diff options
Diffstat (limited to 'nginx.install')
-rw-r--r-- | nginx.install | 44 |
1 files changed, 25 insertions, 19 deletions
diff --git a/nginx.install b/nginx.install index 7c4adf14bd9a..d80514afe352 100644 --- a/nginx.install +++ b/nginx.install @@ -1,21 +1,27 @@ post_upgrade() { - if (( $(vercmp $2 1.2.7-4) <= 0 )); then - chmod 750 var/log/nginx - chown http:log var/log/nginx - fi - if (( $(vercmp $2 1.2.1-2) <= 0 )); then - echo ' >>> Since 1.2.1-2 several changes has been made in package:' - echo ' - *.conf files have been moved to /etc/nginx' - echo ' - /etc/conf.d/nginx has been removed' - echo ' Main configuration file is set to /etc/nginx/nginx.conf' - echo ' - access.log and error.log can be found in /var/log/nginx by default' - echo ' - bundled *.html files have been moved to /usr/share/nginx/html' - echo ' - /etc/nginx/{html,logs} symbolic links and *.default files have been removed' - fi - if (( $(vercmp $2 1.4.2-4) < 0 )); then - echo 'Nginx now includes only upstream bundled modules.' - echo 'Thus, passenger module support was dropped.' - fi -} + if (( $(vercmp $2 1.2.7-4) <= 0 )); then + chmod 750 var/log/nginx + chown http:log var/log/nginx + fi + + if (( $(vercmp $2 1.2.1-2) <= 0 )); then + echo ':: Since 1.2.1-2 several changes has been made in package:' + echo ' - *.conf files have been moved to /etc/nginx' + echo ' - /etc/conf.d/nginx has been removed' + echo ' Main configuration file is set to /etc/nginx/nginx.conf' + echo ' - access.log and error.log can be found in /var/log/nginx by default' + echo ' - bundled *.html files have been moved to /usr/share/nginx/html' + echo ' - /etc/nginx/{html,logs} symbolic links and *.default files have been removed' + fi -# vim:set ts=4 sw=4 et: + if (( $(vercmp $2 1.10.2-3) < 0)); then + chown root:root var/log/nginx + fi + + if (( $(vercmp $2 1.10.3-2) < 0 )); then + chmod 755 var/log/nginx + echo ':: Security notice:' + echo ' - When additional log directories are used in /var/log/nginx make sure they' + echo ' are owned by root:root and have 755 set as permission to mitigate CVE-2016-1247' + fi +} |