rpms/httpd/devel .cvsignore, 1.27, 1.28 httpd.conf, 1.31, 1.32 httpd.init, 1.15, 1.16 httpd.logrotate, 1.5, 1.6 httpd.spec, 1.142, 1.143 proxy_ajp.conf, 1.1, NONE

jorton jorton at fedoraproject.org
Fri Jul 9 13:00:51 UTC 2010 

Author: jorton

Update of /cvs/extras/rpms/httpd/devel
In directory cvs01.phx2.fedoraproject.org:/tmp/cvs-serv12025

Modified Files:
	.cvsignore httpd.conf httpd.init httpd.logrotate httpd.spec 
Removed Files:
	proxy_ajp.conf 
Log Message:
* Fri Jul  9 2010 Joe Orton <jorton at redhat.com> - 2.2.15-3
- default config tweaks:
 * harden httpd.conf w.r.t. .htaccess restriction (#591293)
 * load mod_substitute, mod_version by default
 * drop proxy_ajp.conf, load mod_proxy_ajp in httpd.conf
 * add commented list of shipped-but-unloaded modules
 * bump up worker defaults a little
 * drop KeepAliveTimeout to 5 secs per upstream
- fix LSB compliance in init script (#522074)
- bundle NOTICE in -tools
- use init script in logrotate postrotate to pick up PIDFILE
- drop some old Obsoletes/Conflicts



Index: .cvsignore
===================================================================
RCS file: /cvs/extras/rpms/httpd/devel/.cvsignore,v
retrieving revision 1.27
retrieving revision 1.28
diff -u -p -r1.27 -r1.28
--- .cvsignore	4 Apr 2010 16:57:24 -0000	1.27
+++ .cvsignore	9 Jul 2010 13:00:50 -0000	1.28
@@ -1 +1,3 @@
 httpd-2.2.15.tar.gz
+httpd-2.2.15
+clog


Index: httpd.conf
===================================================================
RCS file: /cvs/extras/rpms/httpd/devel/httpd.conf,v
retrieving revision 1.31
retrieving revision 1.32
diff -u -p -r1.31 -r1.32
--- httpd.conf	17 Mar 2009 13:09:35 -0000	1.31
+++ httpd.conf	9 Jul 2010 13:00:50 -0000	1.32
@@ -58,14 +58,16 @@ ServerRoot "/etc/httpd"
 
 #
 # PidFile: The file in which the server should record its process
-# identification number when it starts.
+# identification number when it starts.  Note the PIDFILE variable in
+# /etc/sysconfig/httpd must be set appropriately if this location is
+# changed.
 #
 PidFile run/httpd.pid
 
 #
 # Timeout: The number of seconds before receives and sends time out.
 #
-Timeout 120
+Timeout 60
 
 #
 # KeepAlive: Whether or not to allow persistent connections (more than
@@ -84,7 +86,7 @@ MaxKeepAliveRequests 100
 # KeepAliveTimeout: Number of seconds to wait for the next request from the
 # same client on the same connection.
 #
-KeepAliveTimeout 15
+KeepAliveTimeout 5
 
 ##
 ## Server-Pool Size Regulation (MPM specific)
@@ -114,8 +116,8 @@ MaxRequestsPerChild  4000
 # ThreadsPerChild: constant number of worker threads in each server process
 # MaxRequestsPerChild: maximum number of requests a server process serves
 <IfModule worker.c>
-StartServers         2
-MaxClients         150
+StartServers         4
+MaxClients         300
 MinSpareThreads     25
 MaxSpareThreads     75 
 ThreadsPerChild     25
@@ -184,22 +186,34 @@ LoadModule actions_module modules/mod_ac
 LoadModule speling_module modules/mod_speling.so
 LoadModule userdir_module modules/mod_userdir.so
 LoadModule alias_module modules/mod_alias.so
+LoadModule substitute_module modules/mod_substitute.so
 LoadModule rewrite_module modules/mod_rewrite.so
 LoadModule proxy_module modules/mod_proxy.so
 LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
 LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
 LoadModule proxy_http_module modules/mod_proxy_http.so
+LoadModule proxy_ajp_module modules/mod_proxy_ajp.so
 LoadModule proxy_connect_module modules/mod_proxy_connect.so
 LoadModule cache_module modules/mod_cache.so
 LoadModule suexec_module modules/mod_suexec.so
 LoadModule disk_cache_module modules/mod_disk_cache.so
 LoadModule cgi_module modules/mod_cgi.so
+LoadModule version_module modules/mod_version.so
 
 #
 # The following modules are not loaded by default:
 #
-#LoadModule cern_meta_module modules/mod_cern_meta.so
 #LoadModule asis_module modules/mod_asis.so
+#LoadModule authn_dbd_module modules/mod_authn_dbd.so
+#LoadModule cern_meta_module modules/mod_cern_meta.so
+#LoadModule cgid_module modules/mod_cgid.so
+#LoadModule dbd_module modules/mod_dbd.so
+#LoadModule dumpio_module modules/mod_dumpio.so
+#LoadModule filter_module modules/mod_filter.so
+#LoadModule ident_module modules/mod_ident.so
+#LoadModule log_forensic_module modules/mod_log_forensic.so
+#LoadModule unique_id_module modules/mod_unique_id.so
+#
 
 #
 # Load config files from the config directory "/etc/httpd/conf.d".
@@ -401,6 +415,7 @@ AccessFileName .htaccess
 <Files ~ "^\.ht">
     Order allow,deny
     Deny from all
+    Satisfy All
 </Files>
 
 #


Index: httpd.init
===================================================================
RCS file: /cvs/extras/rpms/httpd/devel/httpd.init,v
retrieving revision 1.15
retrieving revision 1.16
diff -u -p -r1.15 -r1.16
--- httpd.init	22 Jan 2009 14:49:56 -0000	1.15
+++ httpd.init	9 Jul 2010 13:00:50 -0000	1.16
@@ -72,12 +72,16 @@ stop() {
 reload() {
     echo -n $"Reloading $prog: "
     if ! LANG=$HTTPD_LANG $httpd $OPTIONS -t >&/dev/null; then
-        RETVAL=$?
+        RETVAL=6
         echo $"not reloading due to configuration syntax error"
         failure $"not reloading $httpd due to configuration syntax error"
     else
-        killproc -p ${pidfile} $httpd -HUP
+        # Force LSB behaviour from killproc
+        LSB=1 killproc -p ${pidfile} $httpd -HUP
         RETVAL=$?
+        if [ $RETVAL -eq 7 ]; then
+            failure $"httpd shutdown"
+        fi
     fi
     echo
 }
@@ -112,8 +116,8 @@ case "$1" in
 	RETVAL=$?
 	;;
   *)
-	echo $"Usage: $prog {start|stop|restart|condrestart|reload|status|fullstatus|graceful|help|configtest}"
-	RETVAL=3
+	echo $"Usage: $prog {start|stop|restart|condrestart|try-restart|force-reload|reload|status|fullstatus|graceful|help|configtest}"
+	RETVAL=2
 esac
 
 exit $RETVAL


Index: httpd.logrotate
===================================================================
RCS file: /cvs/extras/rpms/httpd/devel/httpd.logrotate,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -p -r1.5 -r1.6
--- httpd.logrotate	8 Sep 2009 15:58:46 -0000	1.5
+++ httpd.logrotate	9 Jul 2010 13:00:50 -0000	1.6
@@ -4,6 +4,6 @@
     sharedscripts
     delaycompress
     postrotate
-	/bin/kill -HUP `cat /var/run/httpd/httpd.pid 2>/dev/null` 2> /dev/null || true
+        /sbin/service httpd reload > /dev/null 2>/dev/null || true
     endscript
 }


Index: httpd.spec
===================================================================
RCS file: /cvs/extras/rpms/httpd/devel/httpd.spec,v
retrieving revision 1.142
retrieving revision 1.143
diff -u -p -r1.142 -r1.143
--- httpd.spec	4 Apr 2010 16:57:24 -0000	1.142
+++ httpd.spec	9 Jul 2010 13:00:50 -0000	1.143
@@ -7,7 +7,7 @@
 Summary: Apache HTTP Server
 Name: httpd
 Version: 2.2.15
-Release: 1%{?dist}
+Release: 3%{?dist}
 URL: http://httpd.apache.org/
 Source0: http://www.apache.org/dist/httpd/httpd-%{version}.tar.gz
 Source1: index.html
@@ -18,7 +18,6 @@ Source10: httpd.conf
 Source11: ssl.conf
 Source12: welcome.conf
 Source13: manual.conf
-Source14: proxy_ajp.conf
 # Documentation
 Source33: README.confd
 # build/scripts patches
@@ -50,9 +49,6 @@ Requires(post): chkconfig
 Provides: webserver
 Provides: mod_dav = %{version}-%{release}, httpd-suexec = %{version}-%{release}
 Provides: httpd-mmn = %{mmn}
-Obsoletes: apache, secureweb, mod_dav, mod_gzip, stronghold-apache
-Obsoletes: stronghold-htdocs, mod_put, mod_roaming
-Conflicts: pcre < 4.0
 Requires: httpd-tools = %{version}-%{release}, apr-util-ldap
 
 %description
@@ -100,7 +96,7 @@ Group: System Environment/Daemons
 Summary: SSL/TLS module for the Apache HTTP Server
 Epoch: 1
 BuildRequires: openssl-devel, distcache-devel
-Requires(post): openssl >= 0.9.7f-4, /bin/cat
+Requires(post): openssl, /bin/cat
 Requires(pre): httpd
 Requires: httpd = 0:%{version}-%{release}, httpd-mmn = %{mmn}
 Obsoletes: stronghold-mod_ssl
@@ -227,7 +223,7 @@ done
 mkdir $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.d
 install -m 644 $RPM_SOURCE_DIR/README.confd \
     $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.d/README
-for f in ssl.conf welcome.conf manual.conf proxy_ajp.conf; do
+for f in ssl.conf welcome.conf manual.conf; do
   install -m 644 -p $RPM_SOURCE_DIR/$f \
         $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.d/$f
 done
@@ -414,7 +410,6 @@ rm -rf $RPM_BUILD_ROOT
 %dir %{_sysconfdir}/httpd/conf
 %config(noreplace) %{_sysconfdir}/httpd/conf/httpd.conf
 %config(noreplace) %{_sysconfdir}/httpd/conf.d/welcome.conf
-%config(noreplace) %{_sysconfdir}/httpd/conf.d/proxy_ajp.conf
 %config(noreplace) %{_sysconfdir}/httpd/conf/magic
 
 %config(noreplace) %{_sysconfdir}/logrotate.d/httpd
@@ -459,7 +454,7 @@ rm -rf $RPM_BUILD_ROOT
 %defattr(-,root,root)
 %{_bindir}/*
 %{_mandir}/man1/*
-%doc LICENSE
+%doc LICENSE NOTICE
 
 %files manual
 %defattr(-,root,root)
@@ -485,6 +480,19 @@ rm -rf $RPM_BUILD_ROOT
 %{_libdir}/httpd/build/*.sh
 
 %changelog
+* Fri Jul  9 2010 Joe Orton <jorton at redhat.com> - 2.2.15-3
+- default config tweaks:
+ * harden httpd.conf w.r.t. .htaccess restriction (#591293)
+ * load mod_substitute, mod_version by default
+ * drop proxy_ajp.conf, load mod_proxy_ajp in httpd.conf
+ * add commented list of shipped-but-unloaded modules
+ * bump up worker defaults a little
+ * drop KeepAliveTimeout to 5 secs per upstream
+- fix LSB compliance in init script (#522074)
+- bundle NOTICE in -tools
+- use init script in logrotate postrotate to pick up PIDFILE
+- drop some old Obsoletes/Conflicts
+
 * Sun Apr 04 2010 Robert Scheck <robert at fedoraproject.org> - 2.2.15-1
 - update to 2.2.15 (#572404, #579311)
 


--- proxy_ajp.conf DELETED ---

More information about the scm-commits mailing list