mirror of
https://github.com/Ponce/slackbuilds
synced 2024-11-24 10:02:29 +01:00
network/mod_hosts_access: Build bump, various changes.
Signed-off-by: Erik Hanson <erik@slackbuilds.org>
This commit is contained in:
parent
b9ad855296
commit
7cd192a0d8
6 changed files with 43 additions and 50 deletions
|
@ -3,37 +3,4 @@ mod_hosts_access
|
|||
This is a DSO (dynamically shared object) module for the Apache webserver
|
||||
that uses libwrap (TCP Wrappers) to check if the connecting hosts is allowed.
|
||||
|
||||
This system works well with dynamic blocking scripts, such as DenyHosts, and
|
||||
configfile distribution systems, such as Cfengine. Especially if other blocking
|
||||
methods differ between hosts at a site (e.g. kernel-level firewalling means).
|
||||
|
||||
You'll need to add the following line to /etc/httpd/httpd.conf:
|
||||
Include /etc/httpd/mod_hosts_access.conf
|
||||
|
||||
LoadModule hosts_access_module lib/httpd/modules/mod_hosts_access.so
|
||||
|
||||
The /etc/hosts.{allow,deny} access control checking for the "httpd" service
|
||||
can now be enabled or disabled on a per directory basis, by adding HostsAccess
|
||||
directive to its declaration, e.g. again in /etc/httpd/httpd.conf:
|
||||
|
||||
# First, we configure the "default" to be a very restrictive set of
|
||||
# permissions.
|
||||
#
|
||||
#<Directory />
|
||||
# HostsAccess On
|
||||
# Options FollowSymLinks
|
||||
# AllowOverride None
|
||||
#</Directory>
|
||||
|
||||
To test, restart apache for it to load the module; edit /etc/hosts.allow
|
||||
adding a line like the following:
|
||||
|
||||
httpd: localhost: deny
|
||||
|
||||
Access from 'localhost' (127.0.0.1) should now be disallowed, thus requesting
|
||||
the index page should fail, to verify try:
|
||||
|
||||
lynx -dump localhost
|
||||
|
||||
The same can be done in a .htaccess file if AllowOverride Limit has been set.
|
||||
|
||||
See also: README.SLACKWARE
|
||||
|
|
33
network/mod_hosts_access/README.SLACKWARE
Normal file
33
network/mod_hosts_access/README.SLACKWARE
Normal file
|
@ -0,0 +1,33 @@
|
|||
This system works well with dynamic blocking scripts, such as DenyHosts, and
|
||||
configfile distribution systems, such as Cfengine. Especially if other blocking
|
||||
methods differ between hosts at a site (e.g. kernel-level firewalling means).
|
||||
|
||||
You'll need to add the following line to /etc/httpd/httpd.conf:
|
||||
Include /etc/httpd/mod_hosts_access.conf
|
||||
|
||||
LoadModule hosts_access_module lib/httpd/modules/mod_hosts_access.so
|
||||
|
||||
The /etc/hosts.{allow,deny} access control checking for the "httpd" service
|
||||
can now be enabled or disabled on a per directory basis, by adding HostsAccess
|
||||
directive to its declaration, e.g. again in /etc/httpd/httpd.conf:
|
||||
|
||||
# First, we configure the "default" to be a very restrictive set of
|
||||
# permissions.
|
||||
#
|
||||
#<Directory />
|
||||
# HostsAccess On
|
||||
# Options FollowSymLinks
|
||||
# AllowOverride None
|
||||
#</Directory>
|
||||
|
||||
To test, restart apache for it to load the module; edit /etc/hosts.allow
|
||||
adding a line like the following:
|
||||
|
||||
httpd: localhost: deny
|
||||
|
||||
Access from 'localhost' (127.0.0.1) should now be disallowed, thus requesting
|
||||
the index page should fail, to verify try:
|
||||
|
||||
lynx -dump localhost
|
||||
|
||||
The same can be done in a .htaccess file if AllowOverride Limit has been set.
|
|
@ -11,5 +11,4 @@ config() {
|
|||
# Otherwise, we leave the .new copy for the admin to consider...
|
||||
}
|
||||
|
||||
config etc/mod_hosts_access.conf.new
|
||||
|
||||
config etc/httpd/mod_hosts_access.conf.new
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
|
||||
# Slackware build script for mod_hosts_access (libwrap support in Apache)
|
||||
|
||||
# Written by Menno E. Duursma
|
||||
# Written by Menno Duursma
|
||||
|
||||
# This program is free software. It comes without any warranty.
|
||||
# Granted WFTPL, Version 2, as published by Sam Hocevar. See
|
||||
|
@ -10,15 +10,13 @@
|
|||
|
||||
PRGNAM=mod_hosts_access
|
||||
VERSION=1.1.0
|
||||
BUILD=${BUILD:-1}
|
||||
BUILD=${BUILD:-2}
|
||||
TAG=${TAG:-_SBo}
|
||||
|
||||
# Automatically determine the architecture we're building on:
|
||||
if [ -z "$ARCH" ]; then
|
||||
case "$( uname -m )" in
|
||||
i?86) ARCH=i486 ;;
|
||||
arm*) ARCH=arm ;;
|
||||
# Unless $ARCH is already set, use uname -m for all other archs:
|
||||
*) ARCH=$( uname -m ) ;;
|
||||
esac
|
||||
fi
|
||||
|
@ -53,27 +51,23 @@ cd $PRGNAM-$VERSION
|
|||
chown -R root:root .
|
||||
chmod -R a-s,u+w,go+r-w .
|
||||
|
||||
# Create target dir
|
||||
mkdir -p $PKG/usr/lib${LIBDIRSUFFIX}/httpd/modules
|
||||
|
||||
# Compile module as DSO (dynmically shared object)
|
||||
CFLAGS="$SLACKFLAGS" apxs -ca mod_hosts_access.c -lwrap -lnsl
|
||||
|
||||
# copy into place
|
||||
cp .libs/mod_hosts_access.so $PKG/usr/lib${LIBDIRSUFFIX}/httpd/modules
|
||||
|
||||
mkdir -p $PKG/etc/httpd
|
||||
sed "s%@baselibdir@%lib${LIBDIRSUFFIX}%" $CWD/mod_hosts_access.conf > \
|
||||
sed "s%@baselibdir@%lib${LIBDIRSUFFIX}%" $CWD/config/mod_hosts_access.conf > \
|
||||
$PKG/etc/httpd/mod_hosts_access.conf.new
|
||||
|
||||
( cd $PKG || exit 1
|
||||
find . -type f | xargs file | grep -e "executable" -e "shared object" | \
|
||||
find $PKG -type f | xargs file | grep -e "executable" -e "shared object" | \
|
||||
grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null
|
||||
)
|
||||
|
||||
mkdir -p $PKG/usr/doc/$PRGNAM-$VERSION
|
||||
cp -a [A-Z]* $PKG/usr/doc/$PRGNAM-$VERSION
|
||||
cat $CWD/$PRGNAM.SlackBuild > $PKG/usr/doc/$PRGNAM-$VERSION/$PRGNAM.SlackBuild
|
||||
cat $CWD/README.SLACKWARE > $PKG/usr/doc/$PRGNAM-$VERSION/README.SLACKWARE
|
||||
|
||||
mkdir -p $PKG/install
|
||||
cat $CWD/slack-desc > $PKG/install/slack-desc
|
||||
|
|
|
@ -5,6 +5,6 @@ DOWNLOAD="http://downloads.sourceforge.net/httpd-garage/mod_hosts_access-1.1.0.t
|
|||
MD5SUM="2e4fd22e778c8d98d433344a46421eb7"
|
||||
DOWNLOAD_x86_64=""
|
||||
MD5SUM_x86_64=""
|
||||
MAINTAINER="Menno E. Duursma"
|
||||
MAINTAINER="Menno Duursma"
|
||||
EMAIL="druiloor@zonnet.nl"
|
||||
APPROVED="rworkman,Erik Hanson"
|
||||
APPROVED="Erik Hanson"
|
||||
|
|
Loading…
Reference in a new issue