From 814f7672b146934f69e3c93713be3c64dbba2663 Mon Sep 17 00:00:00 2001 From: Frank Brehm Date: Fri, 11 Mar 2016 13:57:46 +0100 Subject: [PATCH] saving uncommitted changes in /etc prior to emerge run --- apache2/httpd.conf | 47 ++++++++++++++++------ apache2/magic | 3 ++ apache2/modules.d/00_apache_manual.conf | 9 ++--- apache2/modules.d/00_default_settings.conf | 12 +++--- apache2/modules.d/00_error_documents.conf | 3 +- apache2/modules.d/00_mod_autoindex.conf | 3 +- apache2/modules.d/00_mod_info.conf | 4 +- apache2/modules.d/00_mod_mime.conf | 9 ----- apache2/modules.d/00_mod_status.conf | 4 +- apache2/modules.d/00_mod_userdir.conf | 6 +-- apache2/modules.d/00_mpm.conf | 30 +++++++------- apache2/modules.d/40_mod_ssl.conf | 8 ++-- apache2/modules.d/46_mod_ldap.conf | 4 +- apache2/vhosts.d/00_default_vhost.conf | 5 +-- apache2/vhosts.d/default_vhost.include | 8 ++-- init.d/apache2 | 1 + 16 files changed, 78 insertions(+), 78 deletions(-) diff --git a/apache2/httpd.conf b/apache2/httpd.conf index f139a3f9..0494b0f0 100644 --- a/apache2/httpd.conf +++ b/apache2/httpd.conf @@ -1,4 +1,4 @@ -# This is a modification of the default Apache 2.2 configuration file +# This is a modification of the default Apache 2.4 configuration file # for Gentoo Linux. # # Support: @@ -13,9 +13,9 @@ # # This is the main Apache HTTP server configuration file. It contains the # configuration directives that give the server its instructions. -# See for detailed information. +# See for detailed information. # In particular, see -# +# # for a discussion of each configuration directive. # # Do NOT simply read the instructions in here without understanding @@ -36,6 +36,7 @@ # ServerRoot at a non-local disk, be sure to point the LockFile directive # at a local disk. If you wish to share the same ServerRoot for multiple # httpd daemons, you will need to change at least LockFile and PidFile. +# Comment: The LockFile directive has been replaced by the Mutex directive ServerRoot "/usr/lib64/apache2" # Dynamic Shared Object (DSO) Support @@ -58,6 +59,7 @@ ServerRoot "/usr/lib64/apache2" # # Change these at your own risk! +LoadModule access_compat_module modules/mod_access_compat.so LoadModule actions_module modules/mod_actions.so LoadModule alias_module modules/mod_alias.so LoadModule asis_module modules/mod_asis.so @@ -65,17 +67,17 @@ LoadModule auth_basic_module modules/mod_auth_basic.so LoadModule auth_digest_module modules/mod_auth_digest.so -LoadModule authn_alias_module modules/mod_authn_alias.so LoadModule authn_anon_module modules/mod_authn_anon.so +LoadModule authn_core_module modules/mod_authn_core.so LoadModule authn_dbd_module modules/mod_authn_dbd.so LoadModule authn_dbm_module modules/mod_authn_dbm.so -LoadModule authn_default_module modules/mod_authn_default.so LoadModule authn_file_module modules/mod_authn_file.so LoadModule authnz_ldap_module modules/mod_authnz_ldap.so +LoadModule authz_core_module modules/mod_authz_core.so +LoadModule authz_dbd_module modules/mod_authz_dbd.so LoadModule authz_dbm_module modules/mod_authz_dbm.so -LoadModule authz_default_module modules/mod_authz_default.so LoadModule authz_groupfile_module modules/mod_authz_groupfile.so LoadModule authz_host_module modules/mod_authz_host.so LoadModule authz_owner_module modules/mod_authz_owner.so @@ -84,6 +86,9 @@ LoadModule autoindex_module modules/mod_autoindex.so LoadModule cache_module modules/mod_cache.so + +LoadModule cache_disk_module modules/mod_cache_disk.so + LoadModule cern_meta_module modules/mod_cern_meta.so LoadModule cgi_module modules/mod_cgi.so LoadModule cgid_module modules/mod_cgid.so @@ -100,9 +105,6 @@ LoadModule dav_lock_module modules/mod_dav_lock.so LoadModule dbd_module modules/mod_dbd.so LoadModule deflate_module modules/mod_deflate.so LoadModule dir_module modules/mod_dir.so - -LoadModule disk_cache_module modules/mod_disk_cache.so - LoadModule dumpio_module modules/mod_dumpio.so LoadModule env_module modules/mod_env.so LoadModule expires_module modules/mod_expires.so @@ -112,6 +114,9 @@ LoadModule file_cache_module modules/mod_file_cache.so LoadModule filter_module modules/mod_filter.so LoadModule headers_module modules/mod_headers.so + +LoadModule http2_module modules/mod_http2.so + LoadModule ident_module modules/mod_ident.so LoadModule imagemap_module modules/mod_imagemap.so LoadModule include_module modules/mod_include.so @@ -124,9 +129,7 @@ LoadModule ldap_module modules/mod_ldap.so LoadModule log_config_module modules/mod_log_config.so LoadModule log_forensic_module modules/mod_log_forensic.so LoadModule logio_module modules/mod_logio.so - -LoadModule mem_cache_module modules/mod_mem_cache.so - +LoadModule macro_module modules/mod_macro.so LoadModule mime_module modules/mod_mime.so LoadModule mime_magic_module modules/mod_mime_magic.so LoadModule negotiation_module modules/mod_negotiation.so @@ -143,13 +146,32 @@ LoadModule proxy_balancer_module modules/mod_proxy_balancer.so LoadModule proxy_connect_module modules/mod_proxy_connect.so +LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so + + LoadModule proxy_ftp_module modules/mod_proxy_ftp.so +LoadModule proxy_html_module modules/mod_proxy_html.so + + LoadModule proxy_http_module modules/mod_proxy_http.so + +LoadModule proxy_scgi_module modules/mod_proxy_scgi.so + + +LoadModule proxy_wstunnel_module modules/mod_proxy_wstunnel.so + +LoadModule ratelimit_module modules/mod_ratelimit.so +LoadModule remoteip_module modules/mod_remoteip.so +LoadModule reqtimeout_module modules/mod_reqtimeout.so LoadModule rewrite_module modules/mod_rewrite.so LoadModule setenvif_module modules/mod_setenvif.so +LoadModule slotmem_shm_module modules/mod_slotmem_shm.so + +LoadModule socache_shmcb_module modules/mod_socache_shmcb.so + LoadModule speling_module modules/mod_speling.so LoadModule ssl_module modules/mod_ssl.so @@ -162,6 +184,7 @@ LoadModule substitute_module modules/mod_substitute.so LoadModule suexec_module modules/mod_suexec.so LoadModule unique_id_module modules/mod_unique_id.so +LoadModule unixd_module modules/mod_unixd.so LoadModule userdir_module modules/mod_userdir.so diff --git a/apache2/magic b/apache2/magic index 0de73361..7c56119e 100644 --- a/apache2/magic +++ b/apache2/magic @@ -262,6 +262,9 @@ #0 string CP color pointer #0 string BA bitmap array +0 string \x89PNG image/png +0 string FWS application/x-shockwave-flash +0 string CWS application/x-shockwave-flash #------------------------------------------------------------------------------ # lisp: file(1) magic for lisp programs diff --git a/apache2/modules.d/00_apache_manual.conf b/apache2/modules.d/00_apache_manual.conf index f4ff1004..56991515 100644 --- a/apache2/modules.d/00_apache_manual.conf +++ b/apache2/modules.d/00_apache_manual.conf @@ -1,17 +1,16 @@ # Provide access to the documentation on your server as # http://yourserver.example.com/manual/ # The documentation is always available at -# http://httpd.apache.org/docs/2.2/ +# http://httpd.apache.org/docs/2.4/ -AliasMatch ^/manual(?:/(?:de|en|es|fr|ja|ko|pt-br))?(/.*)?$ "/usr/share/doc/apache-2.2.31/manual$1" +AliasMatch ^/manual(?:/(?:de|en|es|fr|ja|ko|pt-br))?(/.*)?$ "/usr/share/doc/apache-2.4.18/manual$1" - + Options Indexes AllowOverride None - Order allow,deny - Allow from all + Require all granted SetHandler type-map diff --git a/apache2/modules.d/00_default_settings.conf b/apache2/modules.d/00_default_settings.conf index afa8d911..38635aa9 100644 --- a/apache2/modules.d/00_default_settings.conf +++ b/apache2/modules.d/00_default_settings.conf @@ -69,13 +69,13 @@ HostnameLookups Off # filesystems or if support for these functions is otherwise # broken on your system. EnableMMAP On -EnableSendfile On +EnableSendfile Off -# FileEtag: Configures the file attributes that are used to create +# FileETag: Configures the file attributes that are used to create # the ETag (entity tag) response header field when the document is # based on a static file. (The ETag value is used in cache management # to save network bandwidth.) -FileEtag INode MTime Size +FileETag MTime Size # ContentDigest: This directive enables the generation of Content-MD5 # headers as defined in RFC1864 respectively RFC2616. @@ -107,8 +107,7 @@ LogLevel warn Options FollowSymLinks AllowOverride None - Order deny,allow - Deny from all + Require all denied # DirectoryIndex: sets the file that Apache will serve if a directory @@ -126,8 +125,7 @@ LogLevel warn # The following lines prevent .htaccess and .htpasswd files from being # viewed by Web clients. - Order allow,deny - Deny from all + Require all denied # vim: ts=4 filetype=apache diff --git a/apache2/modules.d/00_error_documents.conf b/apache2/modules.d/00_error_documents.conf index 815668ff..61479fa5 100644 --- a/apache2/modules.d/00_error_documents.conf +++ b/apache2/modules.d/00_error_documents.conf @@ -30,8 +30,7 @@ Alias /error/ "/usr/share/apache2/error/" Options IncludesNoExec AddOutputFilter Includes html AddHandler type-map var - Order allow,deny - Allow from all + Require all granted LanguagePriority en cs de es fr it ja ko nl pl pt-br ro sv tr ForceLanguagePriority Prefer Fallback diff --git a/apache2/modules.d/00_mod_autoindex.conf b/apache2/modules.d/00_mod_autoindex.conf index 097410ad..10bf4831 100644 --- a/apache2/modules.d/00_mod_autoindex.conf +++ b/apache2/modules.d/00_mod_autoindex.conf @@ -9,8 +9,7 @@ Alias /icons/ "/usr/share/apache2/icons/" Options Indexes MultiViews AllowOverride None - Order allow,deny - Allow from all + Require all granted diff --git a/apache2/modules.d/00_mod_info.conf b/apache2/modules.d/00_mod_info.conf index 809c2232..2cd32c47 100644 --- a/apache2/modules.d/00_mod_info.conf +++ b/apache2/modules.d/00_mod_info.conf @@ -3,9 +3,7 @@ # http://servername/server-info SetHandler server-info - Order deny,allow - Deny from all - Allow from 127.0.0.1 + Require local diff --git a/apache2/modules.d/00_mod_mime.conf b/apache2/modules.d/00_mod_mime.conf index 51f23d55..fb8a9a5d 100644 --- a/apache2/modules.d/00_mod_mime.conf +++ b/apache2/modules.d/00_mod_mime.conf @@ -1,12 +1,3 @@ -# DefaultType: the default MIME type the server will use for a document -# if it cannot otherwise determine one, such as from filename extensions. -# If your server contains mostly text or HTML documents, "text/plain" is -# a good value. If most of your content is binary, such as applications -# or images, you may want to use "application/octet-stream" instead to -# keep browsers from trying to display binary files as though they are -# text. -DefaultType text/plain - # TypesConfig points to the file containing the list of mappings from # filename extension to MIME-type. diff --git a/apache2/modules.d/00_mod_status.conf b/apache2/modules.d/00_mod_status.conf index edd46a4d..ed8b3c7c 100644 --- a/apache2/modules.d/00_mod_status.conf +++ b/apache2/modules.d/00_mod_status.conf @@ -3,9 +3,7 @@ # with the URL of http://servername/server-status SetHandler server-status - Order deny,allow - Deny from all - Allow from 127.0.0.1 + Require local # ExtendedStatus controls whether Apache will generate "full" status diff --git a/apache2/modules.d/00_mod_userdir.conf b/apache2/modules.d/00_mod_userdir.conf index da7d0fb3..0087126c 100644 --- a/apache2/modules.d/00_mod_userdir.conf +++ b/apache2/modules.d/00_mod_userdir.conf @@ -11,12 +11,10 @@ UserDir public_html AllowOverride FileInfo AuthConfig Limit Indexes Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec - Order allow,deny - Allow from all + Require all granted - Order deny,allow - Deny from all + Require all denied diff --git a/apache2/modules.d/00_mpm.conf b/apache2/modules.d/00_mpm.conf index 20effa92..bcb9b6b4 100644 --- a/apache2/modules.d/00_mpm.conf +++ b/apache2/modules.d/00_mpm.conf @@ -4,10 +4,10 @@ # identification number when it starts. # # DO NOT CHANGE UNLESS YOU KNOW WHAT YOU ARE DOING -PidFile /var/run/apache2.pid +PidFile /run/apache2.pid # The accept serialization lock file MUST BE STORED ON A LOCAL DISK. -#LockFile /var/run/apache2.lock +# Mutex file:/run/apache_mpm_mutex # Only one of the below sections will be relevant on your # installed httpd. Use "/usr/sbin/apache2 -l" to find out the @@ -17,9 +17,9 @@ PidFile /var/run/apache2.pid # These configuration directives apply to all MPMs # # StartServers: Number of child server processes created at startup -# MaxClients: Maximum number of child processes to serve requests -# MaxRequestsPerChild: Limit on the number of requests that an individual child -# server will handle during its life +# MaxRequestWorkers: Maximum number of child processes to serve requests +# MaxConnectionsPerChild: Limit on the number of connections that an individual +# child server will handle during its life # prefork MPM @@ -31,8 +31,8 @@ PidFile /var/run/apache2.pid StartServers 5 MinSpareServers 5 MaxSpareServers 10 - MaxClients 150 - MaxRequestsPerChild 10000 + MaxRequestWorkers 150 + MaxConnectionsPerChild 10000 # worker MPM @@ -46,8 +46,8 @@ PidFile /var/run/apache2.pid MinSpareThreads 25 MaxSpareThreads 75 ThreadsPerChild 25 - MaxClients 150 - MaxRequestsPerChild 10000 + MaxRequestWorkers 150 + MaxConnectionsPerChild 10000 # event MPM @@ -60,8 +60,8 @@ PidFile /var/run/apache2.pid MinSpareThreads 25 MaxSpareThreads 75 ThreadsPerChild 25 - MaxClients 150 - MaxRequestsPerChild 10000 + MaxRequestWorkers 150 + MaxConnectionsPerChild 10000 # peruser MPM @@ -76,8 +76,8 @@ PidFile /var/run/apache2.pid MinSpareProcessors 2 MinProcessors 2 MaxProcessors 10 - MaxClients 150 - MaxRequestsPerChild 1000 + MaxRequestWorkers 150 + MaxConnectionsPerChild 1000 ExpireTimeout 1800 Multiplexer nobody nobody @@ -92,8 +92,8 @@ PidFile /var/run/apache2.pid StartServers 5 MinSpareServers 5 MaxSpareServers 10 - MaxClients 150 - MaxRequestsPerChild 10000 + MaxRequestWorkers 150 + MaxConnectionsPerChild 10000 # vim: ts=4 filetype=apache diff --git a/apache2/modules.d/40_mod_ssl.conf b/apache2/modules.d/40_mod_ssl.conf index 82df7606..f51de464 100644 --- a/apache2/modules.d/40_mod_ssl.conf +++ b/apache2/modules.d/40_mod_ssl.conf @@ -10,7 +10,7 @@ SSLRandomSeed connect builtin # This is the Apache server configuration file providing SSL support. # It contains the configuration directives to instruct the server how to # serve pages over an https connection. For detailing information about these -# directives see +# directives see # Do NOT simply read the instructions in here without understanding # what they do. They're here only as hints or reminders. If you are unsure @@ -50,14 +50,14 @@ SSLPassPhraseDialog builtin ## Inter-Process Session Cache: # Configure the SSL Session Cache: First the mechanism to use and second the # expiring timeout (in seconds). -#SSLSessionCache dbm:/var/run/ssl_scache -SSLSessionCache shmcb:/var/run/ssl_scache(512000) +#SSLSessionCache dbm:/run/ssl_scache +SSLSessionCache shmcb:/run/ssl_scache(512000) SSLSessionCacheTimeout 300 ## Semaphore: # Configure the path to the mutual exclusion semaphore the SSL engine uses # internally for inter-process synchronization. -SSLMutex file:/var/run/ssl_mutex +Mutex file:/run/apache_ssl_mutex ssl-cache ## SSL Compression: # Known to be vulnerable thus disabled by default (bug #507324). diff --git a/apache2/modules.d/46_mod_ldap.conf b/apache2/modules.d/46_mod_ldap.conf index c2893f82..883061fe 100644 --- a/apache2/modules.d/46_mod_ldap.conf +++ b/apache2/modules.d/46_mod_ldap.conf @@ -11,9 +11,7 @@ LDAPOpCacheTTL 600 SetHandler ldap-status - Order deny,allow - Deny from all - Allow from 127.0.0.1 + Require local diff --git a/apache2/vhosts.d/00_default_vhost.conf b/apache2/vhosts.d/00_default_vhost.conf index 9fa425a8..b9766b5f 100644 --- a/apache2/vhosts.d/00_default_vhost.conf +++ b/apache2/vhosts.d/00_default_vhost.conf @@ -6,7 +6,7 @@ # IP addresses. This is indicated by the asterisks in the directives below. # # Please see the documentation at -# +# # for further details before you try to setup virtual hosts. # # You may use the command line option '-S' to verify your virtual host @@ -25,9 +25,6 @@ #Listen 12.34.56.78:80 Listen 80 -# Use name-based virtual hosting. -NameVirtualHost *:80 - # When virtual hosts are enabled, the main host defined in the default # httpd.conf configuration will go away. We redefine it here so that it is # still available. diff --git a/apache2/vhosts.d/default_vhost.include b/apache2/vhosts.d/default_vhost.include index 6d45888b..af6ece85 100644 --- a/apache2/vhosts.d/default_vhost.include +++ b/apache2/vhosts.d/default_vhost.include @@ -21,7 +21,7 @@ DocumentRoot "/var/www/localhost/htdocs" # doesn't give it to you. # # The Options directive is both complicated and important. Please see - # http://httpd.apache.org/docs/2.2/mod/core.html#options + # http://httpd.apache.org/docs/2.4/mod/core.html#options # for more information. Options Indexes FollowSymLinks @@ -31,8 +31,7 @@ DocumentRoot "/var/www/localhost/htdocs" AllowOverride All # Controls who can get stuff from this server. - Order allow,deny - Allow from all + Require all granted @@ -66,8 +65,7 @@ DocumentRoot "/var/www/localhost/htdocs" AllowOverride None Options None - Order allow,deny - Allow from all + Require all granted # vim: ts=4 filetype=apache diff --git a/init.d/apache2 b/init.d/apache2 index 155747f1..eebc130c 100755 --- a/init.d/apache2 +++ b/init.d/apache2 @@ -58,6 +58,7 @@ checkconfd() { } checkconfig() { + checkpath --directory /run/apache_ssl_mutex checkconfd || return 1 ${APACHE2} ${APACHE2_OPTS} -t 1>/dev/null 2>&1 -- 2.39.5