rpms/httpd/devel .cvsignore, 1.27, 1.28 httpd.conf, 1.31, 1.32 httpd.init, 1.15, 1.16 httpd.logrotate, 1.5, 1.6 httpd.spec, 1.142, 1.143 proxy_ajp.conf, 1.1, NONE
jorton
jorton at fedoraproject.org
Fri Jul 9 13:00:51 UTC 2010
Author: jorton
Update of /cvs/extras/rpms/httpd/devel
In directory cvs01.phx2.fedoraproject.org:/tmp/cvs-serv12025
Modified Files:
.cvsignore httpd.conf httpd.init httpd.logrotate httpd.spec
Removed Files:
proxy_ajp.conf
Log Message:
* Fri Jul 9 2010 Joe Orton <jorton at redhat.com> - 2.2.15-3
- default config tweaks:
* harden httpd.conf w.r.t. .htaccess restriction (#591293)
* load mod_substitute, mod_version by default
* drop proxy_ajp.conf, load mod_proxy_ajp in httpd.conf
* add commented list of shipped-but-unloaded modules
* bump up worker defaults a little
* drop KeepAliveTimeout to 5 secs per upstream
- fix LSB compliance in init script (#522074)
- bundle NOTICE in -tools
- use init script in logrotate postrotate to pick up PIDFILE
- drop some old Obsoletes/Conflicts
Index: .cvsignore
===================================================================
RCS file: /cvs/extras/rpms/httpd/devel/.cvsignore,v
retrieving revision 1.27
retrieving revision 1.28
diff -u -p -r1.27 -r1.28
--- .cvsignore 4 Apr 2010 16:57:24 -0000 1.27
+++ .cvsignore 9 Jul 2010 13:00:50 -0000 1.28
@@ -1 +1,3 @@
httpd-2.2.15.tar.gz
+httpd-2.2.15
+clog
Index: httpd.conf
===================================================================
RCS file: /cvs/extras/rpms/httpd/devel/httpd.conf,v
retrieving revision 1.31
retrieving revision 1.32
diff -u -p -r1.31 -r1.32
--- httpd.conf 17 Mar 2009 13:09:35 -0000 1.31
+++ httpd.conf 9 Jul 2010 13:00:50 -0000 1.32
@@ -58,14 +58,16 @@ ServerRoot "/etc/httpd"
#
# PidFile: The file in which the server should record its process
-# identification number when it starts.
+# identification number when it starts. Note the PIDFILE variable in
+# /etc/sysconfig/httpd must be set appropriately if this location is
+# changed.
#
PidFile run/httpd.pid
#
# Timeout: The number of seconds before receives and sends time out.
#
-Timeout 120
+Timeout 60
#
# KeepAlive: Whether or not to allow persistent connections (more than
@@ -84,7 +86,7 @@ MaxKeepAliveRequests 100
# KeepAliveTimeout: Number of seconds to wait for the next request from the
# same client on the same connection.
#
-KeepAliveTimeout 15
+KeepAliveTimeout 5
##
## Server-Pool Size Regulation (MPM specific)
@@ -114,8 +116,8 @@ MaxRequestsPerChild 4000
# ThreadsPerChild: constant number of worker threads in each server process
# MaxRequestsPerChild: maximum number of requests a server process serves
<IfModule worker.c>
-StartServers 2
-MaxClients 150
+StartServers 4
+MaxClients 300
MinSpareThreads 25
MaxSpareThreads 75
ThreadsPerChild 25
@@ -184,22 +186,34 @@ LoadModule actions_module modules/mod_ac
LoadModule speling_module modules/mod_speling.so
LoadModule userdir_module modules/mod_userdir.so
LoadModule alias_module modules/mod_alias.so
+LoadModule substitute_module modules/mod_substitute.so
LoadModule rewrite_module modules/mod_rewrite.so
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
LoadModule proxy_http_module modules/mod_proxy_http.so
+LoadModule proxy_ajp_module modules/mod_proxy_ajp.so
LoadModule proxy_connect_module modules/mod_proxy_connect.so
LoadModule cache_module modules/mod_cache.so
LoadModule suexec_module modules/mod_suexec.so
LoadModule disk_cache_module modules/mod_disk_cache.so
LoadModule cgi_module modules/mod_cgi.so
+LoadModule version_module modules/mod_version.so
#
# The following modules are not loaded by default:
#
-#LoadModule cern_meta_module modules/mod_cern_meta.so
#LoadModule asis_module modules/mod_asis.so
+#LoadModule authn_dbd_module modules/mod_authn_dbd.so
+#LoadModule cern_meta_module modules/mod_cern_meta.so
+#LoadModule cgid_module modules/mod_cgid.so
+#LoadModule dbd_module modules/mod_dbd.so
+#LoadModule dumpio_module modules/mod_dumpio.so
+#LoadModule filter_module modules/mod_filter.so
+#LoadModule ident_module modules/mod_ident.so
+#LoadModule log_forensic_module modules/mod_log_forensic.so
+#LoadModule unique_id_module modules/mod_unique_id.so
+#
#
# Load config files from the config directory "/etc/httpd/conf.d".
@@ -401,6 +415,7 @@ AccessFileName .htaccess
<Files ~ "^\.ht">
Order allow,deny
Deny from all
+ Satisfy All
</Files>
#
Index: httpd.init
===================================================================
RCS file: /cvs/extras/rpms/httpd/devel/httpd.init,v
retrieving revision 1.15
retrieving revision 1.16
diff -u -p -r1.15 -r1.16
--- httpd.init 22 Jan 2009 14:49:56 -0000 1.15
+++ httpd.init 9 Jul 2010 13:00:50 -0000 1.16
@@ -72,12 +72,16 @@ stop() {
reload() {
echo -n $"Reloading $prog: "
if ! LANG=$HTTPD_LANG $httpd $OPTIONS -t >&/dev/null; then
- RETVAL=$?
+ RETVAL=6
echo $"not reloading due to configuration syntax error"
failure $"not reloading $httpd due to configuration syntax error"
else
- killproc -p ${pidfile} $httpd -HUP
+ # Force LSB behaviour from killproc
+ LSB=1 killproc -p ${pidfile} $httpd -HUP
RETVAL=$?
+ if [ $RETVAL -eq 7 ]; then
+ failure $"httpd shutdown"
+ fi
fi
echo
}
@@ -112,8 +116,8 @@ case "$1" in
RETVAL=$?
;;
*)
- echo $"Usage: $prog {start|stop|restart|condrestart|reload|status|fullstatus|graceful|help|configtest}"
- RETVAL=3
+ echo $"Usage: $prog {start|stop|restart|condrestart|try-restart|force-reload|reload|status|fullstatus|graceful|help|configtest}"
+ RETVAL=2
esac
exit $RETVAL
Index: httpd.logrotate
===================================================================
RCS file: /cvs/extras/rpms/httpd/devel/httpd.logrotate,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -p -r1.5 -r1.6
--- httpd.logrotate 8 Sep 2009 15:58:46 -0000 1.5
+++ httpd.logrotate 9 Jul 2010 13:00:50 -0000 1.6
@@ -4,6 +4,6 @@
sharedscripts
delaycompress
postrotate
- /bin/kill -HUP `cat /var/run/httpd/httpd.pid 2>/dev/null` 2> /dev/null || true
+ /sbin/service httpd reload > /dev/null 2>/dev/null || true
endscript
}
Index: httpd.spec
===================================================================
RCS file: /cvs/extras/rpms/httpd/devel/httpd.spec,v
retrieving revision 1.142
retrieving revision 1.143
diff -u -p -r1.142 -r1.143
--- httpd.spec 4 Apr 2010 16:57:24 -0000 1.142
+++ httpd.spec 9 Jul 2010 13:00:50 -0000 1.143
@@ -7,7 +7,7 @@
Summary: Apache HTTP Server
Name: httpd
Version: 2.2.15
-Release: 1%{?dist}
+Release: 3%{?dist}
URL: http://httpd.apache.org/
Source0: http://www.apache.org/dist/httpd/httpd-%{version}.tar.gz
Source1: index.html
@@ -18,7 +18,6 @@ Source10: httpd.conf
Source11: ssl.conf
Source12: welcome.conf
Source13: manual.conf
-Source14: proxy_ajp.conf
# Documentation
Source33: README.confd
# build/scripts patches
@@ -50,9 +49,6 @@ Requires(post): chkconfig
Provides: webserver
Provides: mod_dav = %{version}-%{release}, httpd-suexec = %{version}-%{release}
Provides: httpd-mmn = %{mmn}
-Obsoletes: apache, secureweb, mod_dav, mod_gzip, stronghold-apache
-Obsoletes: stronghold-htdocs, mod_put, mod_roaming
-Conflicts: pcre < 4.0
Requires: httpd-tools = %{version}-%{release}, apr-util-ldap
%description
@@ -100,7 +96,7 @@ Group: System Environment/Daemons
Summary: SSL/TLS module for the Apache HTTP Server
Epoch: 1
BuildRequires: openssl-devel, distcache-devel
-Requires(post): openssl >= 0.9.7f-4, /bin/cat
+Requires(post): openssl, /bin/cat
Requires(pre): httpd
Requires: httpd = 0:%{version}-%{release}, httpd-mmn = %{mmn}
Obsoletes: stronghold-mod_ssl
@@ -227,7 +223,7 @@ done
mkdir $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.d
install -m 644 $RPM_SOURCE_DIR/README.confd \
$RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.d/README
-for f in ssl.conf welcome.conf manual.conf proxy_ajp.conf; do
+for f in ssl.conf welcome.conf manual.conf; do
install -m 644 -p $RPM_SOURCE_DIR/$f \
$RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.d/$f
done
@@ -414,7 +410,6 @@ rm -rf $RPM_BUILD_ROOT
%dir %{_sysconfdir}/httpd/conf
%config(noreplace) %{_sysconfdir}/httpd/conf/httpd.conf
%config(noreplace) %{_sysconfdir}/httpd/conf.d/welcome.conf
-%config(noreplace) %{_sysconfdir}/httpd/conf.d/proxy_ajp.conf
%config(noreplace) %{_sysconfdir}/httpd/conf/magic
%config(noreplace) %{_sysconfdir}/logrotate.d/httpd
@@ -459,7 +454,7 @@ rm -rf $RPM_BUILD_ROOT
%defattr(-,root,root)
%{_bindir}/*
%{_mandir}/man1/*
-%doc LICENSE
+%doc LICENSE NOTICE
%files manual
%defattr(-,root,root)
@@ -485,6 +480,19 @@ rm -rf $RPM_BUILD_ROOT
%{_libdir}/httpd/build/*.sh
%changelog
+* Fri Jul 9 2010 Joe Orton <jorton at redhat.com> - 2.2.15-3
+- default config tweaks:
+ * harden httpd.conf w.r.t. .htaccess restriction (#591293)
+ * load mod_substitute, mod_version by default
+ * drop proxy_ajp.conf, load mod_proxy_ajp in httpd.conf
+ * add commented list of shipped-but-unloaded modules
+ * bump up worker defaults a little
+ * drop KeepAliveTimeout to 5 secs per upstream
+- fix LSB compliance in init script (#522074)
+- bundle NOTICE in -tools
+- use init script in logrotate postrotate to pick up PIDFILE
+- drop some old Obsoletes/Conflicts
+
* Sun Apr 04 2010 Robert Scheck <robert at fedoraproject.org> - 2.2.15-1
- update to 2.2.15 (#572404, #579311)
--- proxy_ajp.conf DELETED ---
More information about the scm-commits
mailing list