diff options
Diffstat (limited to 'www-apps/webdavcgi/webdavcgi-1.1.2.ebuild')
-rw-r--r-- | www-apps/webdavcgi/webdavcgi-1.1.2.ebuild | 206 |
1 files changed, 206 insertions, 0 deletions
diff --git a/www-apps/webdavcgi/webdavcgi-1.1.2.ebuild b/www-apps/webdavcgi/webdavcgi-1.1.2.ebuild new file mode 100644 index 000000000000..b9ddf2f7e102 --- /dev/null +++ b/www-apps/webdavcgi/webdavcgi-1.1.2.ebuild @@ -0,0 +1,206 @@ +# Copyright 1999-2021 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +inherit toolchain-funcs + +DESCRIPTION="A Perl CGI for accessing and sharing files, or calendar/addressbooks via WebDAV." +HOMEPAGE="https://danrohde.github.io/webdavcgi/" +SRC_URI="https://github.com/DanRohde/${PN}/archive/${PV}.tar.gz -> ${P}.tar.gz" + +LICENSE="GPL-3+" + +# Provide slotting on minor versions. WebDAV CGI is a web application which +# can be shared by multiple instances and thus major updates shouldn't be +# enforced to all users/instances at the same time. +SLOT="$(ver_cut 1-2)" + +KEYWORDS="~amd64" +IUSE="afs git kerberos ldap mysql pdf postgres rcs samba +sqlite +suid" + +DEPEND="" +RDEPEND="afs? ( net-fs/openafs ) + dev-lang/perl + dev-perl/Archive-Zip + dev-perl/CGI + dev-perl/DateTime + dev-perl/DateTime-Format-Human-Duration + dev-perl/File-Copy-Link + dev-perl/IO-Compress-Brotli + dev-perl/JSON + dev-perl/List-MoreUtils + dev-perl/MIME-tools + dev-perl/PerlIO-gzip + dev-perl/Quota + dev-perl/TimeDate + dev-perl/URI + dev-perl/UUID-Tiny + dev-perl/XML-Simple + git? ( dev-vcs/git ) + kerberos? ( virtual/krb5 ) + ldap? ( dev-perl/perl-ldap ) + media-gfx/graphicsmagick[perl] + media-libs/exiftool + mysql? ( dev-perl/DBD-mysql ) + pdf? ( app-text/ghostscript-gpl ) + postgres? ( dev-perl/DBD-Pg ) + rcs? ( dev-perl/Rcs ) + samba? ( net-fs/cifs-utils dev-perl/Filesys-SmbClient ) + sqlite? ( dev-perl/DBD-SQLite ) + virtual/perl-File-Spec + virtual/perl-Module-Load + || ( virtual/httpd-cgi virtual/httpd-fastcgi )" + +REQUIRED_USE="|| ( mysql postgres sqlite )" + +CGIBINDIR="cgi-bin" + +PATCHES=( + # Fix unescaped braces, which adresses #674772 and #658470 + # + # The patch originates from + # https://github.com/DanRohde/webdavcgi/commit/04e79b7ecbaf3aae5ab813cd4fc0a009c72b1580 + # and can be remove as soon as this ebuild gets bumped to 1.1.3 which + # already includes the change. + "${FILESDIR}/${P}-fix-unescaped-braces.patch" +) + +src_compile() { + if use suid; then + WEBDAVWRAPPERS="webdavwrapper" # Standard UID/GID wrapper + + use afs && WEBDAVWRAPPERS+=" webdavwrapper-afs" + use kerberos && WEBDAVWRAPPERS+=" webdavwrapper-krb" + + export WEBDAVWRAPPERS + + local wrapper + for wrapper in ${WEBDAVWRAPPERS}; do + $(tc-getCC) ${LDFLAGS} ${CFLAGS} \ + -o "${CGIBINDIR}/${wrapper}" \ + "helper/${wrapper}.c" || die "compile ${wrapper} failed" + done + fi +} + +src_install() { + exeinto "/usr/libexec/${PN}-${SLOT}/${CGIBINDIR}" + newexe "${CGIBINDIR}/logout-dist" "logout" + doexe "${CGIBINDIR}/webdav.pl" + + use afs && doexe "${CGIBINDIR}/afswrapper" + use samba && doexe "${CGIBINDIR}/smbwrapper" + + if use suid; then + # In order to change the user and group ID at runtime, the webdavwrapper + # needs to be run as root (set-user-ID and set-group-ID bit) + exeopts -o root -g root -m 6755 + + local wrapper + for wrapper in ${WEBDAVWRAPPERS}; do + einfo "Installing UID/GID wrapper ${wrapper}" + doexe "${CGIBINDIR}/${wrapper}" + done + + # reset install opts + exeopts + else + ewarn "You have the 'suid' USE flag disabled" + ewarn "WebDAV CGI won't be able to switch user ids" + fi + + local confDir='etc' + local webdavConfDir="/etc/${PN}-${SLOT}/default" + + export WEBDAVCONFIG="${webdavConfDir}/webdav.conf" + + insinto "${webdavConfDir}" + doins "${confDir}/mime.types" + newins "${FILESDIR}/webdav-${SLOT}.conf" "webdav.conf" + + local installBaseDir="/usr/share/${PN}-${SLOT}" + local currentDir + for currentDir in htdocs lib locale templates; do + insinto "${installBaseDir}/${currentDir}" + doins -r "${currentDir}"/* + done + + if use mysql || use postgres; then + local sqlDir='sql' + insinto "${installBaseDir}/${sqlDir}" + use mysql && doins "${sqlDir}/mysql.sql" + use postgres && doins "${sqlDir}/postgresql.sql" + fi + + if use sqlite; then + # Directory where the SQLite database resides + local sqliteRootDir="/var/lib/${PN}/${SLOT}" + keepdir "${sqliteRootDir}" + + # Default database directory where all users are able to create and + # share the databases, this can be changed within the config file and + # restricted to user/group only access if required. + export SQLITEDIR="${sqliteRootDir}/default" + keepdir "${SQLITEDIR}" + fperms 1777 "${SQLITEDIR}" + fi + + # Create default temporary directories, writable by all users + export TMPDIRS="trash thumbnails optimized" + for tmpDir in ${TMPDIRS}; do + keepdir "/var/tmp/${PN}/${SLOT}/default/${tmpDir}" + fperms 1777 "/var/tmp/${PN}/${SLOT}/default/${tmpDir}" + done + + export APACHEEXAMPLECONFIG="apache-webdavcgi-${SLOT}-example.conf" + dodoc CHANGELOG + dodoc etc/webdav.conf.complete + dodoc "${FILESDIR}/${APACHEEXAMPLECONFIG}" + dodoc -r "docs/" +} + +pkg_postinst() { + ewarn "In order to allow different users to create and share files," + ewarn "some directories were installed with world write access by default." + ewarn "To set restrictive permissions, add all WebDAV CGI users to a" + ewarn "common group, and allow access to the following directories by this" + ewarn "group only." + ewarn "Temp directories: /var/tmp/${PN}/${SLOT}/default/*" + use sqlite && ewarn "SQLite directory: ${SQLITEDIR}" + + elog + elog "The WebDAV CGI config is located at ${WEBDAVCONFIG}." + elog + elog "An example Apache HTTP server configuration snippet is available in" + elog "${EROOT}/usr/share/doc/${PF} in the file ${APACHEEXAMPLECONFIG}" + elog + elog "An important note to systemd user's running the Apache HTTP server:" + elog "" + elog "The default apache2.service will be started with private file system" + elog "namespaces for /var/tmp and /tmp enabled (PrivateTmp=true) and with" + elog "restricted privileges and securebits flags (NoNewPrivileges=true" + elog "SecureBits=noroot-locked)" + elog "" + elog "This means that you either need to disable PrivateTmp, relocate the" + elog "directories starting with /var/tmp within ${WEBDAVCONFIG}" + elog "or pre-create the directory structure with a user defined systemd" + elog "companion unit using the JoinsNamespaceOf directive." + elog "" + elog "For those using the setuid/guid webdavwrapper, additional systemd" + elog "execution environment relaxation is required." + elog + elog "To override the existing systemd service unit:" + elog "systemctl edit apache2.service" + elog "" + elog "[Service]" + elog "# Disable private file system namespaces" + elog "PrivateTmp=false" + elog "# Uncomment the following if you're using the setuid/guid webdavwrapper" + elog "#NoNewPrivileges=false" + elog "#SecureBits=" + + einfo + einfo "Detailed installation and configuration instructions can be found at" + einfo "https://danrohde.github.io/webdavcgi/doc.html" +} |