--- /dev/null
+.de Sh \" Subsection
+.br
+.if t .Sp
+.ne 5
+.PP
+\fB\\$1\fR
+.PP
+..
+.de Sp \" Vertical space (when we can't use .PP)
+.if t .sp .5v
+.if n .sp
+..
+.de Ip \" List item
+.br
+.ie \\n(.$>=3 .ne \\$3
+.el .ne 3
+.IP "\\$1" \\$2
+..
+.TH "GSEXEC" 8 "2005-05-27" "GridSite Apache Extensions" "gsexec"
+
+.SH NAME
+gsexec \- Switch user before executing external programs
+
+.SH "SYNOPSIS"
+
+.PP
+\fBgsexec\fR -\fBV\fR
+
+
+.SH "SUMMARY"
+
+.PP
+gsexec is used by the Apache HTTP Server to switch to another user before
+executing CGI programs\&. In order to achieve this, it must run as root\&.
+Since the HTTP daemon normally doesn't run as root, the gsexec executable
+needs the setuid bit set and must be owned by root\&. It should never be
+writable for any other person than root\&.
+
+.PP
+gsexec is based on Apache's suexec.
+For further information about the concepts and the security model of
+the original suexec
+please refer to the suexec documentation:
+
+(http://httpd\&.apache\&.org/docs-2\&.0/suexec\&.html)\&.
+
+
+.SH "OPTIONS"
+
+
+.TP
+-V
+If you are root, this option displays the compile options of gsexec\&.
+For security reasons all configuration options are changeable only at
+compile time\&.
+
$(prefix)/bin \
$(prefix)/sbin \
$(prefix)/share/man/man1 \
+ $(prefix)/share/man/man8 \
$(prefix)/lib/httpd/modules \
$(prefix)/share/doc/gridsite-$(PATCH_VERSION)
cp -f ../interface/gridsite.h $(prefix)/include
cp -f doxygen/* $(prefix)/share/doc/gridsite-$(PATCH_VERSION)
cp -f ../CHANGES ../README ../INSTALL ../LICENSE ../VERSION \
$(prefix)/share/doc/gridsite-$(PATCH_VERSION)
- cp -f ../doc/*.html ../doc/*.conf ../doc/*.1 ../doc/*.sh \
+ cp -f ../doc/*.html ../doc/*.conf ../doc/*.1 ../doc/*.8 ../doc/*.sh \
$(prefix)/share/doc/gridsite-$(VERSION)
cp -f ../doc/*.1 $(prefix)/share/man/man1
+ cp -f ../doc/*.8 $(prefix)/share/man/man8
gzip -f $(prefix)/share/man/man1/*.1
- cd ../doc ; for i in *.1 ; do ../src/roffit < $$i \
+ gzip -f $(prefix)/share/man/man8/*.8
+ cd ../doc ; for i in *.1 *.8 ; do ../src/roffit < $$i \
> $(prefix)/share/doc/gridsite-$(VERSION)/$$i.html ; done
cp -f htcp $(prefix)/bin
ln -sf htcp $(prefix)/bin/htls
ln -sf htcp $(prefix)/bin/htll
ln -sf htcp $(prefix)/bin/htrm
ln -sf htcp $(prefix)/bin/htmkdir
+ cp -f gsexec $(prefix)/sbin
cp -f mod_gridsite.so $(prefix)/lib/httpd/modules
#
roffit gridsite.spec \
Doxyfile doxygen.css doxyheader.html \
../gridsite-$(PATCH_VERSION)/src
- cp -f ../doc/*.html ../doc/*.1 ../doc/*.conf ../doc/*.sh \
+ cp -f ../doc/*.html ../doc/*.1 ../doc/*.8 ../doc/*.conf ../doc/*.sh \
../gridsite-$(PATCH_VERSION)/doc
cp -f ../interface/*.h \
../gridsite-$(PATCH_VERSION)/interface
Vendor: GridPP
#Requires: libxml2,curl-ssl,mod_ssl
#Buildrequires: libxml2-devel,curl-ssl-devel,httpd-devel
-Packager: Andrew McNab <Andrew.McNab@man.ac.uk>
+Packager: Andrew McNab <Andrew.McNab@manchester.ac.uk>
%description
GridSite adds GSI, VOMS and GACL support to Apache 2.0 (mod_gridsite),
onto remote servers using HTTPS. htcp is similar to scp(1), but uses
HTTP/HTTPS rather than ssh as its transfer protocol.
+%package gsexec
+Group: Applications/Internet
+Summary: gsexec binary for the Apache HTTP server
+#Requires: curl-ssl
+
+%description gsexec
+This package includes the /usr/sbin/gsexec binary which can be installed
+to allow the Apache HTTP server to run CGI programs (and any programs
+executed by SSI pages) as a user other than the 'apache' user. gsexec
+is a drop-in replacement for suexec, with extended functionality for use
+with GridSite and Grid Security credentials.
+
%prep
%setup
%attr(-, root, root) %(echo ${MYPREFIX:-/usr})/share/man/man1/htls.1.gz
%attr(-, root, root) %(echo ${MYPREFIX:-/usr})/share/man/man1/htll.1.gz
%attr(-, root, root) %(echo ${MYPREFIX:-/usr})/share/man/man1/htmkdir.1.gz
+
+%files gsexec
+%attr(-, root, root) %(echo ${MYPREFIX:-/usr})/sbin/gsexec
+%attr(-, root, root) %(echo ${MYPREFIX:-/usr})/share/man/man8/gsexec.8.gz
git://scientific.zcu.cz / jra1mw.git / commitdiff