summaryrefslogtreecommitdiff
path: root/patches/source/httpd
diff options
context:
space:
mode:
authorPatrick J Volkerding <volkerdi@slackware.com>2018-05-25 23:29:36 +0000
committerEric Hameleers <alien@slackware.com>2018-05-31 15:10:50 -0700
commit329684b59b8d55dd403c2c59f76d37210ba2f517 (patch)
tree10421c6ee3bf179d50915cc00d4c15c1b83cb77a /patches/source/httpd
parentb76270bf9e6dd375e495fec92140a79a79415d27 (diff)
downloadcurrent-329684b59b8d55dd403c2c59f76d37210ba2f517.tar.gz
Fri May 25 23:29:36 UTC 201813.1
patches/packages/glibc-zoneinfo-2018e-noarch-2_slack13.1.txz: Rebuilt. Handle removal of US/Pacific-New timezone. If we see that the machine is using this, it will be automatically switched to US/Pacific.
Diffstat (limited to 'patches/source/httpd')
-rw-r--r--patches/source/httpd/README34
-rw-r--r--patches/source/httpd/apache-2.2.CVE-2017-9798.optionsbleed.patch21
-rw-r--r--patches/source/httpd/config.layout.diff30
-rw-r--r--patches/source/httpd/doinst.sh71
-rwxr-xr-xpatches/source/httpd/httpd.SlackBuild227
-rw-r--r--patches/source/httpd/httpd.brigade_move.__noinline__.gcc451.diff10
-rw-r--r--patches/source/httpd/httpd.nossldefault.diff11
-rw-r--r--patches/source/httpd/httpd.runasapache.diff13
-rw-r--r--patches/source/httpd/httpd.url2
-rw-r--r--patches/source/httpd/logrotate.httpd12
-rw-r--r--patches/source/httpd/rc.httpd35
-rw-r--r--patches/source/httpd/slack-desc19
12 files changed, 485 insertions, 0 deletions
diff --git a/patches/source/httpd/README b/patches/source/httpd/README
new file mode 100644
index 00000000..796bb29a
--- /dev/null
+++ b/patches/source/httpd/README
@@ -0,0 +1,34 @@
+WARNING
+
+This script builds a package that conflicts with apache1. Before
+attempting to install this package, you should uninstall any of
+these packages that you find on your system:
+
+apache
+mod_ssl
+php
+
+Really though, the only points of overlap are in /usr/sbin, so if you
+leave your old packages in place apache2 will still work, but the
+apache1 httpd will have been overwritten (along with other files)
+
+Apache is the most popular web server in the known universe; over half
+the servers on the Internet are running Apache or one of its variants.
+
+By default, we build apache2 with the traditional "apache prefork" multi
+processing module (MPM). This is somewhat safer for the use of mod_php,
+but can still carry some security risks (all your php scripts run as the
+user configured to run apache2).
+
+For enhanced multi-threaded performance, use "apache worker", but using
+mod_php with "worker" is considered dangerous. PHP Core is multi-thread
+safe, but many PHP extensions are *NOT*. To build apache2 with the
+worker MPM, change the option to: --with-mpm=worker
+
+Please note that this script does not build apache2 with SuEXEC support.
+The Apache group feels SuEXEC should not be part of a default install.
+If you need this functionality, please read the following documentation
+and make the necessary changes to the ./configure options in the script.
+
+ http://httpd.apache.org/docs/2.0/suexec.html
+
diff --git a/patches/source/httpd/apache-2.2.CVE-2017-9798.optionsbleed.patch b/patches/source/httpd/apache-2.2.CVE-2017-9798.optionsbleed.patch
new file mode 100644
index 00000000..4c3ebaab
--- /dev/null
+++ b/patches/source/httpd/apache-2.2.CVE-2017-9798.optionsbleed.patch
@@ -0,0 +1,21 @@
+CVE-2017-9798
+
+Backport from https://svn.apache.org/viewvc?view=revision&revision=1807655
+
+diff --git a/server/core.c b/server/core.c
+index f61699e..d24542e 100644
+--- a/server/core.c
++++ b/server/core.c
+@@ -1809,6 +1809,12 @@ AP_CORE_DECLARE_NONSTD(const char *) ap_limit_section(cmd_parms *cmd,
+ /* method has not been registered yet, but resorce restriction
+ * is always checked before method handling, so register it.
+ */
++ if (cmd->pool == cmd->temp_pool) {
++ /* In .htaccess, we can't globally register new methods. */
++ return apr_psprintf(cmd->pool, "Could not register method '%s' "
++ "for %s from .htaccess configuration",
++ method, cmd->cmd->name);
++ }
+ methnum = ap_method_register(cmd->pool, method);
+ }
+
diff --git a/patches/source/httpd/config.layout.diff b/patches/source/httpd/config.layout.diff
new file mode 100644
index 00000000..c302515f
--- /dev/null
+++ b/patches/source/httpd/config.layout.diff
@@ -0,0 +1,30 @@
+--- ./config.layout.orig 2004-11-21 12:50:36.000000000 -0600
++++ ./config.layout 2007-05-23 13:35:20.000000000 -0500
+@@ -322,3 +322,27 @@
+ installbuilddir: ${prefix}/etc/apache2/build
+ errordir: ${datadir}/error
+ </Layout>
++
++# FHS layout
++<Layout Slackware-FHS>
++ prefix: /usr
++ exec_prefix: ${prefix}
++ bindir: ${prefix}/bin
++ sbindir: ${prefix}/sbin
++ libdir: ${prefix}/lib/httpd
++ libexecdir: ${prefix}/lib/httpd/modules
++ installbuilddir: ${prefix}/lib/httpd/build
++ mandir: ${prefix}/man
++ sysconfdir: /etc/httpd
++ datadir: /srv/httpd
++ iconsdir: ${datadir}/icons
++ htdocsdir: ${datadir}/htdocs
++ manualdir: ${htdocsdir}/manual
++ cgidir: ${datadir}/cgi-bin
++ errordir: ${datadir}/error
++ includedir: ${prefix}/include/httpd
++ localstatedir: /var
++ runtimedir: ${localstatedir}/run/httpd
++ logfiledir: ${localstatedir}/log/httpd
++ proxycachedir: ${localstatedir}/cache/httpd
++</Layout>
diff --git a/patches/source/httpd/doinst.sh b/patches/source/httpd/doinst.sh
new file mode 100644
index 00000000..e233c362
--- /dev/null
+++ b/patches/source/httpd/doinst.sh
@@ -0,0 +1,71 @@
+#!/bin/sh
+
+config() {
+ NEW="$1"
+ OLD="`dirname $NEW`/`basename $NEW .new`"
+ # If there's no config file by that name, mv it over:
+ if [ ! -r $OLD ]; then
+ mv $NEW $OLD
+ elif [ "`cat $OLD | md5sum`" = "`cat $NEW | md5sum`" ]; then # toss the redundant copy
+ rm $NEW
+ fi
+ # Otherwise, we leave the .new copy for the admin to consider...
+}
+
+preserve_perms() {
+ NEW="$1"
+ OLD="$(dirname ${NEW})/$(basename ${NEW} .new)"
+ if [ -e ${OLD} ]; then
+ cp -a ${OLD} ${NEW}.incoming
+ cat ${NEW} > ${NEW}.incoming
+ mv ${NEW}.incoming ${NEW}
+ fi
+ # Don't use config() -- we always want to install this, changed or unchanged.
+ #config ${NEW}
+}
+
+if [ ! -e var/log/httpd ]; then
+ mkdir -p var/log/httpd
+ chmod 755 var/log/httpd
+fi
+
+# Don't wipe out an existing document root with symlinks. If someone has
+# replaced the symlinks that are created on a fresh installation, assume
+# that they know what they are doing and leave things as-is.
+if [ ! -e srv/www ]; then
+ ( cd srv ; ln -sf /var/www www )
+fi
+if [ ! -e srv/httpd ]; then
+ ( cd srv ; ln -sf /var/www httpd )
+fi
+
+# Once again, our intent is not to wipe out anyone's
+# site, but building in Apache's docs tree is not as
+# good an idea as picking a unique DocumentRoot.
+#
+# Still, we will do what we can here to mitigate
+# possible site damage:
+if [ -r var/www/htdocs/index.html ]; then
+ if [ ! -r "var/log/packages/httpd-*upgraded*" ]; then
+ if [ var/www/htdocs/index.html -nt var/log/packages/httpd-*-? ]; then
+ cp -a var/www/htdocs/index.html var/www/htdocs/index.html.bak.$$
+ fi
+ fi
+fi
+
+# Keep same perms when installing rc.httpd.new:
+preserve_perms etc/rc.d/rc.httpd.new
+# Always install the new rc.httpd:
+mv etc/rc.d/rc.httpd.new etc/rc.d/rc.httpd
+
+# Handle config files. Unless this is a fresh installation, the
+# admin will have to move the .new files into place to complete
+# the package installation, as we don't want to clobber files that
+# may contain local customizations.
+config etc/httpd/httpd.conf.new
+config etc/logrotate.d/httpd.new
+for conf_file in etc/httpd/extra/*.new; do
+ config $conf_file
+done
+config var/www/htdocs/index.html.new
+
diff --git a/patches/source/httpd/httpd.SlackBuild b/patches/source/httpd/httpd.SlackBuild
new file mode 100755
index 00000000..3480fcd8
--- /dev/null
+++ b/patches/source/httpd/httpd.SlackBuild
@@ -0,0 +1,227 @@
+#!/bin/sh
+
+# Copyright 2006, 2007, 2008, 2009, 2010, 2011, 2017 Patrick J. Volkerding, Sebeka, MN, USA
+# All rights reserved.
+#
+# Redistribution and use of this script, with or without modification, is
+# permitted provided that the following conditions are met:
+#
+# 1. Redistributions of this script must retain the above copyright
+# notice, this list of conditions and the following disclaimer.
+#
+# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED
+# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO
+# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
+# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
+# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
+# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+# This script was written using the one from slackbuilds.org as a reference,
+# so thanks to Adis Nezirovic ( adis _at_ linux.org.ba ) for the original work.
+
+
+PKGNAM=httpd
+VERSION=${VERSION:-$(echo $PKGNAM-*.tar.bz2 | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
+BUILD=${BUILD:-2_slack13.1}
+
+# Automatically determine the architecture we're building on:
+if [ -z "$ARCH" ]; then
+ case "$( uname -m )" in
+ i?86) export ARCH=i486 ;;
+ arm*) export ARCH=arm ;;
+ # Unless $ARCH is already set, use uname -m for all other archs:
+ *) export ARCH=$( uname -m ) ;;
+ esac
+fi
+
+NUMJOBS=${NUMJOBS:-" -j7 "}
+
+CWD=$(pwd)
+TMP=${TMP:-/tmp}
+PKG=$TMP/package-${PKGNAM}
+rm -rf $PKG
+mkdir -p $TMP $PKG
+
+if [ "$ARCH" = "i486" ]; then
+ SLKCFLAGS="-O2 -march=i486 -mtune=i686"
+ LIBDIRSUFFIX=""
+elif [ "$ARCH" = "s390" ]; then
+ SLKCFLAGS="-O2"
+ LIBDIRSUFFIX=""
+elif [ "$ARCH" = "x86_64" ]; then
+ SLKCFLAGS="-O2 -fPIC"
+ LIBDIRSUFFIX="64"
+else
+ SLKCFLAGS="-O2"
+ LIBDIRSUFFIX=""
+fi
+
+cd $TMP
+rm -rf ${PKGNAM}-${VERSION}
+tar xvf $CWD/${PKGNAM}-$VERSION.tar.bz2 || exit 1
+cd ${PKGNAM}-$VERSION
+
+# Patch CVE-2017-9798 ("optionsbleed"):
+zcat $CWD/apache-2.2.CVE-2017-9798.optionsbleed.patch.gz | patch -p1 --verbose || exit 1
+
+# Make sure ownerships and permissions are sane:
+chown -R root:root .
+find . \
+ \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \
+ -exec chmod 755 {} \; -o \
+ \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \
+ -exec chmod 644 {} \;
+
+# "prefork" is the default, safe, mpm type. If you *are not* using PHP, and you
+# like to live on the bleeding edge, you may wish to change the --with-mpm option
+# to "worker", which is the new way of doing things, but is multithreaded and
+# many scripts (especially PHP ones) are not multithread safe.
+#
+# I'd leave this option the way is it on any production box that's keeping up
+# with HTTP requests. No reason to chance it, IMHO.
+
+zcat $CWD/config.layout.diff.gz | sed -e "s#lib/httpd#lib${LIBDIRSUFFIX}/httpd#" | patch --verbose -p1 || exit 1
+
+# Patch to fix aliasing issue exposed by gcc-4.5.1:
+zcat $CWD/httpd.brigade_move.__noinline__.gcc451.diff.gz | patch --verbose -p1 || exit 1
+
+# Configure:
+CFLAGS="$SLKCFLAGS" \
+CXXFLAGS="$SLKCFLAGS" \
+./configure \
+ --enable-layout=Slackware-FHS \
+ --with-mpm=prefork \
+ --with-apr=/usr \
+ --with-apr-util=/usr \
+ --enable-mods-shared=all \
+ --enable-so \
+ --enable-pie \
+ --enable-cgi \
+ --with-pcre \
+ --enable-ssl \
+ --enable-rewrite \
+ --enable-vhost-alias \
+ --enable-proxy \
+ --enable-proxy-http \
+ --enable-proxy-ftp \
+ --enable-proxy-balancer \
+ --enable-cache \
+ --enable-mem-cache \
+ --enable-file-cache \
+ --enable-disk-cache \
+ --disable-speling \
+ --enable-dav \
+ --enable-ldap \
+ --enable-authnz-ldap \
+ --enable-authn-anon \
+ --enable-authn-alias \
+ --build=$ARCH-slackware-linux || exit 1
+
+# Build and install:
+make $NUMJOBS || make || exit 1
+make install DESTDIR=$PKG || exit 1
+
+rmdir $PKG/usr/bin
+
+# Tweak default apache configuration
+( cd $PKG
+ zcat $CWD/httpd.nossldefault.diff.gz | sed -e "s#lib/httpd#lib${LIBDIRSUFFIX}/httpd#" | patch -p1 --verbose || exit 1
+ zcat $CWD/httpd.runasapache.diff.gz | patch -p1 --verbose || exit 1
+ rm -f $PKG/etc/httpd/httpd.conf~ $PKG/etc/httpd/httpd.conf.orig
+) || exit 1
+# Change config files to .new:
+( cd $PKG/etc/httpd
+ mv httpd.conf httpd.conf.new
+ for file in extra/*; do
+ mv $file "${file}.new"
+ done
+)
+
+cat << EOF >> $PKG/etc/httpd/httpd.conf.new
+
+# Uncomment the following line to enable PHP:
+#
+#Include /etc/httpd/mod_php.conf
+
+# Uncomment the following lines to enable svn support:
+#
+#LoadModule dav_svn_module lib${LIBDIRSUFFIX}/httpd/modules/mod_dav_svn.so
+#LoadModule authz_svn_module lib${LIBDIRSUFFIX}/httpd/modules/mod_authz_svn.so
+
+EOF
+
+rmdir $PKG/var/log/httpd
+
+mkdir -p $PKG/etc/rc.d
+cat $CWD/rc.httpd > $PKG/etc/rc.d/rc.httpd.new
+
+mkdir -p $PKG/etc/logrotate.d
+cat $CWD/logrotate.httpd > $PKG/etc/logrotate.d/httpd.new
+
+mkdir -p $PKG/install
+cat $CWD/slack-desc > $PKG/install/slack-desc
+zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh
+
+mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION/
+cp -a \
+ ABOUT_APACHE Apache.dsw BuildBin.dsp CHANGES INSTALL InstallBin.dsp LAYOUT LICENSE NOTICE NWGNUmakefile README* ROADMAP VERSIONING \
+ $PKG/usr/doc/$PKGNAM-$VERSION
+
+# Other distributions also strip the manual down to just English.
+# If this isn't your language of choice, mea culpa.
+( cd $PKG/srv/httpd/htdocs/manual
+ for file in $(find . -type f -name "*.html") ; do
+ if [ -f ${file}.en ]; then
+ cp ${file}.en ${file}
+ rm -f ${file}.*
+ fi
+ done
+)
+
+# On Slackware, the traditional location for the Apache document root has always
+# been "/var/www/htdocs/". We can avoid an unpleasant surprise for people by
+# leaving things where they've always been, and comply with the FHS by providing
+# symlinks allowing access through the FHS-approved pathnames. KDE, for example,
+# will look for htdig's htsearch here: /var/www/cgi-bin/htsearch
+mv $PKG/srv/httpd $PKG/var/www
+
+## DISABLED. Don't make these symlinks prior to packaging any more, as it is
+## possibly dangerous to an existing document root created in the place where
+## these symlinks are normally found. Instead, we make them in the install
+## script (only if nothing exists there already)
+#( cd $PKG/srv
+# ln -sf /var/www .
+# ln -sf /var/www httpd
+#)
+
+# OK, it's just not generally good form to put your web site in /var/www/htdocs,
+# but people do it every day. Like all new .new files, this won't save them this
+# time, but if they don't learn their lesson now then it will the next time:
+mv $PKG/var/www/htdocs/index.html $PKG/var/www/htdocs/index.html.new
+
+# Strip binaries:
+find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \
+ | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null
+
+# Compress and link manpages, if any:
+if [ -d $PKG/usr/man ]; then
+ ( cd $PKG/usr/man
+ for manpagedir in $(find . -type d -name "man*") ; do
+ ( cd $manpagedir
+ for eachpage in $( find . -type l -maxdepth 1) ; do
+ ln -s $( readlink $eachpage ).gz $eachpage.gz
+ rm $eachpage
+ done
+ gzip -9 *.*
+ )
+ done
+ )
+fi
+
+cd $PKG
+/sbin/makepkg -l y -c n $TMP/${PKGNAM}-$VERSION-$ARCH-$BUILD.txz
+
diff --git a/patches/source/httpd/httpd.brigade_move.__noinline__.gcc451.diff b/patches/source/httpd/httpd.brigade_move.__noinline__.gcc451.diff
new file mode 100644
index 00000000..e8915ae4
--- /dev/null
+++ b/patches/source/httpd/httpd.brigade_move.__noinline__.gcc451.diff
@@ -0,0 +1,10 @@
+--- ./server/core_filters.c.orig 2010-02-26 03:32:15.000000000 -0600
++++ ./server/core_filters.c 2011-02-12 13:23:22.000000000 -0600
+@@ -83,6 +83,7 @@
+ *
+ * XXXX: Should this function be added to APR-Util?
+ */
++__attribute__((__noinline__))
+ static void brigade_move(apr_bucket_brigade *b, apr_bucket_brigade *a,
+ apr_bucket *e)
+ {
diff --git a/patches/source/httpd/httpd.nossldefault.diff b/patches/source/httpd/httpd.nossldefault.diff
new file mode 100644
index 00000000..bcf891f8
--- /dev/null
+++ b/patches/source/httpd/httpd.nossldefault.diff
@@ -0,0 +1,11 @@
+--- ./etc/httpd/httpd.conf.orig 2007-05-17 23:40:15.000000000 -0500
++++ ./etc/httpd/httpd.conf 2007-05-18 15:55:38.000000000 -0500
+@@ -88,7 +88,7 @@
+ LoadModule proxy_http_module lib/httpd/modules/mod_proxy_http.so
+ LoadModule proxy_ajp_module lib/httpd/modules/mod_proxy_ajp.so
+ LoadModule proxy_balancer_module lib/httpd/modules/mod_proxy_balancer.so
+-LoadModule ssl_module lib/httpd/modules/mod_ssl.so
++#LoadModule ssl_module lib/httpd/modules/mod_ssl.so
+ LoadModule mime_module lib/httpd/modules/mod_mime.so
+ LoadModule dav_module lib/httpd/modules/mod_dav.so
+ LoadModule status_module lib/httpd/modules/mod_status.so
diff --git a/patches/source/httpd/httpd.runasapache.diff b/patches/source/httpd/httpd.runasapache.diff
new file mode 100644
index 00000000..c1954ec3
--- /dev/null
+++ b/patches/source/httpd/httpd.runasapache.diff
@@ -0,0 +1,13 @@
+--- ./etc/httpd/httpd.conf.orig 2008-02-14 15:24:21.000000000 -0600
++++ ./etc/httpd/httpd.conf 2008-02-14 15:34:58.000000000 -0600
+@@ -125,8 +125,8 @@
+ # It is usually good practice to create a dedicated user and group for
+ # running httpd, as with most system services.
+ #
+-User daemon
+-Group daemon
++User apache
++Group apache
+
+ </IfModule>
+ </IfModule>
diff --git a/patches/source/httpd/httpd.url b/patches/source/httpd/httpd.url
new file mode 100644
index 00000000..36beb7d8
--- /dev/null
+++ b/patches/source/httpd/httpd.url
@@ -0,0 +1,2 @@
+http://www.apache.org/dist/httpd/httpd-2.2.32.tar.bz2
+http://www.apache.org/dist/httpd/httpd-2.2.32.tar.bz2.asc
diff --git a/patches/source/httpd/logrotate.httpd b/patches/source/httpd/logrotate.httpd
new file mode 100644
index 00000000..cc638367
--- /dev/null
+++ b/patches/source/httpd/logrotate.httpd
@@ -0,0 +1,12 @@
+/var/log/httpd/*_log {
+ rotate 10
+ notifempty
+ missingok
+ size=5M
+ compress
+ delaycompress
+ sharedscripts
+ postrotate
+ /etc/rc.d/rc.httpd restart
+ endscript
+}
diff --git a/patches/source/httpd/rc.httpd b/patches/source/httpd/rc.httpd
new file mode 100644
index 00000000..064f6ea4
--- /dev/null
+++ b/patches/source/httpd/rc.httpd
@@ -0,0 +1,35 @@
+#!/bin/sh
+#
+# /etc/rc.d/rc.httpd
+#
+# Start/stop/restart/graceful[ly restart]/graceful[ly]-stop
+# the Apache (httpd) web server.
+#
+# To make Apache start automatically at boot, make this
+# file executable: chmod 755 /etc/rc.d/rc.httpd
+#
+# For information on these options, "man apachectl".
+
+case "$1" in
+ 'start')
+ /usr/sbin/apachectl -k start
+ ;;
+ 'stop')
+ /usr/sbin/apachectl -k stop
+ killall httpd
+ rm -f /var/run/httpd/*.pid
+ ;;
+ 'restart')
+ /usr/sbin/apachectl -k restart
+ ;;
+ 'graceful')
+ /usr/sbin/apachectl -k graceful
+ ;;
+ 'graceful-stop')
+ /usr/sbin/apachectl -k graceful-stop
+ ;;
+ *)
+ echo "Usage: $0 {start|stop|restart|graceful|graceful-stop}"
+ ;;
+esac
+
diff --git a/patches/source/httpd/slack-desc b/patches/source/httpd/slack-desc
new file mode 100644
index 00000000..38d240b6
--- /dev/null
+++ b/patches/source/httpd/slack-desc
@@ -0,0 +1,19 @@
+# HOW TO EDIT THIS FILE:
+# The "handy ruler" below makes it easier to edit a package description. Line
+# up the first '|' above the ':' following the base package name, and the '|'
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
+# customary to leave one space after the ':'.
+
+ |-----handy-ruler------------------------------------------------------|
+httpd: httpd (The Apache HTTP Server)
+httpd:
+httpd: Apache is an HTTP server designed as a plug-in replacement for the
+httpd: NCSA HTTP server. It fixes numerous bugs in the NCSA server and
+httpd: includes many frequently requested new features, and has an API which
+httpd: allows it to be extended to meet users' needs more easily.
+httpd:
+httpd: Apache is the most popular web server in the known universe; over
+httpd: half of the servers on the Internet are running Apache or one of
+httpd: its variants.
+httpd: