[oe] [meta-webserver][PATCH V2 2/2] apache2: change files layout to debian style

Dengke Du dengke.du at windriver.com
Fri Sep 15 03:18:21 UTC 2017 

The default layout installs log files and pid files into /var/apache2/logs.
This is odd and also will cause security issues because selinux does not know
how to label the security contexts for the files.

Signed-off-by: Xin Ouyang <Xin.Ouyang at windriver.com>
Signed-off-by: Dengke Du <dengke.du at windriver.com>
---
 meta-webserver/recipes-httpd/apache2/apache2_2.4.27.bb | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/meta-webserver/recipes-httpd/apache2/apache2_2.4.27.bb b/meta-webserver/recipes-httpd/apache2/apache2_2.4.27.bb
index c7e7b54..1880867 100644
--- a/meta-webserver/recipes-httpd/apache2/apache2_2.4.27.bb
+++ b/meta-webserver/recipes-httpd/apache2/apache2_2.4.27.bb
@@ -59,9 +59,13 @@ EXTRA_OECONF = "--enable-ssl \
     ac_cv_have_threadsafe_pollset=no"
 
 PACKAGECONFIG ?= "${@bb.utils.filter('DISTRO_FEATURES', 'selinux', d)}"
-PACKAGECONFIG[selinux] = "--enable-selinux,--disable-selinux,libselinux,libselinux"
+PACKAGECONFIG[selinux] = "--enable-selinux --enable-layout=Debian --prefix=${base_prefix}/,--disable-selinux,libselinux,libselinux"
 PACKAGECONFIG[openldap] = "--enable-ldap --enable-authnz-ldap,--disable-ldap --disable-authnz-ldap,openldap"
 
+do_configure_prepend() {
+        sed -i -e 's:$''{prefix}/usr/lib/cgi-bin:$''{libdir}/cgi-bin:g' ${S}/config.layout
+}
+
 do_install_append() {
     install -d ${D}/${sysconfdir}/init.d
     cat ${WORKDIR}/init | \
@@ -111,6 +115,7 @@ do_install_append_class-target() {
 
     sed -i -e 's,${STAGING_DIR_HOST},,g' \
            -e 's,".*/configure","configure",g' ${D}${datadir}/apache2/build/config.nice
+    rm -rf ${D}${localstatedir}/run
 }
 
 SYSROOT_PREPROCESS_FUNCS += "apache_sysroot_preprocess"
@@ -184,3 +189,6 @@ FILES_${PN}-dbg += "${libdir}/${BPN}/modules/.debug"
 RDEPENDS_${PN} += "openssl libgcc"
 RDEPENDS_${PN}-scripts += "perl ${PN}"
 RDEPENDS_${PN}-dev = "perl"
+
+FILES_${PN} += "${libdir}/cgi-bin"
+FILES_${PN} += "${datadir}/${BPN}/"
-- 
2.8.1

More information about the Openembedded-devel mailing list