You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
207 lines
6.4 KiB
207 lines
6.4 KiB
# Copyright 1999-2021 Gentoo Authors
|
|
# Distributed under the terms of the GNU General Public License v2
|
|
|
|
EAPI=7
|
|
|
|
inherit toolchain-funcs
|
|
|
|
DESCRIPTION="A Perl CGI for accessing and sharing files, or calendar/addressbooks via WebDAV."
|
|
HOMEPAGE="https://danrohde.github.io/webdavcgi/"
|
|
SRC_URI="https://github.com/DanRohde/${PN}/archive/${PV}.tar.gz -> ${P}.tar.gz"
|
|
|
|
LICENSE="GPL-3+"
|
|
|
|
# Provide slotting on minor versions. WebDAV CGI is a web application which
|
|
# can be shared by multiple instances and thus major updates shouldn't be
|
|
# enforced to all users/instances at the same time.
|
|
SLOT="$(ver_cut 1-2)"
|
|
|
|
KEYWORDS="~amd64"
|
|
IUSE="afs git kerberos ldap mysql pdf postgres rcs samba +sqlite +suid"
|
|
|
|
DEPEND=""
|
|
RDEPEND="afs? ( net-fs/openafs )
|
|
dev-lang/perl
|
|
dev-perl/Archive-Zip
|
|
dev-perl/CGI
|
|
dev-perl/DateTime
|
|
dev-perl/DateTime-Format-Human-Duration
|
|
dev-perl/File-Copy-Link
|
|
dev-perl/IO-Compress-Brotli
|
|
dev-perl/JSON
|
|
dev-perl/List-MoreUtils
|
|
dev-perl/MIME-tools
|
|
dev-perl/PerlIO-gzip
|
|
dev-perl/Quota
|
|
dev-perl/TimeDate
|
|
dev-perl/URI
|
|
dev-perl/UUID-Tiny
|
|
dev-perl/XML-Simple
|
|
git? ( dev-vcs/git )
|
|
kerberos? ( virtual/krb5 )
|
|
ldap? ( dev-perl/perl-ldap )
|
|
media-gfx/graphicsmagick[perl]
|
|
media-libs/exiftool
|
|
mysql? ( dev-perl/DBD-mysql )
|
|
pdf? ( app-text/ghostscript-gpl )
|
|
postgres? ( dev-perl/DBD-Pg )
|
|
rcs? ( dev-perl/Rcs )
|
|
samba? ( net-fs/cifs-utils dev-perl/Filesys-SmbClient )
|
|
sqlite? ( dev-perl/DBD-SQLite )
|
|
virtual/perl-File-Spec
|
|
virtual/perl-Module-Load
|
|
|| ( virtual/httpd-cgi virtual/httpd-fastcgi )"
|
|
|
|
REQUIRED_USE="|| ( mysql postgres sqlite )"
|
|
|
|
CGIBINDIR="cgi-bin"
|
|
|
|
PATCHES=(
|
|
# Fix unescaped braces, which adresses #674772 and #658470
|
|
#
|
|
# The patch originates from
|
|
# https://github.com/DanRohde/webdavcgi/commit/04e79b7ecbaf3aae5ab813cd4fc0a009c72b1580
|
|
# and can be remove as soon as this ebuild gets bumped to 1.1.3 which
|
|
# already includes the change.
|
|
"${FILESDIR}/${P}-fix-unescaped-braces.patch"
|
|
)
|
|
|
|
src_compile() {
|
|
if use suid; then
|
|
WEBDAVWRAPPERS="webdavwrapper" # Standard UID/GID wrapper
|
|
|
|
use afs && WEBDAVWRAPPERS+=" webdavwrapper-afs"
|
|
use kerberos && WEBDAVWRAPPERS+=" webdavwrapper-krb"
|
|
|
|
export WEBDAVWRAPPERS
|
|
|
|
local wrapper
|
|
for wrapper in ${WEBDAVWRAPPERS}; do
|
|
$(tc-getCC) ${LDFLAGS} ${CFLAGS} \
|
|
-o "${CGIBINDIR}/${wrapper}" \
|
|
"helper/${wrapper}.c" || die "compile ${wrapper} failed"
|
|
done
|
|
fi
|
|
}
|
|
|
|
src_install() {
|
|
exeinto "/usr/libexec/${PN}-${SLOT}/${CGIBINDIR}"
|
|
newexe "${CGIBINDIR}/logout-dist" "logout"
|
|
doexe "${CGIBINDIR}/webdav.pl"
|
|
|
|
use afs && doexe "${CGIBINDIR}/afswrapper"
|
|
use samba && doexe "${CGIBINDIR}/smbwrapper"
|
|
|
|
if use suid; then
|
|
# In order to change the user and group ID at runtime, the webdavwrapper
|
|
# needs to be run as root (set-user-ID and set-group-ID bit)
|
|
exeopts -o root -g root -m 6755
|
|
|
|
local wrapper
|
|
for wrapper in ${WEBDAVWRAPPERS}; do
|
|
einfo "Installing UID/GID wrapper ${wrapper}"
|
|
doexe "${CGIBINDIR}/${wrapper}"
|
|
done
|
|
|
|
# reset install opts
|
|
exeopts
|
|
else
|
|
ewarn "You have the 'suid' USE flag disabled"
|
|
ewarn "WebDAV CGI won't be able to switch user ids"
|
|
fi
|
|
|
|
local confDir='etc'
|
|
local webdavConfDir="/etc/${PN}-${SLOT}/default"
|
|
|
|
export WEBDAVCONFIG="${webdavConfDir}/webdav.conf"
|
|
|
|
insinto "${webdavConfDir}"
|
|
doins "${confDir}/mime.types"
|
|
newins "${FILESDIR}/webdav-${SLOT}.conf" "webdav.conf"
|
|
|
|
local installBaseDir="/usr/share/${PN}-${SLOT}"
|
|
local currentDir
|
|
for currentDir in htdocs lib locale templates; do
|
|
insinto "${installBaseDir}/${currentDir}"
|
|
doins -r "${currentDir}"/*
|
|
done
|
|
|
|
if use mysql || use postgres; then
|
|
local sqlDir='sql'
|
|
insinto "${installBaseDir}/${sqlDir}"
|
|
use mysql && doins "${sqlDir}/mysql.sql"
|
|
use postgres && doins "${sqlDir}/postgresql.sql"
|
|
fi
|
|
|
|
if use sqlite; then
|
|
# Directory where the SQLite database resides
|
|
local sqliteRootDir="/var/lib/${PN}/${SLOT}"
|
|
keepdir "${sqliteRootDir}"
|
|
|
|
# Default database directory where all users are able to create and
|
|
# share the databases, this can be changed within the config file and
|
|
# restricted to user/group only access if required.
|
|
export SQLITEDIR="${sqliteRootDir}/default"
|
|
keepdir "${SQLITEDIR}"
|
|
fperms 1777 "${SQLITEDIR}"
|
|
fi
|
|
|
|
# Create default temporary directories, writable by all users
|
|
export TMPDIRS="trash thumbnails optimized"
|
|
for tmpDir in ${TMPDIRS}; do
|
|
keepdir "/var/tmp/${PN}/${SLOT}/default/${tmpDir}"
|
|
fperms 1777 "/var/tmp/${PN}/${SLOT}/default/${tmpDir}"
|
|
done
|
|
|
|
export APACHEEXAMPLECONFIG="apache-webdavcgi-${SLOT}-example.conf"
|
|
dodoc CHANGELOG
|
|
dodoc etc/webdav.conf.complete
|
|
dodoc "${FILESDIR}/${APACHEEXAMPLECONFIG}"
|
|
dodoc -r "docs/"
|
|
}
|
|
|
|
pkg_postinst() {
|
|
ewarn "In order to allow different users to create and share files,"
|
|
ewarn "some directories were installed with world write access by default."
|
|
ewarn "To set restrictive permissions, add all WebDAV CGI users to a"
|
|
ewarn "common group, and allow access to the following directories by this"
|
|
ewarn "group only."
|
|
ewarn "Temp directories: /var/tmp/${PN}/${SLOT}/default/*"
|
|
use sqlite && ewarn "SQLite directory: ${SQLITEDIR}"
|
|
|
|
elog
|
|
elog "The WebDAV CGI config is located at ${WEBDAVCONFIG}."
|
|
elog
|
|
elog "An example Apache HTTP server configuration snippet is available in"
|
|
elog "${EROOT}/usr/share/doc/${PF} in the file ${APACHEEXAMPLECONFIG}"
|
|
elog
|
|
elog "An important note to systemd user's running the Apache HTTP server:"
|
|
elog ""
|
|
elog "The default apache2.service will be started with private file system"
|
|
elog "namespaces for /var/tmp and /tmp enabled (PrivateTmp=true) and with"
|
|
elog "restricted privileges and securebits flags (NoNewPrivileges=true"
|
|
elog "SecureBits=noroot-locked)"
|
|
elog ""
|
|
elog "This means that you either need to disable PrivateTmp, relocate the"
|
|
elog "directories starting with /var/tmp within ${WEBDAVCONFIG}"
|
|
elog "or pre-create the directory structure with a user defined systemd"
|
|
elog "companion unit using the JoinsNamespaceOf directive."
|
|
elog ""
|
|
elog "For those using the setuid/guid webdavwrapper, additional systemd"
|
|
elog "execution environment relaxation is required."
|
|
elog
|
|
elog "To override the existing systemd service unit:"
|
|
elog "systemctl edit apache2.service"
|
|
elog ""
|
|
elog "[Service]"
|
|
elog "# Disable private file system namespaces"
|
|
elog "PrivateTmp=false"
|
|
elog "# Uncomment the following if you're using the setuid/guid webdavwrapper"
|
|
elog "#NoNewPrivileges=false"
|
|
elog "#SecureBits="
|
|
|
|
einfo
|
|
einfo "Detailed installation and configuration instructions can be found at"
|
|
einfo "https://danrohde.github.io/webdavcgi/doc.html"
|
|
}
|