1 # Copyright 1999-2017 Gentoo Foundation
2 # Distributed under the terms of the GNU General Public License v2
4 # @ECLASS: apache-2.eclass
6 # polynomial-c@gentoo.org
7 # @BLURB: Provides a common set of functions for apache-2.x ebuilds
9 # This eclass handles apache-2.x ebuild functions such as LoadModule generation
10 # and inter-module dependency checking.
12 inherit autotools eutils flag-o-matic multilib ssl-cert user toolchain-funcs versionator
14 [[ ${CATEGORY}/${PN} != www-servers/apache ]] \
15 && die "Do not use this eclass with anything else than www-servers/apache ebuilds!"
19 die "This eclass is banned for EAPI<5"
23 # settings which are version specific go in here:
24 case $(get_version_component_range 1-2) in
26 DEFAULT_MPM_THREADED="event" #509922
27 RDEPEND=">=dev-libs/apr-1.5.1
28 !www-apache/mod_macro" #492578 #477702
31 DEFAULT_MPM_THREADED="worker"
32 RDEPEND=">=dev-libs/apr-1.4.5" #368651
35 die "Unknown MAJOR.MINOR apache version."
39 # ==============================================================================
41 # ==============================================================================
43 # @ECLASS-VARIABLE: GENTOO_PATCHNAME
45 # This internal variable contains the prefix for the patch tarball.
46 # Defaults to the full name and version (including revision) of the package.
47 # If you want to override this in an ebuild, use:
48 # ORIG_PR="(revision of Gentoo stuff you want)"
49 # GENTOO_PATCHNAME="gentoo-${PN}-${PV}${ORIG_PR:+-${ORIG_PR}}"
50 [[ -n "$GENTOO_PATCHNAME" ]] || GENTOO_PATCHNAME="gentoo-${PF}"
52 # @ECLASS-VARIABLE: GENTOO_PATCHDIR
54 # This internal variable contains the working directory where patches and config
56 # Defaults to the patchset name appended to the working directory.
57 [[ -n "$GENTOO_PATCHDIR" ]] || GENTOO_PATCHDIR="${WORKDIR}/${GENTOO_PATCHNAME}"
59 # @VARIABLE: GENTOO_DEVELOPER
61 # This variable needs to be set in the ebuild and contains the name of the
62 # gentoo developer who created the patch tarball
64 # @VARIABLE: GENTOO_PATCHSTAMP
66 # This variable needs to be set in the ebuild and contains the date the patch
67 # tarball was created at in YYYYMMDD format
69 # @VARIABLE: GENTOO_PATCH_A
71 # This variable should contain the entire filename of patch tarball.
72 # Defaults to the name of the patchset, with a datestamp.
73 [[ -n "$GENTOO_PATCH_A" ]] || GENTOO_PATCH_A="${GENTOO_PATCHNAME}-${GENTOO_PATCHSTAMP}.tar.bz2"
75 SRC_URI="mirror://apache/httpd/httpd-${PV}.tar.bz2
76 https://dev.gentoo.org/~${GENTOO_DEVELOPER}/dist/apache/${GENTOO_PATCH_A}"
78 # @VARIABLE: IUSE_MPMS_FORK
80 # This variable needs to be set in the ebuild and contains a list of forking
81 # (i.e. non-threaded) MPMs
83 # @VARIABLE: IUSE_MPMS_THREAD
85 # This variable needs to be set in the ebuild and contains a list of threaded
88 # @VARIABLE: IUSE_MODULES
90 # This variable needs to be set in the ebuild and contains a list of available
93 IUSE_MPMS="${IUSE_MPMS_FORK} ${IUSE_MPMS_THREAD}"
94 IUSE="${IUSE} debug doc ldap libressl selinux ssl static suexec threads"
96 for module in ${IUSE_MODULES} ; do
97 IUSE="${IUSE} apache2_modules_${module}"
100 for mpm in ${IUSE_MPMS} ; do
101 IUSE="${IUSE} apache2_mpms_${mpm}"
104 DEPEND="dev-lang/perl
106 =dev-libs/apr-util-1*[ldap?]
108 apache2_modules_deflate? ( sys-libs/zlib )
109 apache2_modules_mime? ( app-misc/mime-types )
110 ldap? ( =net-nds/openldap-2* )
112 !libressl? ( >=dev-libs/openssl-1.0.2:0= )
113 libressl? ( dev-libs/libressl:= )
115 !=www-servers/apache-1*"
117 selinux? ( sec-policy/selinux-apache )"
118 PDEPEND="~app-admin/apache-tools-${PV}"
120 S="${WORKDIR}/httpd-${PV}"
122 # ==============================================================================
124 # ==============================================================================
126 # @ECLASS-VARIABLE: MY_MPM
128 # This internal variable contains the selected MPM after a call to setup_mpm()
130 # @FUNCTION: setup_mpm
132 # This internal function makes sure that only one of APACHE2_MPMS was selected
133 # or a default based on USE=threads is selected if APACHE2_MPMS is empty
136 for x in ${IUSE_MPMS} ; do
137 if use apache2_mpms_${x} ; then
138 if [[ -z "${MY_MPM}" ]] ; then
141 elog "Selected MPM: ${MY_MPM}"
144 eerror "You have selected more then one mpm USE-flag."
145 eerror "Only one MPM is supported."
146 die "more then one mpm was specified"
151 if [[ -z "${MY_MPM}" ]] ; then
152 if use threads ; then
153 MY_MPM=${DEFAULT_MPM_THREADED}
155 elog "Selected default threaded MPM: ${MY_MPM}"
160 elog "Selected default MPM: ${MY_MPM}"
165 if has ${MY_MPM} ${IUSE_MPMS_THREAD} && ! use threads ; then
166 eerror "You have selected a threaded MPM but USE=threads is disabled"
167 die "invalid use flag combination"
170 if has ${MY_MPM} ${IUSE_MPMS_FORK} && use threads ; then
171 eerror "You have selected a non-threaded MPM but USE=threads is enabled"
172 die "invalid use flag combination"
175 if [[ "${PV}" != 2.2* ]] && [[ "${MY_MPM}" = *prefork* ]] && use apache2_modules_http2 ; then
176 die "http2 does not work with prefork MPM."
180 # @VARIABLE: MODULE_CRITICAL
182 # This variable needs to be set in the ebuild and contains a space-separated
183 # list of modules critical for the default apache. A user may still
184 # disable these modules for custom minimal installation at their own risk.
186 # @FUNCTION: check_module_critical
188 # This internal function warns the user about modules critical for the default
189 # apache configuration.
190 check_module_critical() {
193 for m in ${MODULE_CRITICAL} ; do
194 if ! has ${m} ${MY_MODS[@]} ; then
195 ewarn "Module '${m}' is required in the default apache configuration."
200 if [[ ${unsupported} -ne 0 ]] ; then
202 ewarn "You have disabled one or more required modules"
203 ewarn "for the default apache configuration."
204 ewarn "Although this is not an error, please be"
205 ewarn "aware that this setup is UNSUPPORTED."
210 # @VARIABLE: MODULE_DEPENDS
212 # This variable needs to be set in the ebuild and contains a space-separated
213 # list of dependency tokens each with a module and the module it depends on
214 # separated by a colon
216 # @FUNCTION: check_module_depends
218 # This internal function makes sure that all inter-module dependencies are
219 # satisfied with the current module selection
220 check_module_depends() {
223 for m in ${MY_MODS[@]} ; do
224 for dep in ${MODULE_DEPENDS} ; do
225 if [[ "${m}" == "${dep%:*}" ]] ; then
226 if ! use apache2_modules_${dep#*:} ; then
227 eerror "Module '${m}' depends on '${dep#*:}'"
234 if [[ ${err} -ne 0 ]] ; then
235 die "invalid use flag combination"
239 # @ECLASS-VARIABLE: MY_CONF
241 # This internal variable contains the econf options for the current module
242 # selection after a call to setup_modules()
244 # @ECLASS-VARIABLE: MY_MODS
246 # This internal variable contains a sorted, space separated list of currently
247 # selected modules after a call to setup_modules()
249 # @FUNCTION: setup_modules
251 # This internal function selects all built-in modules based on USE flags and
252 # APACHE2_MODULES USE_EXPAND flags
262 MY_CONF=( --enable-so=static )
266 MY_CONF+=( --enable-authnz_ldap=${mod_type} --enable-ldap=${mod_type} )
267 MY_MODS+=( ldap authnz_ldap )
269 MY_CONF+=( --disable-authnz_ldap --disable-ldap )
273 MY_CONF+=( --with-ssl --enable-ssl=${mod_type} )
276 MY_CONF+=( --without-ssl --disable-ssl )
280 elog "You can manipulate several configure options of suexec"
281 elog "through the following environment variables:"
283 elog " SUEXEC_SAFEPATH: Default PATH for suexec (default: '${EPREFIX}/usr/local/bin:${EPREFIX}/usr/bin:${EPREFIX}/bin')"
284 elog " SUEXEC_LOGFILE: Path to the suexec logfile (default: '${EPREFIX}/var/log/apache2/suexec_log')"
285 elog " SUEXEC_CALLER: Name of the user Apache is running as (default: apache)"
286 elog " SUEXEC_DOCROOT: Directory in which suexec will run scripts (default: '${EPREFIX}/var/www')"
287 elog " SUEXEC_MINUID: Minimum UID, which is allowed to run scripts via suexec (default: 1000)"
288 elog " SUEXEC_MINGID: Minimum GID, which is allowed to run scripts via suexec (default: 100)"
289 elog " SUEXEC_USERDIR: User subdirectories (like /home/user/html) (default: public_html)"
290 elog " SUEXEC_UMASK: Umask for the suexec process (default: 077)"
293 MY_CONF+=( --with-suexec-safepath="${SUEXEC_SAFEPATH:-${EPREFIX}/usr/local/bin:${EPREFIX}/usr/bin:${EPREFIX}/bin}" )
294 MY_CONF+=( --with-suexec-logfile="${SUEXEC_LOGFILE:-${EPREFIX}/var/log/apache2/suexec_log}" )
295 MY_CONF+=( --with-suexec-bin="${EPREFIX}/usr/sbin/suexec" )
296 MY_CONF+=( --with-suexec-userdir=${SUEXEC_USERDIR:-public_html} )
297 MY_CONF+=( --with-suexec-caller=${SUEXEC_CALLER:-apache} )
298 MY_CONF+=( --with-suexec-docroot="${SUEXEC_DOCROOT:-${EPREFIX}/var/www}" )
299 MY_CONF+=( --with-suexec-uidmin=${SUEXEC_MINUID:-1000} )
300 MY_CONF+=( --with-suexec-gidmin=${SUEXEC_MINGID:-100} )
301 MY_CONF+=( --with-suexec-umask=${SUEXEC_UMASK:-077} )
302 MY_CONF+=( --enable-suexec=${mod_type} )
305 MY_CONF+=( --disable-suexec )
308 for x in ${IUSE_MODULES} ; do
309 if use apache2_modules_${x} ; then
310 MY_CONF+=( --enable-${x}=${mod_type} )
313 MY_CONF+=( --disable-${x} )
317 # sort and uniquify MY_MODS
318 MY_MODS=( $(echo ${MY_MODS[@]} | tr ' ' '\n' | sort -u) )
320 check_module_critical
323 # @VARIABLE: MODULE_DEFINES
325 # This variable needs to be set in the ebuild and contains a space-separated
326 # list of tokens each mapping a module to a runtime define which can be
327 # specified in APACHE2_OPTS in /etc/conf.d/apache2 to enable this particular
330 # @FUNCTION: generate_load_module
332 # This internal function generates the LoadModule lines for httpd.conf based on
333 # the current module selection and MODULE_DEFINES
334 generate_load_module() {
335 local endit=0 mod_lines= mod_dir="${ED}/usr/$(get_libdir)/apache2/modules"
338 sed -i -e "/%%LOAD_MODULE%%/d" \
339 "${GENTOO_PATCHDIR}"/conf/httpd.conf
343 for m in ${MY_MODS[@]} ; do
344 if [[ -e "${mod_dir}/mod_${m}.so" ]] ; then
345 for def in ${MODULE_DEFINES} ; do
346 if [[ "${m}" == "${def%:*}" ]] ; then
347 mod_lines="${mod_lines}\n<IfDefine ${def#*:}>"
352 mod_lines="${mod_lines}\nLoadModule ${m}_module modules/mod_${m}.so"
354 if [[ ${endit} -ne 0 ]] ; then
355 mod_lines="${mod_lines}\n</IfDefine>"
361 sed -i -e "s:%%LOAD_MODULE%%:${mod_lines}:" \
362 "${GENTOO_PATCHDIR}"/conf/httpd.conf
365 # @FUNCTION: check_upgrade
367 # This internal function checks if the previous configuration file for built-in
368 # modules exists in ROOT and prevents upgrade in this case. Users are supposed
369 # to convert this file to the new APACHE2_MODULES USE_EXPAND variable and remove
372 if [[ -e "${EROOT}"etc/apache2/apache2-builtin-mods ]]; then
373 eerror "The previous configuration file for built-in modules"
374 eerror "(${EROOT}etc/apache2/apache2-builtin-mods) exists on your"
377 eerror "Please read https://wiki.gentoo.org/wiki/Project:Apache/Upgrading"
378 eerror "for detailed information how to convert this file to the new"
379 eerror "APACHE2_MODULES USE_EXPAND variable."
381 die "upgrade not possible with existing ${ROOT}etc/apache2/apache2-builtin-mods"
385 # ==============================================================================
387 # ==============================================================================
389 # @FUNCTION: apache-2_pkg_setup
391 # This function selects built-in modules, the MPM and other configure options,
392 # creates the apache user and group and informs about CONFIG_SYSVIPC being
393 # needed (we don't depend on kernel sources and therefore cannot check).
394 apache-2_pkg_setup() {
397 # setup apache user and group
399 enewuser apache 81 -1 /var/www apache
405 MY_CONF+=( --enable-exception-hook )
408 elog "Please note that you need SysV IPC support in your kernel."
409 elog "Make sure CONFIG_SYSVIPC=y is set."
412 if use userland_BSD; then
413 elog "On BSD systems you need to add the following line to /boot/loader.conf:"
414 elog " accf_http_load=\"YES\""
419 # @FUNCTION: apache-2_src_prepare
421 # This function applies patches, configures a custom file-system layout and
422 # rebuilds the configure scripts.
423 apache-2_src_prepare() {
424 #fix prefix in conf files etc (bug #433736)
425 use !prefix || sed -e "s@/\(usr\|var\|etc\|run\)/@${EPREFIX}&@g" \
426 -i "${GENTOO_PATCHDIR}"/conf/httpd.conf "${GENTOO_PATCHDIR}"/scripts/* \
427 "${GENTOO_PATCHDIR}"/docs/*.example "${GENTOO_PATCHDIR}"/patches/*.layout \
428 "${GENTOO_PATCHDIR}"/init/* "${GENTOO_PATCHDIR}"/conf/vhosts.d/* \
429 "${GENTOO_PATCHDIR}"/conf/modules.d/* || die
431 # 03_all_gentoo-apache-tools.patch injects -Wl,-z,now, which is not a good
434 *-linux-gnu|*-solaris*|*-freebsd*)
435 # do nothing, these use GNU binutils
439 sed -i -e 's/-Wl,-z,now/-Wl,-bind_at_load/g' \
440 "${GENTOO_PATCHDIR}"/patches/03_all_gentoo_apache-tools.patch
443 # patch it out to be like upstream
444 sed -i -e 's/-Wl,-z,now//g' \
445 "${GENTOO_PATCHDIR}"/patches/03_all_gentoo_apache-tools.patch
449 # Use correct multilib libdir in gentoo patches
450 sed -i -e "s:/usr/lib:/usr/$(get_libdir):g" \
451 "${GENTOO_PATCHDIR}"/{conf/httpd.conf,init/*,patches/config.layout} \
452 || die "libdir sed failed"
454 if [[ "${EAPI}" -ge 6 ]] ; then
456 eapply "${GENTOO_PATCHDIR}"/patches/*.patch
458 epatch "${GENTOO_PATCHDIR}"/patches/*.patch
461 if [[ ${EAPI} = 5 ]] ; then
462 # Handle patches from ebuild's PATCHES array if one is given
463 if [[ -n "${PATCHES}" ]] ; then
464 local patchestype=$(declare -p PATCHES 2>&-)
465 if [[ "${patchestype}" != "declare -a PATCHES="* ]] ; then
466 die "Declaring PATCHES as a variable is forbidden. Please use an array instead."
468 epatch "${PATCHES[@]}"
471 # Handle user patches
475 # Don't rename configure.in _before_ any possible user patches!
476 if [[ -f "configure.in" ]] ; then
477 mv configure.{in,ac} || die
480 # setup the filesystem layout config
481 cat "${GENTOO_PATCHDIR}"/patches/config.layout >> "${S}"/config.layout || \
482 die "Failed preparing config.layout!"
483 sed -i -e "s:version:${PF}:g" "${S}"/config.layout
485 # apache2.8 instead of httpd.8 (bug #194828)
486 mv docs/man/{httpd,apache2}.8
487 sed -i -e 's/httpd\.8/apache2.8/g' Makefile.in
489 # patched-in MPMs need the build environment rebuilt
490 sed -i -e '/sinclude/d' configure.ac
491 AT_M4DIR=build eautoreconf
493 # ${T} must be not group-writable, else grsec TPE will block it
496 # This package really should upgrade to using pcre's .pc file.
497 cat <<-\EOF >"${T}"/pcre-config
501 if [[ ${flag} == "--version" ]]; then
502 flags+=( --modversion )
507 exec ${PKG_CONFIG} libpcre "${flags[@]}"
509 chmod a+x "${T}"/pcre-config
512 # @FUNCTION: apache-2_src_configure
514 # This function adds compiler flags and runs econf and emake based on MY_MPM and
516 apache-2_src_configure() {
519 # Sanity check in case people have bad mounts/TPE settings. #500928
520 if ! "${T}"/pcre-config --help >/dev/null ; then
521 eerror "Could not execute ${T}/pcre-config; do you have bad mount"
522 eerror "permissions in ${T} or have TPE turned on in your kernel?"
523 die "check your runtime settings #500928"
526 # Instead of filtering --as-needed (bug #128505), append --no-as-needed
527 # Thanks to Harald van Dijk
528 append-ldflags $(no-as-needed)
530 # peruser MPM debugging with -X is nearly impossible
531 if has peruser ${IUSE_MPMS} && use apache2_mpms_peruser ; then
532 use debug && append-flags -DMPM_PERUSER_DEBUG
535 # econf overwrites the stuff from config.layout, so we have to put them into
536 # our myconf line too
537 ac_cv_path_PKGCONFIG=${PKG_CONFIG} \
539 --includedir="${EPREFIX}"/usr/include/apache2 \
540 --libexecdir="${EPREFIX}"/usr/$(get_libdir)/apache2/modules \
541 --datadir="${EPREFIX}"/var/www/localhost \
542 --sysconfdir="${EPREFIX}"/etc/apache2 \
543 --localstatedir="${EPREFIX}"/var \
544 --with-mpm=${MY_MPM} \
545 --with-apr="${SYSROOT}${EPREFIX}"/usr \
546 --with-apr-util="${SYSROOT}${EPREFIX}"/usr \
547 --with-pcre="${T}"/pcre-config \
548 --with-z="${EPREFIX}"/usr \
550 --with-program-name=apache2 \
551 --enable-layout=Gentoo \
554 sed -i -e 's:apache2\.conf:httpd.conf:' include/ap_config_auto.h
557 # @FUNCTION: apache-2_src_install
559 # This function runs `emake install' and generates, installs and adapts the gentoo
560 # specific configuration files found in the tarball
561 apache-2_src_install() {
562 emake DESTDIR="${D}" MKINSTALLDIRS="mkdir -p" install
564 # install our configuration files
565 keepdir /etc/apache2/vhosts.d
566 keepdir /etc/apache2/modules.d
570 doins -r "${GENTOO_PATCHDIR}"/conf/*
571 use apache2_modules_mime_magic && doins docs/conf/magic
573 insinto /etc/logrotate.d
574 newins "${GENTOO_PATCHDIR}"/scripts/apache2-logrotate apache2
576 # generate a sane default APACHE2_OPTS
577 APACHE2_OPTS="-D DEFAULT_VHOST -D INFO"
578 use doc && APACHE2_OPTS="${APACHE2_OPTS} -D MANUAL"
579 use ssl && APACHE2_OPTS="${APACHE2_OPTS} -D SSL -D SSL_DEFAULT_VHOST"
580 use suexec && APACHE2_OPTS="${APACHE2_OPTS} -D SUEXEC"
581 if has negotiation ${APACHE2_MODULES} && use apache2_modules_negotiation; then
582 APACHE2_OPTS="${APACHE2_OPTS} -D LANGUAGE"
585 sed -i -e "s:APACHE2_OPTS=\".*\":APACHE2_OPTS=\"${APACHE2_OPTS}\":" \
586 "${GENTOO_PATCHDIR}"/init/apache2.confd || die "sed failed"
588 newconfd "${GENTOO_PATCHDIR}"/init/apache2.confd apache2
589 newinitd "${GENTOO_PATCHDIR}"/init/apache2.initd apache2
591 # install apache2ctl wrapper for our init script if available
592 if test -e "${GENTOO_PATCHDIR}"/scripts/apache2ctl; then
594 doexe "${GENTOO_PATCHDIR}"/scripts/apache2ctl
596 dosym /etc/init.d/apache2 /usr/sbin/apache2ctl
599 # provide legacy symlink for apxs, bug 177697
600 dosym apxs /usr/sbin/apxs2
602 # install some documentation
603 dodoc ABOUT_APACHE CHANGES LAYOUT README README.platforms VERSIONING
604 dodoc "${GENTOO_PATCHDIR}"/docs/*
606 # drop in a convenient link to the manual
608 sed -i -e "s:VERSION:${PVR}:" "${ED}/etc/apache2/modules.d/00_apache_manual.conf"
609 docompress -x /usr/share/doc/${PF}/manual # 503640
611 rm -f "${ED}/etc/apache2/modules.d/00_apache_manual.conf"
612 rm -Rf "${ED}/usr/share/doc/${PF}/manual"
615 # the default icons and error pages get stored in
616 # /usr/share/apache2/{error,icons}
617 dodir /usr/share/apache2
618 mv -f "${ED}/var/www/localhost/error" "${ED}/usr/share/apache2/error"
619 mv -f "${ED}/var/www/localhost/icons" "${ED}/usr/share/apache2/icons"
620 rm -rf "${ED}/var/www/localhost/"
623 # set some sane permissions for suexec
625 fowners 0:${SUEXEC_CALLER:-apache} /usr/sbin/suexec
626 fperms 4710 /usr/sbin/suexec
627 # provide legacy symlink for suexec, bug 177697
628 dosym /usr/sbin/suexec /usr/sbin/suexec2
632 for i in /var/lib/dav /var/log/apache2 /var/cache/apache2 ; do
634 fowners apache:apache ${i}
639 # @FUNCTION: apache-2_pkg_postinst
641 # This function creates test certificates if SSL is enabled and installs the
642 # default index.html to /var/www/localhost if it does not exist. We do this here
643 # because the default webroot is a copy of the files that exist elsewhere and we
644 # don't want them to be managed/removed by portage when apache is upgraded.
645 apache-2_pkg_postinst() {
646 if use ssl && [[ ! -e "${EROOT}/etc/ssl/apache2/server.pem" ]]; then
647 SSL_ORGANIZATION="${SSL_ORGANIZATION:-Apache HTTP Server}"
648 install_cert /etc/ssl/apache2/server
650 ewarn "The location of SSL certificates has changed. If you are"
651 ewarn "upgrading from ${CATEGORY}/${PN}-2.2.13 or earlier (or remerged"
652 ewarn "*any* apache version), you might want to move your old"
653 ewarn "certificates from /etc/apache2/ssl/ to /etc/ssl/apache2/ and"
654 ewarn "update your config files."
658 if [[ ! -e "${EROOT}/var/www/localhost" ]] ; then
659 mkdir -p "${EROOT}/var/www/localhost/htdocs"
660 echo "<html><body><h1>It works!</h1></body></html>" > "${EROOT}/var/www/localhost/htdocs/index.html"
664 elog "Attention: cgi and cgid modules are now handled via APACHE2_MODULES flags"
665 elog "in make.conf. Make sure to enable those in order to compile them."
666 elog "In general, you should use 'cgid' with threaded MPMs and 'cgi' otherwise."
671 EXPORT_FUNCTIONS pkg_setup src_prepare src_configure src_install pkg_postinst