[arch-commits] Commit in darkhttpd/trunk (3 files)

Christian Hesse eworm at archlinux.org
Tue Nov 28 22:22:42 UTC 2017 

    Date: Tuesday, November 28, 2017 @ 22:22:40
  Author: eworm
Revision: 270518

upgpkg: darkhttpd 1.12-4

some security enhancements

Modified:
  darkhttpd/trunk/PKGBUILD
  darkhttpd/trunk/darkhttpd.service
  darkhttpd/trunk/darkhttpd at .service

--------------------+
 PKGBUILD           |   18 ++++++++++++------
 darkhttpd.service  |    4 ++++
 darkhttpd at .service |    4 ++++
 3 files changed, 20 insertions(+), 6 deletions(-)

Modified: PKGBUILD
===================================================================
--- PKGBUILD	2017-11-28 21:34:08 UTC (rev 270517)
+++ PKGBUILD	2017-11-28 22:22:40 UTC (rev 270518)
@@ -3,22 +3,28 @@
 
 pkgname=darkhttpd
 pkgver=1.12
-pkgrel=3
+pkgrel=4
 pkgdesc="A small and secure static webserver"
 arch=('x86_64')
-url="http://dmr.ath.cx/net/darkhttpd/"
+url="https://unix4lyfe.org/darkhttpd/"
 license=('BSD')
-depends=()
 backup=('etc/conf.d/mimetypes')
 source=("$url/$pkgname-$pkgver.tar.bz2"
         'darkhttpd.service'
         'darkhttpd at .service')
 sha256sums=('a50417b622b32b5f421b3132cb94ebeff04f02c5fb87fba2e31147d23de50505'
-            'c8168205f933f5d38b1b790db40f9173670b9cfc85b84dcad397ddf326cb791c'
-            'f17058480ffc1df0a3ada78c2e574d084d57e49c1e43cdf1a95bbd2d57dcf26e')
+            'e53ae82993f6c996c0c54ccbbd9307811501cf01404c441b48b2c79f9384fa27'
+            '0bfbe13c93ba87d8ea08ab85745c92cebcbc6b627616e7c58d6099a234a59841')
 
+prepare() {
+  cd "$srcdir/$pkgname-$pkgver"
+
+  sed -i 's/$(CFLAGS)/$(CFLAGS) $(LDFLAGS)/' Makefile
+}
+
 build() {
   cd "$srcdir/$pkgname-$pkgver"
+
   make
 }
 
@@ -36,5 +42,5 @@
 
   # install license
   install -d "$pkgdir/usr/share/licenses/$pkgname"
-  head -n 18 darkhttpd.c > "$pkgdir/usr/share/licenses/$pkgname/LICENSE"
+  sed -n '1,/^$/p' darkhttpd.c > "$pkgdir/usr/share/licenses/$pkgname/LICENSE"
 }

Modified: darkhttpd.service
===================================================================
--- darkhttpd.service	2017-11-28 21:34:08 UTC (rev 270517)
+++ darkhttpd.service	2017-11-28 22:22:40 UTC (rev 270518)
@@ -5,6 +5,10 @@
 [Service]
 Type=simple
 ExecStart=/usr/bin/darkhttpd /srv/http --uid http --gid http --chroot --no-listing --mimetypes /etc/conf.d/mimetypes
+ProtectSystem=full
+ProtectHome=on
+PrivateDevices=on
+NoNewPrivileges=on
 
 [Install]
 WantedBy=multi-user.target

Modified: darkhttpd at .service
===================================================================
--- darkhttpd at .service	2017-11-28 21:34:08 UTC (rev 270517)
+++ darkhttpd at .service	2017-11-28 22:22:40 UTC (rev 270518)
@@ -5,6 +5,10 @@
 [Service]
 Type=simple
 ExecStart=/usr/bin/darkhttpd /srv/http --uid http --gid http --chroot --no-listing --mimetypes /etc/conf.d/mimetypes --addr %i
+ProtectSystem=full
+ProtectHome=on
+PrivateDevices=on
+NoNewPrivileges=on
 
 [Install]
 WantedBy=multi-user.target

More information about the arch-commits mailing list