Commit 8ded1028 authored by Natanael Copa's avatar Natanael Copa
Browse files

Revert "main/nginx: move /var/lib/nginx/tmp to /var/tmp/nginx"

FHS-3.0 says that /var/tmp should survive reboots, but for it is common
practice to ignore FHS for security reasons and wipe dirs that are world

There is no good reason to store nginx data under a world writable
directory, so move it back to /var/lib/nginx/tmp. Other distros does
something similar.

fixes #9246
fixes #10258
ref #9364

This reverts commit d6d624a1.
parent 559eff0d
......@@ -15,7 +15,7 @@ pkgname=nginx
# NOTE: Upgrade only to even-numbered versions (e.g. 1.14.z, 1.16.z)!
# Odd-numbered versions are mainline (development) versions.
# Revision of nginx-tests to use for check().
......@@ -184,11 +184,11 @@ build() {
--conf-path=/etc/$pkgname/$pkgname.conf \
--pid-path=/run/$pkgname/$ \
--lock-path=/run/$pkgname/$pkgname.lock \
--http-client-body-temp-path=/var/tmp/$pkgname/client_body \
--http-proxy-temp-path=/var/tmp/$pkgname/proxy \
--http-fastcgi-temp-path=/var/tmp/$pkgname/fastcgi \
--http-uwsgi-temp-path=/var/tmp/$pkgname/uwsgi \
--http-scgi-temp-path=/var/tmp/$pkgname/scgi \
--http-client-body-temp-path=/var/lib/$pkgname/tmp/client_body \
--http-proxy-temp-path=/var/lib/$pkgname/tmp/proxy \
--http-fastcgi-temp-path=/var/lib/$pkgname/tmp/fastcgi \
--http-uwsgi-temp-path=/var/lib/$pkgname/tmp/uwsgi \
--http-scgi-temp-path=/var/lib/$pkgname/tmp/scgi \
--with-perl_modules_path=/usr/lib/perl5/vendor_perl \
--user=$pkgusers \
......@@ -268,8 +268,7 @@ package() {
install -dm755 ./etc/$pkgname/modules
install -dm750 -o $pkgusers -g $_grp_ngx ./var/lib/$pkgname
install -dm700 -o $pkgusers -g $_grp_ngx ./var/tmp/$pkgname
chmod 1777 "$pkgdir"/var/tmp
install -dm700 -o $pkgusers -g $_grp_ngx ./var/lib/$pkgname/tmp
install -dm755 -g $_grp_www ./var/www/localhost/htdocs
install -dm755 ./var/log
......@@ -277,7 +276,6 @@ package() {
ln -sf /$_modules_dir ./var/lib/$pkgname/modules
ln -sf /var/log/$pkgname ./var/lib/$pkgname/logs
ln -sf /var/tmp/$pkgname ./var/lib/$pkgname/tmp
ln -sf /run/$pkgname ./var/lib/$pkgname/run
# Remove archaic charset maps.
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment