Summary: mod_ruid is an Apache module that acts similarly to mod_suid2, but uses a posix exension Name: mod_ruid Version: 0.6 Release: 3.art License: Apache Group: System Environment/Base Source: http://websupport.sk/~stanojr/projects/mod_ruid/mod_ruid-0.6.tar.gz Source1: mod_ruid.conf BuildRoot: /var/tmp/%{name}-buildroot Requires: httpd BuildRequires: httpd-devel libcap-devel %description mod_ruid is suexec module for apache 2.0, based on mod_suid2 -it runs only on linux because afaik only linux has implemented posix 1003.1e capabilities -it has better performance than mod_suid2 because it doesn`t need to kill httpd children after one request. it makes use of kernel capabilites and after receiving a new request suids again. -there are some security issues, for instance if attacker successfully exploits the httpd process, he can set effective capabilities and setuid to root. %prep %setup -q %build apxs -l cap -c %{name}.c ld -Bshareable -l cap -o %{name}.so %{name}.o %install [ "$RPM_BUILD_ROOT" != "/" ] && rm -rf $RPM_BUILD_ROOT mkdir -p $RPM_BUILD_ROOT%{_libdir}/httpd/modules install -m755 %{name}.so $RPM_BUILD_ROOT%{_libdir}/httpd/modules # Install the config file mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.d install -m 644 $RPM_SOURCE_DIR/mod_ruid.conf \ $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.d/ruid.conf %clean [ "$RPM_BUILD_ROOT" != "/" ] && rm -rf $RPM_BUILD_ROOT %files %defattr(-,root,root) %{_libdir}/httpd/modules/*.so %config(noreplace) %{_sysconfdir}/httpd/conf.d/*.conf %post echo "Check out %{_sysconfdir}/httpd/conf.d/ruid.conf for" echo "some %{name} examples." %changelog * Mon Aug 07 2006 Jacob Leaver - add conf file to sources * Sun Feb 05 2006 Jacob Leaver - initial RPM spec