From c639bdcaeb08b7478d2324f0824ad4d20377a451 Mon Sep 17 00:00:00 2001 From: Pawel Winogrodzki Date: Wed, 13 Oct 2021 23:31:16 -0700 Subject: [PATCH] [dev] Resolving conflicts between `nginx` and `nginx-mimetypes`. (#1529) --- SPECS/mailcap/mailcap.spec | 7 +- SPECS/nginx/nginx.spec | 141 +++++++++++++++++++++++-------------- 2 files changed, 94 insertions(+), 54 deletions(-) diff --git a/SPECS/mailcap/mailcap.spec b/SPECS/mailcap/mailcap.spec index 506aee5c52..31b16caeae 100644 --- a/SPECS/mailcap/mailcap.spec +++ b/SPECS/mailcap/mailcap.spec @@ -1,7 +1,7 @@ Summary: Helper application and MIME type associations for file types Name: mailcap Version: 2.1.49 -Release: 3%{?dist} +Release: 4%{?dist} License: Public Domain and MIT URL: https://pagure.io/mailcap Vendor: Microsoft Corporation @@ -29,7 +29,7 @@ by several applications e.g. to determine MIME types for filenames. %package -n nginx-mimetypes Summary: MIME type mappings for nginx License: Public Domain -Requires: nginx +Requires: nginx-filesystem %description -n nginx-mimetypes MIME type mappings for nginx. @@ -65,6 +65,9 @@ make check %changelog +* Wed Oct 13 2021 Pawel Winogrodzki - 2.1.49-4 +- Changing BR to be more accurate: "nginx" -> "nginx-filesystem". + * Fri Aug 21 2020 Thomas Crain - 2.1.49-3 - Initial CBL-Mariner version imported from Fedora 33 (license: MIT) - License verified diff --git a/SPECS/nginx/nginx.spec b/SPECS/nginx/nginx.spec index 04d7290b44..d3bf59fb45 100644 --- a/SPECS/nginx/nginx.spec +++ b/SPECS/nginx/nginx.spec @@ -1,8 +1,10 @@ -%define sha1 nginx-njs=fd8c3f2d219f175be958796e3beaa17f3b465126 + +%global nginx_user nginx + Summary: High-performance HTTP server and reverse proxy Name: nginx Version: 1.20.1 -Release: 1%{?dist} +Release: 2%{?dist} License: BSD 2-Clause Vendor: Microsoft Corporation Distribution: Mariner @@ -12,14 +14,27 @@ Source0: https://nginx.org/download/%{name}-%{version}.tar.gz Source1: nginx.service Source2: nginx-njs-0.2.1.tar.gz Patch0: CVE-2009-4487.nopatch + BuildRequires: openssl-devel BuildRequires: pcre-devel BuildRequires: which -Provides: %{name}-filesystem = %{version}-%{release} + +Requires: %{name}-filesystem = %{version}-%{release} +Requires: %{name}-mimetypes %description NGINX is a free, open-source, high-performance HTTP server and reverse proxy, as well as an IMAP/POP3 proxy server. +%package filesystem +Summary: The basic directory layout for the Nginx server +BuildArch: noarch +Requires(pre): shadow-utils + +%description filesystem +The nginx-filesystem package contains the basic directory layout +for the Nginx server including the correct permissions for the +directories. + %prep %autosetup -p1 pushd ../ @@ -29,21 +44,23 @@ popd %build sh configure \ - --prefix=%{_sysconfdir}//nginx \ - --sbin-path=%{_sbindir}/nginx \ - --conf-path=%{_sysconfdir}/nginx/nginx.conf \ - --pid-path=%{_var}/run/nginx.pid \ - --lock-path=%{_var}/run/nginx.lock \ - --error-log-path=%{_var}/log/nginx/error.log \ - --http-log-path=%{_var}/log/nginx/access.log \ --add-module=../nginx-njs/njs-0.2.1/nginx \ - --with-http_ssl_module \ - --with-pcre \ - --with-ipv6 \ - --with-stream \ + --conf-path=%{_sysconfdir}/nginx/nginx.conf \ + --error-log-path=%{_var}/log/nginx/error.log \ + --group=%{nginx_user} \ + --http-log-path=%{_var}/log/nginx/access.log \ + --lock-path=%{_var}/run/nginx.lock \ + --pid-path=%{_var}/run/nginx.pid \ + --prefix=%{_sysconfdir}/nginx \ + --sbin-path=%{_sbindir}/nginx \ + --user=%{nginx_user} \ --with-http_auth_request_module \ + --with-http_ssl_module \ + --with-http_stub_status_module \ --with-http_sub_module \ - --with-http_stub_status_module + --with-ipv6 \ + --with-pcre \ + --with-stream make %{?_smp_mflags} @@ -55,6 +72,16 @@ install -vdm755 %{buildroot}%{_var}/opt/nginx/log ln -sfv %{_var}/opt/nginx/log %{buildroot}%{_var}/log/nginx install -p -m 0644 %{SOURCE1} %{buildroot}%{_libdir}/systemd/system/nginx.service +# Using the ones provided through the "nginx-mimetype" package. +rm -f %{buildroot}%{_sysconfdir}/%{name}/mime.types + +%pre filesystem +getent group %{nginx_user} > /dev/null || groupadd -r %{nginx_user} +getent passwd %{nginx_user} > /dev/null || \ + useradd -r -d %{_localstatedir}/lib/nginx -g %{nginx_user} \ + -s /sbin/nologin -c "Nginx web server" %{nginx_user} +exit 0 + %files %defattr(-,root,root) %license LICENSE @@ -64,7 +91,6 @@ install -p -m 0644 %{SOURCE1} %{buildroot}%{_libdir}/systemd/system/nginx.servic %config(noreplace) %{_sysconfdir}/%{name}/fastcgi_params.default %config(noreplace) %{_sysconfdir}/%{name}/koi-utf %config(noreplace) %{_sysconfdir}/%{name}/koi-win -%config(noreplace) %{_sysconfdir}/%{name}/mime.types %config(noreplace) %{_sysconfdir}/%{name}/mime.types.default %config(noreplace) %{_sysconfdir}/%{name}/nginx.conf %config(noreplace) %{_sysconfdir}/%{name}/nginx.conf.default @@ -79,7 +105,18 @@ install -p -m 0644 %{SOURCE1} %{buildroot}%{_libdir}/systemd/system/nginx.servic %dir %{_var}/opt/nginx/log %{_var}/log/nginx +%files filesystem +%dir %{_sysconfdir}/%{name} + %changelog +* Wed Oct 13 2021 Pawel Winogrodzki - 1.20.1-2 +- Split out "nginx-filesystem" using Fedora 34 spec (license: MIT) as guidance. +- Removing conflicts with "nginx-mimetypes" over "mime.types". +- Fixed changelog history to include version update. + +* Fri Jun 11 2021 Henry Beberman - 1.20.1-1 +- Update to version 1.20.1 to resolve CVE-2021-23017 + * Fri Apr 02 2021 Thomas Crain - 1.16.1-4 - Merge the following releases from 1.0 to dev branch - lihl@microsoft.com, 1.16.1-3: Used autosetup, Added patch to resolve CVE-2019-20372 @@ -91,56 +128,56 @@ install -p -m 0644 %{SOURCE1} %{buildroot}%{_libdir}/systemd/system/nginx.servic * Sat May 09 2020 Nick Samson - 1.16.1-2 - Added %%license line automatically -* Fri Mar 13 2020 Paul Monson 1.16.1-1 -- Update to version 1.16.1. License verified. +* Fri Mar 13 2020 Paul Monson - 1.16.1-1 +- Update to version 1.16.1. License verified. -* Tue Sep 03 2019 Mateusz Malisz 1.15.3-5 -- Initial CBL-Mariner import from Photon (license: Apache2). +* Tue Sep 03 2019 Mateusz Malisz - 1.15.3-5 +- Initial CBL-Mariner import from Photon (license: Apache2). -* Fri Mar 15 2019 Keerthana K 1.15.3-4 -- Enable http_stub_status_module. +* Fri Mar 15 2019 Keerthana K - 1.15.3-4 +- Enable http_stub_status_module. -* Wed Nov 07 2018 Ajay Kaher 1.15.3-3 -- mark config files as non replaceable on upgrade. +* Wed Nov 07 2018 Ajay Kaher - 1.15.3-3 +- mark config files as non replaceable on upgrade. -* Mon Sep 17 2018 Keerthana K 1.15.3-2 -- Adding http_auth_request_module and http_sub_module. +* Mon Sep 17 2018 Keerthana K - 1.15.3-2 +- Adding http_auth_request_module and http_sub_module. -* Fri Sep 7 2018 Him Kalyan Bordoloi 1.15.3-1 -- Upgrade to version 1.15.3 +* Fri Sep 7 2018 Him Kalyan Bordoloi - 1.15.3-1 +- Upgrade to version 1.15.3 -* Fri Jul 20 2018 Keerthana K 1.13.8-3 -- Restarting nginx on failure. +* Fri Jul 20 2018 Keerthana K - 1.13.8-3 +- Restarting nginx on failure. -* Fri Jun 08 2018 Dheeraj Shetty 1.13.8-2 -- adding module njs. +* Fri Jun 08 2018 Dheeraj Shetty - 1.13.8-2 +- adding module njs. -* Fri May 18 2018 Srivatsa S. Bhat 1.13.8-1 -- Update to version 1.13.8 to support nginx-ingress +* Fri May 18 2018 Srivatsa S. Bhat - 1.13.8-1 +- Update to version 1.13.8 to support nginx-ingress -* Thu Dec 28 2017 Divya Thaluru 1.13.5-2 -- Fixed the log file directory structure +* Thu Dec 28 2017 Divya Thaluru - 1.13.5-2 +- Fixed the log file directory structure -* Wed Oct 04 2017 Xiaolin Li 1.13.5-1 -- Update to version 1.13.5 +* Wed Oct 04 2017 Xiaolin Li - 1.13.5-1 +- Update to version 1.13.5 -* Mon May 01 2017 Dheeraj Shetty 1.11.13-2 -- adding module stream to nginx. +* Mon May 01 2017 Dheeraj Shetty - 1.11.13-2 +- adding module stream to nginx. -* Wed Apr 05 2017 Priyesh Padmavilasom 1.11.13-1 -- update to 1.11.13 +* Wed Apr 05 2017 Priyesh Padmavilasom - 1.11.13-1 +- update to 1.11.13 -* Fri Nov 18 2016 Anish Swaminathan 1.10.0-5 -- Add patch for CVE-2016-4450 +* Fri Nov 18 2016 Anish Swaminathan - 1.10.0-5 +- Add patch for CVE-2016-4450 -* Wed Jul 27 2016 Divya Thaluru 1.10.0-4 -- Removed packaging of debug files +* Wed Jul 27 2016 Divya Thaluru - 1.10.0-4 +- Removed packaging of debug files -* Fri Jul 8 2016 Divya Thaluru 1.10.0-3 -- Modified default pid filepath and fixed nginx systemd service +* Fri Jul 8 2016 Divya Thaluru - 1.10.0-3 +- Modified default pid filepath and fixed nginx systemd service -* Tue May 24 2016 Priyesh Padmavilasom 1.10.0-2 -- GA - Bump release of all rpms +* Tue May 24 2016 Priyesh Padmavilasom - 1.10.0-2 +- GA - Bump release of all rpms -* Mon May 16 2016 Xiaolin Li 1.10.0-1 -- Initial build. First version +* Mon May 16 2016 Xiaolin Li - 1.10.0-1 +- Initial build. First version