional web servers, it does not fork for + each incoming connection, nor does it fork many copies + of itself to handle multiple connections. It internally + multiplexes all of the ongoing HTTP connections, and + forks only for CGI programs (which must be separate + processes), automatic directory generation, and + automatic file gunzipping. + +config BOA_INSTALL_CONFIG + bool + default y + depends on BOA + prompt "Install default boa.conf" + help + Install a default /etc/boa/boa.conf. diff --git a/rules/boa.make b/rules/boa.make new file mode 100644 index 0000000..d9ea826 --- /dev/null +++ b/rules/boa.make @@ -0,0 +1,93 @@ +# -*-makefile-*- +# +# Copyright (C) 2010 by Alexander Stein <alexander.st...@systec-electronic.com> +# +# See CREDITS for details about who has contributed to this project. +# +# For further information about the PTXdist project and license conditions +# see the README file. +# + +# +# We provide this package +# +PACKAGES-$(PTXCONF_BOA) += boa + +# +# Paths and names +# +BOA_VERSION := 0.94.13 +BOA := boa-$(BOA_VERSION) +BOA_SUFFIX := tar.gz +BOA_URL := http://www.boa.org/$(BOA).$(BOA_SUFFIX) +BOA_SOURCE := $(SRCDIR)/$(BOA).$(BOA_SUFFIX) +BOA_DIR := $(BUILDDIR)/$(BOA) +BOA_LICENSE := GPLv2 +BOA_SUBDIR := src + +# ---------------------------------------------------------------------------- +# Get +# ---------------------------------------------------------------------------- + +$(BOA_SOURCE): + @$(call targetinfo) + @$(call get, BOA) + +# ---------------------------------------------------------------------------- +# Prepare +# ---------------------------------------------------------------------------- + +BOA_PATH := PATH=$(CROSS_PATH) +BOA_ENV := $(CROSS_ENV) + +# +# autoconf +# +BOA_AUTOCONF := $(CROSS_AUTOCONF_USR) + +# ---------------------------------------------------------------------------- +# Install +# ---------------------------------------------------------------------------- + +$(STATEDIR)/boa.install: + @$(call targetinfo) + @$(call touch) + +# ---------------------------------------------------------------------------- +# Target-Install +# ---------------------------------------------------------------------------- + +$(STATEDIR)/boa.targetinstall: + @$(call targetinfo) + + @$(call install_init, boa) + @$(call install_fixup, boa,PACKAGE,boa) + @$(call install_fixup, boa,PRIORITY,optional) + @$(call install_fixup, boa,VERSION,$(BOA_VERSION)) + @$(call install_fixup, boa,SECTION,base) + @$(call install_fixup, boa,AUTHOR,"Alexander Stein <alexander.st...@systec-electronic.com>") + @$(call install_fixup, boa,DEPENDS,) + @$(call install_fixup, boa,DESCRIPTION,missing) + + @$(call install_copy, boa, 0, 0, 0755, $(BOA_DIR)/$(BOA_SUBDIR)/boa, /usr/sbin/boa) + + @$(call install_alternative, boa, 0, 0, 0755, /etc/init.d/boa) + +ifdef PTXCONF_BOA_INSTALL_CONFIG + @$(call install_alternative, boa, 0, 0, 0644, /etc/boa/boa.conf) +endif + + @$(call install_finish, boa) + + @$(call touch) + +# ---------------------------------------------------------------------------- +# Clean +# ---------------------------------------------------------------------------- + +boa_clean: + rm -rf $(STATEDIR)/boa.* + rm -rf $(PKGDIR)/boa_* + rm -rf $(BOA_DIR) + +# vim: syntax=make -- 1.6.4.4 -- ptxdist mailing list ptxdist@pengutronix.de