Page MenuHomeFreeBSD

Update pkg message for apache's latest security model
ClosedPublic

Authored by ler on Mar 16 2017, 7:10 PM.
Tags
None
Referenced Files
Unknown Object (File)
Jan 25 2024, 12:48 AM
Unknown Object (File)
Jan 17 2024, 2:54 AM
Unknown Object (File)
Dec 20 2023, 3:37 AM
Unknown Object (File)
Dec 4 2023, 1:19 PM
Unknown Object (File)
Dec 1 2023, 5:00 AM
Unknown Object (File)
Dec 1 2023, 5:00 AM
Unknown Object (File)
Dec 1 2023, 5:00 AM
Unknown Object (File)
Dec 1 2023, 5:00 AM
Subscribers

Details

Summary

Update pkg message for apache 2.4 users for Apache 2.4's new security model.
PR: 217850
Submitted By: dirkx@webweaving.org
Approved By: (adamw|rene) (Mentor)

Test Plan

poudriere
portlint

Diff Detail

Repository
rP FreeBSD ports repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

Hold off on this, I'm not sure I want to do it. See my comments in #217850

Saying that you should add the AddHandler is a bad idea. It is not always true, many people use php through the fpm mechanism, this is why only the mod_php* ports tell you to add them.

loose the handler, and add apache 2.4 lines

www/joomla3/files/pkg-message.in
14 ↗(On Diff #26380)

IIRC, that's not quite right. apache24 doesn't just add that line, it needs to replace at least the Allow from all line (possibly the Order line too?).

www/joomla3/files/pkg-message.in
14 ↗(On Diff #26380)

that's how I have it for my installation at https://joomla.lerctr.org/

so, I'm not inclined to change that.

www/joomla3/files/pkg-message.in
14 ↗(On Diff #26380)

You have

Allow from all
Require all granted

in your apache 2.4 setup?

www/joomla3/files/pkg-message.in
14 ↗(On Diff #26380)

yes.

<VirtualHost 192.147.25.65:443>

ServerName joomla.lerctr.org
DocumentRoot /usr/local/www/joomla3
ErrorLog "/var/log/httpd/joomla-ssl-error_log"
CustomLog "/var/log/httpd/joomla-ssl-access_log" common

 <Location />
  Order deny,allow
  allow from all
  require all granted
 </Location>

TIL!

Go for it, but with 3 changes:

  1. Capitalize the R in Required to fit the other lines.
  2. Improve your commit message. Right now it's confusing and doesn't really say what the commit is about. Really it's about showing Apache 2.4 users what to do, not about a changing security model.
  3. You need more fields than just PR. This change was submitted by someone who deserves credit, and it needs an Approved by: field.
This revision is now accepted and ready to land.Mar 18 2017, 3:06 AM
This revision was automatically updated to reflect the committed changes.