summarylogtreecommitdiffstats
path: root/nginx.install
blob: d80514afe352b5c71f88980e5ce73888fa5ba911 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
post_upgrade() {
  if (( $(vercmp $2 1.2.7-4) <= 0 )); then
    chmod 750 var/log/nginx
    chown http:log var/log/nginx
  fi

  if (( $(vercmp $2 1.2.1-2) <= 0 )); then
    echo ':: Since 1.2.1-2 several changes has been made in package:'
    echo '     - *.conf files have been moved to /etc/nginx'
    echo '     - /etc/conf.d/nginx has been removed'
    echo '       Main configuration file is set to /etc/nginx/nginx.conf'
    echo '     - access.log and error.log can be found in /var/log/nginx by default'
    echo '     - bundled *.html files have been moved to /usr/share/nginx/html'
    echo '     - /etc/nginx/{html,logs} symbolic links and *.default files have been removed'
  fi

  if (( $(vercmp $2 1.10.2-3) < 0)); then
    chown root:root var/log/nginx
  fi

  if (( $(vercmp $2 1.10.3-2) < 0 )); then
    chmod 755 var/log/nginx
    echo ':: Security notice:'
    echo '     - When additional log directories are used in /var/log/nginx make sure they'
    echo '       are owned by root:root and have 755 set as permission to mitigate CVE-2016-1247'
  fi
}